[Cryptech Tech] Alpha board strategy

[Joachim Strömbergson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Шатов Павел wrote:
> 1. CPU The deciding factor for the CPU should not be the FPGA
> interface. It took me <2 weeks to develop EIM arbiter from scratch.
> Basically we can use any CPU with external SRAM-like data bus, I can
> modify EIM arbiter accordingly, it is not a problem. i.MX seems to be
> an overkill (do we need 2D/3D graphics, HDMI, audio codec, PCI,
> etc?). The deciding factor should be the person who will program the
>  CPU. Right now we have a stable running base system for i.MX. If we
> choose something different, will someone be able to port this system
> to the new CPU in some reasonable time? If yes, then I suggest that
> we try to select something smaller. If no, then let's stick with i.MX
> so far.

The purpose of the alpha rev one version is to get to a real board as
soon as possible, not spend more time to find the perfect CPU.

Selecting the i.mx6 makes sense because we know that we can run cryptlib
on it now, and that we know how to interface the FPGA with it. Being
able to easily port your EIM interface to other FPGA architectures was
one factor that we considered.

There are tons of ARM-based MCUs out there. Unfortunately many of them
are tergeted for embedded systems and includes a lot of functionality to
reduce the cost in those applications, functionality we don't want to have.

If we can get the CPU core in the MCU to run at full speed without
binary boot code (which the RPi requires) we might have to live with
having excess functionality for the time being. If we really want to
have our own CPU design with just the peripherals we need we probably
need to use a soft core in a FPGA.

But if you know of a very clean A9-based ARM MCU then please tell us.


> 2.1) I advice against using two FPGAs on the same board. At least for
> the first version of Alpha Board. Having two FPGAs will complicate
> the layout, moreover debugging two FPGAs requires much effort and
> will require development of master/slave arbiters to handle data
> transfer between FPGAs. In our current FPGA design we have
> conditional synthesis flags. End users can simply comment 
> USE_CORE_XXX lines and rebuild the project to exclude unnecessary
> stuff from the design and make fit into available amount of logic.
> Another option is to use a pair of two Alpha Boards if one is not
> enough, the first board can contain hashes and the second board can
> contain ciphers. Yet another option is to provide an expansion
> connector in our Alpha Board and place second FPGA on a separate
> small extension PCB, that we will develop later when we have Alpha 
> Board running.


Having the pads and traces for a second FPGA connected to the primary
FPGA is not complicated. And interfacing two FPGAs is not hard at all.
Debugging them is imho not very hard either. I've done it before. If we
would trust the FPGA vendors there are even ready made soft cores to do so.

Conditional synthesis is very good. But does not solve the problem of
running out of resources for the specific use case.



> 2.2) I don't know why bunnie chose LX45 in Novena, we can use LX75
> which is two times larger with free ISE license: 
> http://www.xilinx.com/publications/matrix/Software_matrix.pdf 
> <http://www.xilinx.com/publications/matrix/Software_matrix.pdf>

We want to have at least 2x headroom compared to LX45 or C5, probably
more to be on the safe side for the first iteration. This is why I




> 2.3) Why have you chosen Altera C7 device? C7 implies that we are
> talking about GX variant of Cyclone V. All the G- variants have
> built-in transceivers. Do we actually need them? If we don't, then E
> device (A7/A9) is more appropriate, it is basically equivalent to
> GX/GS without transceivers. Why pay for something that we will never
> need?

Good point. The dev boards for CycloneV i've seen are all with
C-devices. But since we do it ourselves and will not be using the high
speed I/O macros they are a waste of good momey.


> 2.4) To compare Spartan-6 and Cyclone-V capacity we need to
> understand what Xilinx's Slice and Altera's LE are. I've attached a
> table with corresponding calculations. Fundamental elements of an
> FPGA are LUTs and FFs, so we can convert from slices and LEs and
> compare. I was able to fit five instances of SHA-512 core in Novena's
> LX45 device. Joachim, could you please try the same say in Altera's
> A5 device (roughly equivalent to Xilinx's LX45) to compare?

I can instantiate less than at least 8 SHA-512 cores in a A5 device. One
A7 _should_ be able to the biggest design given by a use case.


> 2.5) I suggest that we use 484-pin devices, because in this package
> both Altera A7/A9 and Xilinx LX75 and LX150 are pin-compatible. We
> can have one board that will accept both the largest available FPGA
> with free license and the largest available in the entire family.

Yes, F484 package is a good choice. Almost possible to solder by hand if
one does not have 40+ year eyes.


> 2.6) Despite largest Xilinx device is smaller than largest Altera
> device, I vote for Xilinx, because I'm much more familiar with it.

And I vote for Altera. Not because I'm more familiar with them (I've
done designs with Altera, Xilinx and even Actel). (And Bernd is more
seems to be more familiar with Altera too). But more importantly because
the dev tool, Quartus, seems to be much better for people not used to
EDA tools.

In terms of technology and what we need I don't see any major advantages
of Spartan-6 or Cyclone V compared to eachother. Not for the use cases
we are dealing with. We are not pushing the capabilities in terms of
number of clock trees, I/Os, DSP macros etc. We just need a lot of
LE/Slices and registers and connectivity.

I get a wee bit higher clock frequency for the cores in Cyclone V
compared to Spartan-6, but unless we start running the cores at 75-100+
MHz, but stay in the span 50-66 MHz we really should have good timing
margings in either device.

So, easy of use and accessibility is thus to me the more important than
making me happy.

It is also a question on who we can find to do the board design. Randy
wants to try to find people in Asia. And what Bunnie has suggested is
that you decide on type/brand of CPU (Freescale i.mx6 for example) and
then find the person with experience of doing board design for that
device. If that person find it to be much easier to do board design with
Xilinx tha Altera, then we may have to reevaluate.

But based on my earlier survey for the moment I think having Altera A7
F484 as the target device is the way forward.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJU5bp9AAoJEF3cfFQkIuyNYaQP/RcCk174qquSswQ+ey00hpZU
FpKbA0v+5Qj+ne3VNt2jceR2jqhk0MFoy8zu3GIhNbX2xjx3we4QnVZzXiaKgMSS
bQheKNI587kPmk6xiuFA7+v6GfKcojk3ORxDjKNAlVyet9UNYMKzm2wsggRTbCFX
3KxjKjXFZdLODRMGrIeQdFWg/gAcLiJGrWYGpkaR1Yr3nzbFUyvtc2Ct7TQeyfS8
i5Sm+6Gih1QSVeCTwraOEp3XjPFOOLQgnh+S3XnluF3xV7rEkK9h2rz5TBs1L3fe
aBHiHZwXwkeiJTQmxp+6n326f5xl4UHazHy4cAnKEnx0vuJIuZVTlafRS1e03C37
kEwBEJSMQBWxTumLOte7+rXeTv/5oiC/wUt8saD8TaFmOjGf09aiFzMGePTk+Coz
wUlJqg9OFSPE39tYqMKPt4wOBOtatXQQo3d29W0v5Z79rNKsaBvvOd4fD1g9ItjZ
pF7M2cQ9wmw/fAEhyNChXwxLhAMv88NePtPUR70HWw1ncga4Y3JVIpFVtLi+Az7l
4H1Skul1NcgjopS0ATXEePXotZPVwf4Va8QGySt8Dv/J2Ljes4g0Tta8N6aQMAZG
Y1iB3bTUmZ/WkiA3SSz9hnRLBgm8yTwDBiqwubSjf3gJ3xinH/OsTfjlPuuaQa2E
GyfRz9sm1jckfRu308yl
=g2LK
-----END PGP SIGNATURE-----