[Cryptech Tech] arm

Joachim Strömbergson joachim at secworks.se
Sun Jan 11 08:21:02 UTC 2015
Previous message: [Cryptech Tech] arm
Next message: [Cryptech Tech] arm
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Hannes Tschofenig wrote:
> I work for ARM and could help you with your questions.

Hi Hannes, and thanks for the offer, much appreciated.

> Mbed is designed to work with the Cortex M process family. There are
> different types of processors available in that family, namely M0,
> M0+, M3, M4, and now also M7. The M7 was announced around ARM TechCon
> as well and aims to bridge the gap (in performance) between the 
> Cortex M family in the Cortex A family.

The M7 is an interesting development. Good to know that mbed will also
support the device. I'm using Mbed with M0+ as well as M4 devices, but
can see a clear need for even higher performance processors.


> You will be astonished to see what features our silicon partners add
> to the chips...

And that is actually one of our problems. If you look at M4-based
devices they often comes with a bevildering array of peripheral
functions. Dual CAN-interfaces, GPUs, touch screen controllers and
integrated MAC/PHYs for example. Very nice if one is to design an in car
media system. Not as good when one just wants to run general purpose
code on a MCU that is as aeasilu audited and trusted as possible.

The amount of compute power we actually need is yet to be determined, we
are working on the requirement specification at the moment and will use
that to drive the device selection. The Novena uses the quad ARM-A9
cores running at 1.2 GHz. Our code does (afaik) use more than one core
at a time. But anywhere close to the same clock speed puts us in
M4-device area. But at the moment we really don't know what speed we
need to support. We will connect to host systems using USB 2.0 Full
Speed and parse PKCS#11 commands using Cryptlib to implement them.


> PS: Why you want to use an FPGA is still a mystery to me.

There are a number of reasons for it. But basically:

(1) We really want to move the lower layer functionality (cryptographic
functions, random number generation etc) out of the SW context to make
them harder to modify. It also divides the system into more parts that
are easier to audit.

(2) For some of the cryptographic functions we absolutely need
concurrent execution. The entropy sources (we have multiple) driving the
random generator for example are autonoumous and runs concurrently. Task
switching in a CPU cannot replicate that.

(3) For some of the algorithms, parallel hardware provides a much better
performance and allows us to run the CPU at lower clock speeds. This
makes it easier for us to find a suitable device with less complex SoC.

It is important to realise that we are building a very high security
system, not just an embedded system. Yes, quite a few ARM based devices
(for example STM32) provides random number generators in them. But we
can't test their internal function, don't know how they really work
(just what the documentation states). We need to build our own RNG, hash
functions, modular exponentiation, key storage. And then have as little
else as possible.

That at least to me means FPGAs coupled with an MCU.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJUsjJuAAoJEF3cfFQkIuyNmaMQAK+IoYvFVUYL5+v+LcwMEoGR
1zDzxbQ6UUvcvQeLGpJiSp99STBSb+f/JH/2CcerCiaJbmfW+uy1+K7Tc1RSLM14
GtJwfXcG8Agsb8b/01WrblkJxWX97lHQEh1qRJy0Iszw1L48LgLqiE5OFJEmiFwT
ygr/ow+fBEG/Q3W0ygzqhMpYaSyHsQ5JsMQg+xTui0dxol6j3tVj0lreribg0OOj
Ka/KZHmjcfUcdsXm6MqlftLadePq2rDLXtPPodnRkbmQ6SBF8Ocge22Id8pUzffE
KKynO4lYYlktKFhBGffKv3feb3C7xtH8PdERdUQ0GgZyVnSuTWdaXYqVFv2jBtf2
fosjxoARmnVpNmHMMINn0B/dbRJT+9Yv/urHd0peNm/bbWZXrStOET/rxCCMuXbL
grLHZPsMcs/F8gvhZwPrzwlH/tYth2irn+3I8tSfGBUWpHbclEfxnDf1mWqXKZPx
rdOPqWSlBtdFUaVD3oDDWJVVEUFKwVlIckFscM2sauxpBBu+CF4pnICf+MiEoWy+
3HgCKnoAQTMuPQCY0TXIflznaUW5+hb4OwnS8y1Sfc7Nvxd4Wxo2wEMqPrVEDXCj
KHsE7en1/ZIKDKOzEDtZcgUa3AD4r2w+sdWFOqzV66E/5LkId1KFEIfdqDDbR8gd
rEsIQecQifOsP921UTAg
=OHO5
-----END PGP SIGNATURE-----
Previous message: [Cryptech Tech] arm
Next message: [Cryptech Tech] arm
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Tech mailing list