[Cryptech Tech] FPGA for alpha board
Joachim Strömbergson
joachim at secworks.se
Sun Jan 11 20:53:21 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Yes, adding a soft core is one option we have for the future. Using a
hard core such as Xilinx Zync or Altera SoCs adds a lot of performance,
but it reduces the ability to actually test and know as well as limit
what is actually accessible from where.
In terms of side channel leakage, having an internal interface on chip
is better than having an interface over the PCB. But this interface will
be inside the tamper boundary.
For the next, next generation board (or later revisions of this one) we
may move to an integrated solution. But for the platform after Novena I
think our assumption right now is that we really want to have separate
physical devices. This is because it allows us to decompose the system
into separate partitions that can more easily be controlled and audited.
Cheers
JoachimS
Шатов Павел wrote:
> Hello everyone. I haven't attended your meeting, so I don't know all
> the underlying details of your discussion. Do you intentionally want
> your board to include CPU and FPGA as two separate chips? As far as I
> know in terms of hardware security having one single integrated
> circuit is better. Two options are possible to combine both CPU and
> FPGA in one physical IC. The first option is to select larger FPGA
> and add some processor IP core to it. Both Altera and Xilinx provide
> soft processors, but they are not opensource. I believe there might
> be suitable soft processors available at
> http://opencores.org/projects. The drawback of this approach is that
> such soft processors will not run very fast. I've mostly worked with
> Spartan-6, from my experience it is difficult to push MicroBlaze from
> Xilinx beyond 125-133 MHz. Other processors should be about the same.
> On the other hand you can configure soft processor to only include
> modules that you actually need. The second option is to use some PSoC
> chip. I can suggest having a look at Zynq from Xilinx:
> http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf.
> It has dual-core ARM Coretex-A9 CPU and Artix/Kintex FPGA in one
> package. There are several other PSoC vendors too, Zynq is just an
> example. From my experience programmable system-on-chip projects
> require much initial effort, but as the project matures it becomes
> easier to develop
> it.<http://www.xilinx.com/publications/prod_mktg/zynq7000/Zynq-7000-combined-product-table.pdf>
>
>
11.01.2015, 12:18, "Fredrik Thulin" <fredrik at thulin.net
> <mailto:fredrik at thulin.net>>:
>>
>> It seems to me that the interface between the FPGA and ARM will be
>> one of the real selectors for what ARM to use?
>>
>> Joachim, can you make a baseline suggestion for what FPGA to use
>> and what interface to use?
>>
>> I remember from the meeting last week that we said we are currently
>> using about 70% of the resources in the Novena FPGA and would aim
>> for something 10x (?) bigger for the alpha board, to not be space
>> constrained during development?
>>
>> /Fredrik
>>
>> _______________________________________________ Tech mailing list
>> Tech at cryptech.is <mailto:Tech at cryptech.is>
>> https://lists.cryptech.is/listinfo/tech
>>
> -- With best regards, Paul Shatov
>
> _______________________________________________ Tech mailing list
> Tech at cryptech.is https://lists.cryptech.is/listinfo/tech
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJUsuLAAAoJEF3cfFQkIuyNRJMQAL75OY0Ym9gewX6Rge4YFIoM
DpMCQEgLJZGQKiGUOxGaJ3EovtI9ThiVa1S+l5HQH+na6y9mwMi0XAZBbc6GP4hb
UmDPBUVXPGYsqT5Er6lbc2yBdLsW+cHsjBMWnTQtQFvDi0geTVO3pdSpieljjmTT
d3xdI9kUfvjgYzNZ9cwGI85yniaV6EKsagNndY8M9/jrfS3oI4I2qwFcvzsXPUJP
w4+QxY+ce6/V6s0ke2lHIpzy0zIziVLRp433/zSQj1f7F2+9JwdwynZCmEqAg375
s3NKDL5HHwcMDpEww7uBksgp7h+U5HEC8KMVPYUDw/MqX5WKaOUQikgwqHCkNy7d
/Nk4igp4GV0cG8KMyzy21HYAScPCOvx0mM2pWwuIs9qFL66RJYxR5wXeaOn3lWWV
aRyWxSITJ/UlCixYOHrJsh6/BzHC/hxT73C392bJyb17nSIq4arK/etJihNgGRf9
RMloJRUKaOSHKCuiXiZXk4a3aqah7b+b3QMeLL+OWfBYXSWOk3DYL+y2NTSKtOno
+yahUqUCJzh+ISWqGltpeo94ckMxllcGgLUTribUqnmhHUD+rVGVhMYjg2kmoFS8
vshgg0PKMysPY90oAMs2G40gJS9eKaBrNUYFoXLcJz/ALFbfoA+sb9wO/M+75OaV
EEMMI8YzhNQldYmVnqEi
=Une+
-----END PGP SIGNATURE-----
More information about the Tech
mailing list