[Cryptech Tech] Discussion: On-line tests for entropy providers in Cryptech

[Bernd Paysan]

Am Sonntag, 18. Januar 2015, 17:55:54 schrieb Benedikt Stockebrand:
> Bernd's ROSC however seems significantly more troublesome to me.

Actually, if it stops toggling, it is broken, too, otherwise, it will still 
produce some entropy.

> It really boils down to figuring out the failure modes with every design
> and how to detect them.

The easiest failure mode is always "stuck at"; as long as it's not stuck, it 
is at least alive.

I'd suggest the following test module: Sample a value once in a while.  And 
then compare the current value with that value with

@once_in_a_while: begin
   sample <= roscs_out;
   compare <= 0;
   fail_flag <= ~compare != 0; \\ all bits should have been set
end

@(posedge clk or negedge nreset)
  if(!nreset) begin
     sample <= 0;
     compare <= 0;
     fail_flag <= 0;
  end else begin
    if(once_in_a_while) begin
      sample <= rosc_out;
      fail_flag <= ~compare != 0;
      compare <= 0;
    end else begin
      compare <= compare | (roscs_out ^ sample); 
    end
  end

You probably can do a popcount to tell the user how many roscs are stuck.

The scheme to mix all the outputs by rotating them through which I proposed 
end of last August would allow some of them to fail without affecting the 
quality of the entropy source.  The good thing here is that the actual device 
is smaller than this simple life-test...

-- 
Bernd Paysan
"If you want it done right, you have to do it yourself"
http://bernd-paysan.de/
net2o ID: kQusJzA;7*?t=uy at X}1GWr!+0qqp_Cn176t4(dQ*