[Cryptech Tech] Alpha board main CPU change
Joachim Strömbergson
joachim at secworks.se
Mon Jun 1 06:52:57 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Warren Kumari wrote:
> Sure, not as a sole actor, but what about as an additional source,
> mixed in with the others?
Don't know if you saw my answer to Jacob. But this exactly what I suggested:
"We could use the TRNG in the M4 as an entropy source to feed the TRNG
inside the FPGA (basically a FIFO into which SW could write words
consumed during entropy mixing). But replacing the TRNG, no."
Since we use SHA-512 as mixer and strict round robin extraction from the
available entropy sources, adding entropy (i.e the M4 TRNG) should just
add more unpredictability and not expose us to domination attacks. That
said, our TRNG should/must warn if the main entropy sources are not
providing any entropy leaving the M4 TRNG as the sole entropy source.
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJVbAFJAAoJEF3cfFQkIuyNs2wQAMQc8VVpRG7H+gzrzCQWUK3D
6Yf9I+2gSciNWz+k3j2d0HJnzNI4KzxL0ADEvvIyrGPDxB6/vSI+6ffXwPyqkJuH
Rf9D/JcycJSDaUWzloqIIrHcMOiswJd2z/Zbv1KNLUD8pmQ2hN9ZnFAmOiIOk6RK
1iQLq+1rVH2eg+O8x5ffw+vW0lNjuWOMxbU9pmTvYpRFYT3Kg6spBpZn6I87RjBy
aus1JR7QIBAhCzWcMeI7JRVeXXJN/Qcq4McKPE949W4W+v85Zi7hWtv7eM9B6I+D
/IRuWlBKUhg0ZarhMkVG1xwAwgfNIOwmiHlbCWKSRAGEdwVQjeUs2Cz18ZYgdKxo
Ilxw/vFakNLwKAmXzJ6x+o4K9ta7MlcOoU3uyK8fiqk5jNrnbskLt49OiqvoM+SY
s2IZblNRq2H6TRucoT85tet/Ciue2giRan4rrxwFt4WMdbwyfOd4Rl1PnE7pYaXx
KSw60mEdo7BOuf0zh9iTZ7evrx2SajhavJql+ftQe6Eo5t3IT4XHXQRJtiJ6pO2Y
1hTK6OmmvQvvCEtVyo+5WW2FS6AR+qdcw1uF0gYDtzIZld3aDSgT0rp4eF1PX9Ap
lV4Q1lrSG20Sd4P/Gf5dQcC2pchLtZbBvRpRtoTAzCCtapf8VDA5l3VKUtjOOREi
lLsEVD/bYTB5RCUOz88a
=VosY
-----END PGP SIGNATURE-----
More information about the Tech
mailing list