[Cryptech Tech] SHA-3 and Ed25519
Joachim Strömbergson
joachim at secworks.se
Fri Mar 6 16:01:27 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Павел Шатов wrote:
> What do you mean when you say big? This SHA-3 core is 500 lines of
> code, your sha512_core.v is about the same (600). Synthesis results
> are again somewhat similar to your SHA-512 core (4500 LUTs for SHA-3,
> 4400 LUTs for your SHA-512).
Big in terms of resources in the FPGA. Compared to other SHA-3 cores.
For example Guido Bertonis old reference design from the SHA-3 compo.
> I don't quite understand this. Does Apache license allow us to have
> a copy of SHA-3 source code in our repository retaining all the
> original copyright information or not?
I believe so, but IANAL.
> What maintenance are you taking about? According to information on
> OpenCores their SHA-3 was updated more then 2 years ago, the source
> code should be stable.
Let me rephrase it. What we are trying to do in Cryptech is to develop a
HSM platform that we and other ca trust. One way we do that is to have
control of and traceability in the source code. That is why we sign all
commits for example and run our own servers.
The SHA-3 core on OpenCores is stable and we would probably not need to
do any changes. But how do we detect if/when there are any changes to
the code and how do we inform our users? How do we provide traceability
for changes on OpenCores server. If we just point to the repo at
OpenCores we could not really claim that it could be trusted at a given
time.
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJU+c9WAAoJEF3cfFQkIuyNNWsP/iITNN0t1fjf4pWCJgLt88w/
oLQMG9limnGzr2TE9kA1TeuCnoflZPeDzM7kdo7lmk28w/EREK6ViUhROr+Hbm1U
cJCIkGQRu1D4eBiqmrpwW7es7bxoLmS1XxTgpAjGcjGXwMUf64KUwtw0k25ZTPG7
EOGKGx1gdSFSIhJsAgXT/ZMni3bii43TTSXzKUMsU58T0WTTSMHemBjmxmlRgO0g
NWBLoAq3hdlllJ8jlt9klJJDQjAiI3xw6yvGVuYAvC7Y1cs1nKO4pxbZYrnEkDWL
FRA8EvO9cGa1+6/3aDeDNjc5Eau/BEIhiRPPloWWhNngohw79XnkErj3rPvyhXvH
DktQsR79GZFjWWgBy05OHRjawOWuLCMQApqSu9w3XyG+FhAACbJirhxFaXqWRNFb
q7yzhOrkecGL3akfQkKm/ZH8zi0Lq5c4GIQ1IlJHWs+c1paE7GYZgDFodDUfiGth
U4XkNN5lbiy0+ke5gqNgAYgUICoghPAx2I6g5Blm94ggxUGKhYpSANUBHxDIWnmC
DzaBRAWDDoVUxtqQdyVZjlMX/26j/nXiC+w7+TV7+kKWNGqy2Bypuh59KU6N038Z
rwlcdyRSEsN2FpexMwLy793JXKIsXb9//1s29tygmvC9ik75yiDGRl28xuLvbi9A
8nRQwsZxMkkaUTWzrJwt
=dMMj
-----END PGP SIGNATURE-----
More information about the Tech
mailing list