[Cryptech Tech] SHA-3 and Ed25519

Павел Шатов meisterpaul1 at yandex.ru
Fri Mar 6 17:20:49 UTC 2015


On 06.03.2015 20:01, Joachim Strömbergson wrote:
> Let me rephrase it. What we are trying to do in Cryptech is to develop a
> HSM platform that we and other ca trust. One way we do that is to have
> control of and traceability in the source code. That is why we sign all
> commits for example and run our own servers.
>
> The SHA-3 core on OpenCores is stable and we would probably not need to
> do any changes. But how do we detect if/when there are any changes to
> the code and how do we inform our users? How do we provide traceability
> for changes on OpenCores server. If we just point to the repo at
> OpenCores we could not really claim that it could be trusted at a given
> time.

Joachim, I understand this. What I offered was to download SHA-3 sources 
from OpenCores, inspect them and then store this verified copy in our 
repository on our servers. Since we already have Bernd's variant of 
SHA-3 core, my offer is no longer relevant.

--
With best regards,
Pavel Shatov


More information about the Tech mailing list