[Cryptech Tech] AES SIV mode for key wrapping?

[Rob Austein]

At Wed, 18 Mar 2015 20:36:27 +1300, Peter Gutmann wrote:
...
> EUNDERSPECIFIEDREQUIREMENTS :-).  When you said "back up the HSM" I assumed
> you meant the equivalent of the old Safekeyper clone-HSM functionality where
> you can clone the complete state of an exiting HSM into a new one.  For that
> you need a complex, structured-data format that goes beyond just wrapping up a
> key.  It looks like you'd need to break this down into "what happens in the
> FPGA" and "what happens in the HSM as a whole".

Fair point, thanks.

> (Also, if you're encapsulating the whole thing in a tamper-responsive mesh as
> per the recent ATtiny discussion, why do you then need to isolate things in
> the FPGA?  I'm still trying to understand the exact requirements here).

Yeah, well, we don't have full consensus among the core team on this
point, so the lack of clarity is not surprising.

With the caveat that I'm trying to explain a view to which I do not
fully subscribe, the principal motivation appears to be fear of the
unauditable complexity of most conventional CPUs.  Eg, the ARM
processor that we've currently specified for the alpha board has
consumer appliance features out the wazoo (including enough video
hardware to support two fully independent Laundry basilisk guns);
while we intend to short as much of this stuff to ground as we can,
the overall complexity makes most of us at least a bit uncomfortable
and some of us very uncomfortable.  So the theory appears to be that
moving the most critical bits to the FPGA reduces the attack surface.

There are of course other options, such as choosing a simpler CPU,
using a soft core, etcetera.  All have been discussed at length and we
almost certainly don't want to take the lid off of that can of worms
again.  But anyway, that's the motivation as I think I understand it.