[Cryptech Tech] NaCL in hardware

Joachim Strömbergson joachim at secworks.se
Tue Sep 29 08:04:22 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Peter Stuge wrote:
> Pavel Shatov wrote:
>> in nowadays FPGAs we have dedicated hardware multipliers, that
>> come at no cost. Yes, they are vendor-specific, and I obviously
>> cannot decide for the whole team, whether we can use them or not.
>> But my personal view is that as long as we clearly document, that
>> in this particular module we are using vendor-specific multiplier,
>> and provide generic replacement module for simulation, it's OK.
> 
> I don't think it's OK at all to restrict the usefulness of cryptech 
> modules so severely, making it impossible to use them with any other 
> hardware than one particular hardware from one particular vendor.

Not only multipliers, but DSP functionality that are fairly complex
black boxes. We should clearly document where these black boxes are. And
if possible either also provide a generic implementation (not only
simulation) module or an implementation that infers the correct macro
instead of instantiation.

Having separate implementation and simulation modules means that we are
in fact not simulating what we are implementing. In most projects this
is ok, but we have more tinfoil on than most projects.

Also there is still a question about licensing of the source code.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJWCkYGAAoJEF3cfFQkIuyNDQsP/2bF2GXrjQ9gMsXuP1/eeuVH
XYikR02QONhQldK5z4TCM5h+jsDX5PweLlYGOgcMLrnM1mgJblKP55FAu0cSBF7q
CEdCxXpn0IoFntMViP7wQuLFEDsYjYERxXxPG45Qc2znujZ8lpqWA7s7cuMUuxIf
q/zegGe//1fQlSvN+Yd1obm+iG5T7RTMobeDh/TaV8SPZYiyhFYFmzRzlSYdF0hj
FgDXQPNiguf6KezEK5QK0LTq0poUPkinhSejWWjakh0WT0NTNiZaZHzv2oiRGOOJ
UybOO4m/huw3TyUCb3WsLR2ev0hR6IOPF1dVGOnlVk1t2u19YzBiXIPH0zMX7JwO
HjPJjH+e/c5tv4Wd0XFxdB3m4PMPZtNiHKi4ASpp4JzE192AI1BioEe91K8NJh+p
1HciME7t9bARog28rsBrdca/0aPpkkNguYpGrIalJUtpwdL+Gsj0fpfLvIXN9Khj
xxkb1NbhSMy74gJ8/ftjd2uF1XBBCrrqpVuomMrRzcGIRWxGDk6Vpl026zgSxBLg
dymwYRhUdsgkCW4k3W68k9Qw7MiU+BhGmLQwvdrmHDvBuYbeI9SyH7nrzKJc3EZt
axbK2LOdXL36QtsuxJ7c24VM9SkREp3pXjyZqv92G+4qiLXRm4M5tHC2f1qyq+2z
g/7Zb+VQWG0ix+bEUA+R
=mooz
-----END PGP SIGNATURE-----


More information about the Tech mailing list