[Cryptech Tech] Comments on Alpha board schematics

Joachim Strömbergson joachim at secworks.se
Mon Jan 25 15:06:45 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

(Repeat in @tech)

We have previously talked about having the ability to turn off the
external entropy source.

I would suggest that the ability to turn the entropy source on or off is
given to the FPGA. (Which of course could expose the control via the
core API). If the control is done by the CPU or Tamper-MCU, then we
could easily end up reseeding the CPRNG using only the ring oscillator
based entropy provider. Having support for turning the entropy source
off ana on adds quite a lot of complexity in terms of warm up times and
startup testing vs starvation of RNG output and race problems.

When I look in Rev02, sheet 03 I assumed there would be a control signal
for this function, but I don't see it. Has it not been included?

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJWpjoFAAoJEF3cfFQkIuyNLqgP/1dyg1RmLPm8/+J1CWitkOCu
EJ9rJf9x2ZJyh91oDR14rGXpiftM79LLpN/r+FLVgkD45kCdTCdocwdcG3IAnWWu
AGvUi48HQ68xEcyNoMU8l58Cnohqyn8YpSo4kqjpjx2Z6qVI6EsmQeion53J/UDm
6HMB9WeeW5mM7fRGzoHat8/PUXr1ohRiKL6nahggjTaH3WY0kidcq+6y6prhaw8H
B/iJpgs/XfnV4cmaXX3ke8kpJk81SgvTBzFtl2j5omu4q94aLWrJOe502jYc8rrf
JcQcLepJWS01hz03Zmxh0Y0iJQn2TpyEfCe3pKmX+D7K4zfRcagIcr9R69PHLOL9
biSFTFcX22qBDezm86CrTVHVLvsHILGTeWmRv4HOW8bKSjhNDc16rb/3oOAokIoZ
TmjVb+po9Xn3d1qGilxUCK0A3j/1tp+G8tno9+EEp3/M+LX2Ui4Ys0p5eVESP+lo
b2uVILoGNirja5HDV8y+6dMSbY7uPArjil3We009jB4gsHrkIdT5usClwrpo4gil
L1YjtGwGzRmRfSskmaPkEdI+uAAGPos8zigd4sfHPwBjabkqqnjBBrbOcZcca3rE
YfWENNJjPWK1/C7dgiiuGDa3L+WzKSWfh7dglbeJqZctb2eBd+iAALkj5vjGRcHg
Z5QWnFjPhE3w5YGhOdVM
=r9R4
-----END PGP SIGNATURE-----


More information about the Tech mailing list