[Cryptech Tech] Comments on Alpha board schematics

[Fredrik Thulin]

On Monday, January 25, 2016 04:28:24 PM Joachim Strömbergson wrote:
> Aloha!
> 
> Joachim Strömbergson wrote:
> > I would suggest that the ability to turn the entropy source on or 
off
> > is given to the FPGA. (Which of course could expose the control via
> > the core API). If the control is done by the CPU or Tamper-MCU, then
> > we could easily end up reseeding the CPRNG using only the ring
> > oscillator based entropy provider.

Subject to some kind of policy I presume. I mean, if any/some defined 
number of the entropy sources stop working, we'd better block the CSPRNG 
if it wants to re-seed...

> > Having support for turning the
> > entropy source off ana on adds quite a lot of complexity in terms of
> > warm up times and startup testing vs starvation of RNG output and
> > race problems.

Don't we have this complexity already? We have to take care of it at 
boot time I guess.

> >
> > When I look in Rev02, sheet 03 I assumed there would be a control
> > signal for this function, but I don't see it. Has it not been
> > included?
> 
> Sorry for the confusion, That functionality is present on sheet 02.
> Suggestion is to connect FPGA_ENTROPY_DISABLE to pin on FPGA.

I guess you saw that but just to be clear on the list:

The FPGA_ENTROPY_DISABLE is connected to the FPGA.

The XREF on sheet 02 says FPGA_ENTROPY_DISABLE/20.2C and if we look in 
2C (X-Y coordinates in the frame) on sheet 20, we see 
FPGA_ENTROPY_DISABLE connected to "IO_L11N_T1_SRCC_16" aka. B18 on the 
FPGA.

Also noteworthy, from sheet 2, is that JP2 must be installed in order 
for the FPGA to be able to disable the entropy source. If JP2 is not 
installed, the entropy source is always running through the pull-up 
resistor R7 (which might significantly reduce it's life time due to 
component ageing).

/Fredrik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20160127/dedddb69/attachment.html>