[Cryptech Tech] Comments on Alpha board schematics

Fredrik Thulin fredrik at thulin.net
Wed Jan 27 13:34:02 UTC 2016

Previous message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Next message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday, January 27, 2016 01:57:10 PM Joachim Strömbergson wrote:
> Aloha!
> 
> Fredrik Thulin wrote:
> > My point is that we will have to deal with warmup/bootup tests
> > regardless of if we do 1 or N bootups of the entropy source for 
every
> > 1 bootup of the HSM.
> 
> No, N bootups will be much, much more complicated.
> 
> Warmup once during cold boot of the board is one thing. A lot of 
things
> will take time, initiialize etc. Doing warmup delay, testing multiple
> times while the board is quite probably running in operations mode 
open
> up for starvation in SW, possible timeouts etc.
> 
> If the entropy source power control and thus warmup is under FPGA
> control we can do this only during full reseed. But unless the reseed
> gets a headsup, we either power up when it in fact wasn't needed, or 
we
> risk adding the warmup delay right into the reseed time.
> 
> One point of having the TRNG chain structured with separated mixer and
> FIFOs is that we can do reseed while delivering random data to
> applications. This will risk breaking that assumption.
> 
> As I said. I can live with having the power down function on the 
board,
> but possible to disable (i.e. it will be from the start.). But I think
> it opens up a huge can of worms and will require quite a lot of 
thinking
> and FPGA design to eliminate possible problems.

This is turning into something we need to talk about next time we meet 
face to face =). I think we have had different levels of ambition in 
mind here.

You talk about continuous delivery of random numbers and non-blocking 
reseeds.
I was thinking that a reseed will likely always be a potentially 
blocking operation because you need to assess the entropy from the 
sources and, if it is not deemed good enough you need to wait for more 
or halt the reseed operation alltogether, or something.

Anyway, as youv'e said - the jumper allows us to continue with the 
hardware design and leave the interesting discussion about how this is 
all going to work for later =). Please don't think I'm dismissing the 
subject, I'm really looking forward to talking more about it.

/Fredrik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20160127/ce05d112/attachment-0001.html>

Previous message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Next message (by thread): [Cryptech Tech] Comments on Alpha board schematics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list