[Cryptech Tech] Lattice boards for developing a custom master key memory

[Olof Kindgren]

On Thu, Apr 26, 2018 at 3:13 PM, Joachim Strömbergson <
joachim.strombergson at assured.se> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Aloha!
>
> Clifford Wolf, not Stoll. Sorry for the mixup.
>
> Joachim Strömbergson wrote:
> > Aloha!
> >
> > As you might have seen here previously, we have discussed building
> > our own tamper protected master key memory. The idea is to use a
> > tiny, low power FPGA. The FPGA contains logic needed to implement:
> >
> > 1. Interface to the main FPGA. Currently SPI, but consider UART.
> >
> > 2. Storage of a master key with logic for anti-remanence (controlled
> > periodic bit flipping.
> >
> > 3. Fast (ns) key erasure when detecting an event on an external
> > input.
> >
> > We are currently considering using the Lattice ICE devices. One of
> > the chief reasons is the project IceStorm by Clifford stoll.
> >
> > http://www.clifford.at/icestorm/
> >
> > With the tool flow in Icestorm we should be able to show that the
> > secure storage and protection of the "crown jewels", the master key
> > does not rely on the implicit trust of proprietary tools and black
> > box device features.
> >
> > I'm considering buying one of the following boards. Neither of them
> > are expensive. Both should have ample resources for what we intend to
> > do. The question is more which one is easiest to interface to the
> > Cryptech Alpha board for testing. Unless I'm missing some important
> > detail.
> >
> > http://www.latticesemi.com/icestick
> > http://www.latticesemi.com/en/Products/DevelopmentBoardsAndKits/
> iCE40HX8KBreakoutBoard.aspx
> >
> >  If you have any suggestions, comments, feedback I would appreciate
> > them.
> >
> > _______________________________________________ Tech mailing list
> > Tech at cryptech.is https://lists.cryptech.is/listinfo/tech
>
> - --
> Med vänlig hälsning, Yours
>
> Joachim Strömbergson - Assured AB
> ========================================================================
>
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBCAAGBQJa4dB6AAoJEF3cfFQkIuyNj84QAJ4/gQxnpU6eTmjZBmcT4S8G
> eminpGXBthEo7pyO+wKNdd5y11SX04jvidVZxxWovBcxpp/gf8gGocGO5Nd/pgOZ
> KuhoHe0UyZYI7zoFs09Wo6B0A99DnF/asIgzHDL8PlrmB9M2eZH6uPubVTpd8Mdf
> G+YtISO8/QFdZhwNUEl9rV73E6keYPO89+O/nEr2X1eux4R7BmujoiEHPy2O5s3p
> NsfLB5L/r3cwP0x5pKnckmbPfkwkei7ZYM1XfsQEBJ9exfPVvuQ4gSQAixQi5Plr
> McPqca0uAybIfU+yH/puevPHq+oeq9K1nrdVzMwA9BES1r9qIbHraDQbDmoCT7i2
> GtKg5HXQsRgSbUhsUFOzfyHYmvvNgRzkGgYhWe+gN5THpvn5JzbfmfzRM/IlrRXQ
> 6T1DtQYvkXVta4jViV+QSsTH79DeAGfNiClW9WyetFtOg/v5dkK3Qo6944oxVi9m
> LWvuuKJFtb1QxvofpmYSNOf9NHRftzEMjAfApbHC5n8t2ZORxtehc1t5Ud4O+fsf
> VPd7r9+ylxxJNEOhk53wdY2vMunYjPJ5zSmJwsFp/h67Bx/DbXgWFYA+uV4fqiXi
> bwDOLgvNRGMA+d7L7BDaaLuRimAO1J9tX+fxOuc1N/k1bnIRWHdPqPlbIZOXFEtr
> +M+bCxXvFP4DyTy3kZ/K
> =tUhR
> -----END PGP SIGNATURE-----
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech
>

There's a ton of iCE40 boards coming out on the market, most of the small
and cheap. I think Luke Valenty's TinyFPGA B2 board deserves a special
mention (as well as the just crowd-funded BX model (for which I thought you
were a backer (nested comments makes me feel like writing LISP code))).

The main points of the B2 (
https://www.tindie.com/products/tinyfpga/tinyfpga-b2/) would be that it
uses the Teensy form factor, which is pretty small but still usable for
manual soldering. It also comes with a pure verilog FPGA bootloader which
makes it easy to upload new bitstreams. The FPGA bootloader has of course
FuseSoC support too :)

//Olof
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20180426/ef7f6736/attachment.html>