<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Apr 26, 2018 at 3:13 PM, Joachim Strömbergson <span dir="ltr"><<a href="mailto:joachim.strombergson@assured.se" target="_blank">joachim.strombergson@assured.se</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="gmail-">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
Aloha!<br>
<br>
</span>Clifford Wolf, not Stoll. Sorry for the mixup.<br>
<div><div class="gmail-h5"><br>
Joachim Strömbergson wrote:<br>
> Aloha!<br>
> <br>
> As you might have seen here previously, we have discussed building<br>
> our own tamper protected master key memory. The idea is to use a<br>
> tiny, low power FPGA. The FPGA contains logic needed to implement:<br>
> <br>
> 1. Interface to the main FPGA. Currently SPI, but consider UART.<br>
> <br>
> 2. Storage of a master key with logic for anti-remanence (controlled <br>
> periodic bit flipping.<br>
> <br>
> 3. Fast (ns) key erasure when detecting an event on an external<br>
> input.<br>
> <br>
> We are currently considering using the Lattice ICE devices. One of<br>
> the chief reasons is the project IceStorm by Clifford stoll.<br>
> <br>
> <a href="http://www.clifford.at/icestorm/" rel="noreferrer" target="_blank">http://www.clifford.at/<wbr>icestorm/</a><br>
> <br>
> With the tool flow in Icestorm we should be able to show that the<br>
> secure storage and protection of the "crown jewels", the master key<br>
> does not rely on the implicit trust of proprietary tools and black<br>
> box device features.<br>
> <br>
> I'm considering buying one of the following boards. Neither of them<br>
> are expensive. Both should have ample resources for what we intend to<br>
> do. The question is more which one is easiest to interface to the<br>
> Cryptech Alpha board for testing. Unless I'm missing some important<br>
> detail.<br>
> <br>
> <a href="http://www.latticesemi.com/icestick" rel="noreferrer" target="_blank">http://www.latticesemi.com/<wbr>icestick</a> <br>
> <a href="http://www.latticesemi.com/en/Products/DevelopmentBoardsAndKits/iCE40HX8KBreakoutBoard.aspx" rel="noreferrer" target="_blank">http://www.latticesemi.com/en/<wbr>Products/<wbr>DevelopmentBoardsAndKits/<wbr>iCE40HX8KBreakoutBoard.aspx</a><br>
><br>
>  If you have any suggestions, comments, feedback I would appreciate<br>
> them.<br>
> <br>
</div></div><span class="gmail-">> ______________________________<wbr>_________________ Tech mailing list <br>
> <a href="mailto:Tech@cryptech.is">Tech@cryptech.is</a> <a href="https://lists.cryptech.is/listinfo/tech" rel="noreferrer" target="_blank">https://lists.cryptech.is/<wbr>listinfo/tech</a><br>
<br>
</span><span class="gmail-">- -- <br>
Med vänlig hälsning, Yours<br>
<br>
Joachim Strömbergson - Assured AB<br>
==============================<wbr>==============================<wbr>============<br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Comment: GPGTools - <a href="http://gpgtools.org" rel="noreferrer" target="_blank">http://gpgtools.org</a><br>
Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org/" rel="noreferrer" target="_blank">http://enigmail.mozdev.org/</a><br>
<br>
</span>iQIcBAEBCAAGBQJa4dB6AAoJEF3cfF<wbr>QkIuyNj84QAJ4/<wbr>gQxnpU6eTmjZBmcT4S8G<br>
eminpGXBthEo7pyO+<wbr>wKNdd5y11SX04jvidVZxxWovBcxpp/<wbr>gf8gGocGO5Nd/pgOZ<br>
KuhoHe0UyZYI7zoFs09Wo6B0A99DnF<wbr>/<wbr>asIgzHDL8PlrmB9M2eZH6uPubVTpd8<wbr>Mdf<br>
G+YtISO8/<wbr>QFdZhwNUEl9rV73E6keYPO89+O/<wbr>nEr2X1eux4R7BmujoiEHPy2O5s3p<br>
NsfLB5L/<wbr>r3cwP0x5pKnckmbPfkwkei7ZYM1Xfs<wbr>QEBJ9exfPVvuQ4gSQAixQi5Plr<br>
McPqca0uAybIfU+yH/puevPHq+<wbr>oeq9K1nrdVzMwA9BES1r9qIbHraDQb<wbr>DmoCT7i2<br>
GtKg5HXQsRgSbUhsUFOzfyHYmvvNgR<wbr>zkGgYhWe+gN5THpvn5JzbfmfzRM/<wbr>IlrRXQ<br>
6T1DtQYvkXVta4jViV+<wbr>QSsTH79DeAGfNiClW9WyetFtOg/<wbr>v5dkK3Qo6944oxVi9m<br>
LWvuuKJFtb1QxvofpmYSNOf9NHRftz<wbr>EMjAfApbHC5n8t2ZORxtehc1t5Ud4O<wbr>+fsf<br>
VPd7r9+<wbr>ylxxJNEOhk53wdY2vMunYjPJ5zSmJw<wbr>sFp/h67Bx/DbXgWFYA+uV4fqiXi<br>
bwDOLgvNRGMA+<wbr>d7L7BDaaLuRimAO1J9tX+fxOuc1N/<wbr>k1bnIRWHdPqPlbIZOXFEtr<br>
+M+bCxXvFP4DyTy3kZ/K<br>
=tUhR<br>
<div class="gmail-HOEnZb"><div class="gmail-h5">-----END PGP SIGNATURE-----<br>
______________________________<wbr>_________________<br>
Tech mailing list<br>
<a href="mailto:Tech@cryptech.is">Tech@cryptech.is</a><br>
<a href="https://lists.cryptech.is/listinfo/tech" rel="noreferrer" target="_blank">https://lists.cryptech.is/<wbr>listinfo/tech</a><br>
</div></div></blockquote></div><br></div><div class="gmail_extra">There's a ton of iCE40 boards coming out on the market, most of the small and cheap. I think Luke Valenty's TinyFPGA B2 board deserves a special mention (as well as the just crowd-funded BX model (for which I thought you were a backer (nested comments makes me feel like writing LISP code))).<br><br></div><div class="gmail_extra">The main points of the B2 (<a href="https://www.tindie.com/products/tinyfpga/tinyfpga-b2/">https://www.tindie.com/products/tinyfpga/tinyfpga-b2/</a>) would be that it uses the Teensy form factor, which is pretty small but still usable for manual soldering. It also comes with a pure verilog FPGA bootloader which makes it easy to upload new bitstreams. The FPGA bootloader has of course FuseSoC support too :)<br><br></div><div class="gmail_extra">//Olof<br></div></div>