| Summary: | investigate OpenTITAN | ||
|---|---|---|---|
| Product: | Libre-SOC's first SoC | Reporter: | Luke Kenneth Casson Leighton <lkcl> |
| Component: | Source Code | Assignee: | Luke Kenneth Casson Leighton <lkcl> |
| Status: | CONFIRMED --- | ||
| Severity: | enhancement | CC: | libre-soc-bugs, programmerjake |
| Priority: | --- | ||
| Version: | unspecified | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| NLnet milestone: | --- | total budget (EUR) for completion of task and all subtasks: | 0 |
| budget (EUR) for this task, excluding subtasks' budget: | 0 | parent task for budget allocation: | |
| child tasks for budget allocation: | The table of payments (in EUR) for this task; TOML format: | ||
|
Description
Luke Kenneth Casson Leighton
2020-05-13 13:57:37 BST
The entropy source they currently have is a placeholder LFSR source, which is well known to be insecure. If we can get away with using a few op-amps, I quite like the infinite noise HW entropy source: https://github.com/waywardgeek/infnoise See also: https://github.com/alwynallan/redoubler I've built a similar circuit on a breadboard before and it works quite well, though didn't test the entropy quality since I didn't connect it to a computer. It has the nice features of not being finicky (unlike quite a lot of other entropy sources) as well as not breaking down when there is a lot of environmental noise (perhaps from an attacker). interesting, i think my friend phil has used something like this, for a better source than /dev/random, for GPG and VPN usage. i've designed cryptographic algorithms so know how to test them to make sure they're indistinguishable from white noise (dieharder, CSRC's STS) |