-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 07/29/2015 11:07 AM, Riad S. Wahby wrote:
But that just gives away the bitstream describing the FPGA configuration (say, a trusted CPU). Is the CPU's *design* a secret? If
Gate matrices can be reversed (as mentioned earlier).
not, I don't see why it matters that an evil cleaner might read out the FPGA's configuration. (Obviously, don't store secret keys in there!)
I thought the point being made in the conversation was (and correct me if I'm wrong) that one could dump an arbitrary FPGA's contents to do a security audit on them. Not to say that you're wrong, you make a good point, but it's taking the discussion in a different direction.
If we really are worried about keeping the CPU's design a secret, it's
We were talking about open CPU designs, so why keep them a secret?
possible with many FPGAs to encrypt the configuration bitstream such that the configuration is decrypted onboard the FPGA at power-on. This
Yeah. It's pretty cool, isn't it?
is intended to handle the case where I want to sell a product that uses an FPGA without revealing the contents of that FPGA's configuration to my customers or competitors.
That's a few degrees off-center from where the discussion was going, but go ahead. We'll fork() as necessary.
Cue the OTP / epoxy / physical security arms race, I guess.
Or the electromechanical processing rigs that a few people have been bringing up over beer lately. Cool idea, but I strongly doubt that they'll scale, or even keep up with the watch on my wrist. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "The world is not a match for you and me/No matter what we used to say!" --InSoc -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVuRx0AAoJED1np1pUQ8Rk8m8QAJD2YA1F5oizOt+C3HiCEAfS zTyPRdlEDb9Dvw1nzZghZklgb2uqeToDIRIOV5SG9R0tYSkct1w4cRSlG89EpDX/ trPDOyimQpMCv0mwASVCh9mGIobcoQYNVBJ+DB070VHjg+YEk+/2FYr1wNBFgTch fIXqzANNmVwwCt0PABs6J9MOmyYGBj+zddLMTIMQmOZv/tAbfLnb8yrqx6i59BUI 6dX0AILoXGbx5ssyxtOdy0bKdGnj7Qxp2MvhrNqbXb4vhKRnWyVt548CASx0EcMl fNwnyMsLCn38coatFhvi2TeyjM8Wm+v73pLlW7nBWvViOugvDlY4SB2MTCVh1A7v 0K2aVnxG+UGmQ/yQNZGSbgXT/hbzkeBBrSHjtYf5KBugdAgVhb1jkwILZjwancsm Xo3KgYJOgVqYWQiLnzYsQWp8sNMwUS8xjneHZm/bWxmcPmcNBzEsR13brp58FB+E FU2euIxRGOIDJQ9HnUy0NXFFQr0DlYcHquyvWeS6dBnhD/BZ0sVGhSwapslUwCH8 5F97AQ5/u8hdGXD5bGggxQmCVmcrgUsV6LhRUB+8EKjCgUUOY8PBcnWxAwfNeVFj 7oQuPEU3Gz1Xx/zg6hiMFICc4nTtnwoQA263aUO7P4xHp9mRYfXZisJ6s97WAQRX za1DvxZXZxbB4QVoOEdm =LiVz -----END PGP SIGNATURE-----