Open Fabs
The Doctor
drwho at virtadpt.net
Wed Jul 29 11:33:29 PDT 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 07/29/2015 11:07 AM, Riad S. Wahby wrote:
> But that just gives away the bitstream describing the FPGA
> configuration (say, a trusted CPU). Is the CPU's *design* a secret?
> If
Gate matrices can be reversed (as mentioned earlier).
> not, I don't see why it matters that an evil cleaner might read out
> the FPGA's configuration. (Obviously, don't store secret keys in
> there!)
I thought the point being made in the conversation was (and correct me
if I'm wrong) that one could dump an arbitrary FPGA's contents to do a
security audit on them.
Not to say that you're wrong, you make a good point, but it's taking
the discussion in a different direction.
> If we really are worried about keeping the CPU's design a secret,
> it's
We were talking about open CPU designs, so why keep them a secret?
> possible with many FPGAs to encrypt the configuration bitstream
> such that the configuration is decrypted onboard the FPGA at
> power-on. This
Yeah. It's pretty cool, isn't it?
> is intended to handle the case where I want to sell a product that
> uses an FPGA without revealing the contents of that FPGA's
> configuration to my customers or competitors.
That's a few degrees off-center from where the discussion was going,
but go ahead. We'll fork() as necessary.
> Cue the OTP / epoxy / physical security arms race, I guess.
Or the electromechanical processing rigs that a few people have been
bringing up over beer lately. Cool idea, but I strongly doubt that
they'll scale, or even keep up with the watch on my wrist.
- --
The Doctor [412/724/301/703/415] [ZS]
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
"The world is not a match for you and me/No matter what we used to
say!" --InSoc
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVuRx0AAoJED1np1pUQ8Rk8m8QAJD2YA1F5oizOt+C3HiCEAfS
zTyPRdlEDb9Dvw1nzZghZklgb2uqeToDIRIOV5SG9R0tYSkct1w4cRSlG89EpDX/
trPDOyimQpMCv0mwASVCh9mGIobcoQYNVBJ+DB070VHjg+YEk+/2FYr1wNBFgTch
fIXqzANNmVwwCt0PABs6J9MOmyYGBj+zddLMTIMQmOZv/tAbfLnb8yrqx6i59BUI
6dX0AILoXGbx5ssyxtOdy0bKdGnj7Qxp2MvhrNqbXb4vhKRnWyVt548CASx0EcMl
fNwnyMsLCn38coatFhvi2TeyjM8Wm+v73pLlW7nBWvViOugvDlY4SB2MTCVh1A7v
0K2aVnxG+UGmQ/yQNZGSbgXT/hbzkeBBrSHjtYf5KBugdAgVhb1jkwILZjwancsm
Xo3KgYJOgVqYWQiLnzYsQWp8sNMwUS8xjneHZm/bWxmcPmcNBzEsR13brp58FB+E
FU2euIxRGOIDJQ9HnUy0NXFFQr0DlYcHquyvWeS6dBnhD/BZ0sVGhSwapslUwCH8
5F97AQ5/u8hdGXD5bGggxQmCVmcrgUsV6LhRUB+8EKjCgUUOY8PBcnWxAwfNeVFj
7oQuPEU3Gz1Xx/zg6hiMFICc4nTtnwoQA263aUO7P4xHp9mRYfXZisJ6s97WAQRX
za1DvxZXZxbB4QVoOEdm
=LiVz
-----END PGP SIGNATURE-----
More information about the cypherpunks
mailing list