Bug 309 - investigate OpenTITAN
Summary: investigate OpenTITAN
Alias: None
Product: Libre-SOC's first SoC
Classification: Unclassified
Component: Source Code (show other bugs)
Version: unspecified
Hardware: PC Linux
: --- enhancement
Assignee: Luke Kenneth Casson Leighton
Depends on:
Reported: 2020-05-13 13:57 BST by Luke Kenneth Casson Leighton
Modified: 2020-05-13 18:27 BST (History)
2 users (show)

See Also:
NLnet milestone: ---
total budget (EUR) for completion of task and all subtasks: 0
budget (EUR) for this task, excluding subtasks' budget: 0
parent task for budget allocation:
child tasks for budget allocation:
The table of payments (in EUR) for this task; TOML format:


Note You need to log in before you can comment on or make changes to this bug.
Description Luke Kenneth Casson Leighton 2020-05-13 13:57:37 BST
Comment 1 Jacob Lifshay 2020-05-13 17:21:23 BST
The entropy source they currently have is a placeholder LFSR source, which is well known to be insecure.
Comment 2 Jacob Lifshay 2020-05-13 17:44:23 BST
If we can get away with using a few op-amps, I quite like the infinite noise HW entropy source:

See also:

I've built a similar circuit on a breadboard before and it works quite well, though didn't test the entropy quality since I didn't connect it to a computer.

It has the nice features of not being finicky (unlike quite a lot of other entropy sources) as well as not breaking down when there is a lot of environmental noise (perhaps from an attacker).
Comment 3 Luke Kenneth Casson Leighton 2020-05-13 18:27:26 BST
interesting, i think my friend phil has used something like this, for a better
source than /dev/random, for GPG and VPN usage.  i've designed cryptographic
algorithms so know how to test them to make sure they're indistinguishable
from white noise (dieharder, CSRC's STS)