[Cryptography] ORWL - The First Open Source, Physically Secure Computer

grarpamp grarpamp at gmail.com
Fri Sep 2 18:06:07 EDT 2016

On Tue, Aug 30, 2016 at 12:49 AM, Randy Bush <randy at psg.com> wrote:
> there are a fair number of scary papers about fpga trojans.  it is very
> hard to verify fabbed silicon, driving folk to desperate techniques such
> as multi-fab comparison etc.

Meaningfully / reliably / repeatably decapping small micron process,
paying for multi-fab runs,  or attempting to exhaustively pattern test
billions of gates via i/o pins let alone the hidden supervisor you can't
test, seems a bit pointless.

Which is why you openfab and infuse your open audit, verification,
public access, "no secrets" policies, throughout the entire process...
design, supply, tooling, manufacture, n-man staffing, packaging, etc.

All fabs and product today are effectively secret.
That's beyond stupid. Especially for things you "rely on".
Fix that.

More information about the cryptography mailing list