[Cryptography] open hardware as a defence against state-level attacks
grarpamp at gmail.com
Mon Jan 12 15:04:23 EST 2015
On Mon, Jan 12, 2015 at 5:46 AM, ianG <iang at iang.org> wrote:
> mathematics. We’ve also built an open-source processor with security
> features designed to protect both the Tor relay and slow market
> applications. This is achieved by separating those processes from the host
> operating system with hardware-anchored cryptographic isolation. The system
> on chip is based on an OpenSPARC T1 by Sun Microsystems with substantial
> enhancements to the hypervisor and two cryptographic co-processors. That
> will be released in about a month and the designs for the development board
> and the logic of the system on chip will be of course open source.
> On 12/01/2015 05:49 am, grarpamp wrote:
>> Sorry, but unless your own trusted third party observers are following
>> "open" hardware at every step from design to microcode to lithography
>> fab through to binary exhaustive test vectors... you are subject to
>> compromise at any step along the way. Please stop claiming otherwise.
> Seems like you are letting the perfect be the enemy of the good. Defence in
> depth. Defence against fierce & persistent attacks is not about defeating
> the enemy totally & utterly but about raising the cost of the easy attacks
> to just above the cost of the next easy attack. Rinse & repeat.
Yes, incremental helps. Yet let me open another related line of thinking...
Where are the open fabs for makers instead of submitting open
designs to closed fabs? It's 2015, crowdfunding, open source,
non-profits, and public monitoring are done.
We're not talking TSMC scale tech here, but a basic backyard shed
capability to print useable, useful, marketable silicon. ie: Print off
some USB RNG's, radios, DACs/ADCs, even 74 series and discretes,
Then with that open initial platform, start taking commercial
production contracts (even private runs) to pay for growing the
open fab. Even including openly replicating yourself. What is the
minimum capital and endowment needed to gear up to put 1k, 100k,
500k, 1M, 100M, 1B gates that someone, including makers, would
buy down on silicon?
More information about the cryptography