[Cryptography] ORWL - The First Open Source, Physically Secure Computer
Ben Laurie
ben at links.org
Mon Aug 29 18:01:28 EDT 2016
On 29 August 2016 at 22:42, Perry E. Metzger <perry at piermont.com> wrote:
> On Mon, 29 Aug 2016 21:49:21 +0100 Ben Laurie <ben at links.org> wrote:
>> > I wonder if one could build a low-performance, high-cost but
>> > secure processor from an FPGA? It would seem on the surface to
>> > be more difficult to embed an exploit in an un-programmed FPGA,
>> > especially if it had a very regular structure.
>>
>> Yes.
>>
>> https://www.cl.cam.ac.uk/research/security/ctsrd/beri/ +
>> https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/
>
> Of course, BERI and CHERI are secure in a distinct sense -- they are
> implementations of a capability architecture on top of the more
> ordinary MIPS instruction set. They are not, however, formally
> verified designs, and in that sense, are no more or less likely to
> have bugs or back doors than any other soft core design.
I will agree that they are not _yet_ formally verified. However, that
work is under way.
> However, taking it as an entirely distinct topic from being able to
> trust that one's hardware isn't malicious, I will note that the
> BERI/CHERI design is a very interesting one, and I'm hoping this
> research helps capability architectures make a comeback.
I think it is already clear that the tide is turning.
More information about the cryptography
mailing list