Open hardware cryptographic engine for the Novena laptop


#1

From the CrypTech website:
We are therefore embarking on development of an open hardware cryptographic engine that meets the needs of high assurance Internet infrastructure systems that rely on cryptography. The open hardware cryptographic engine will be of general use to the wider Internet community, covering needs such as secure email, web, DNS, PKIs, etc.

From the lastest update on the Novena laptop:
The CrypTech group has also been developing applications with the help of Novena. The CrypTech project is developing a BSD / CC BY-SA 3.0 licensed reference design and prototype examples of a Hardware Security Module. Their hope is to create a widely reviewed, designed-for-crypto device that anyone can compose for their application and easily build with their own trusted supply chain. They are using Novena to prototype elements of their design.

The expansion board highlighted above is a prototype noise source based on avalanche noise from the transistor that can be seen on the middle of the board. CrypTech uses that noise to generate entropy in the FPGA. The entropy is then combined with entropy generated by ring oscillators in the FPGA and mixed using e.g. SHA-512 to generate seeds. The seeds are then used to initialize the ChaCha stream cipher, ultimately resulting in a stream of cryptographically sound random values. The result is a high performance, state-of-the art random number generator coprocessor. This of course represents just a first draft; since the implementation is done in an FPGA, the CrypTech team will continue to evolve their methodology and experiment with alternative methods to generate a robust stream of random numbers.


#2

Secure, configurableā€¦a laptop only a geek could love :moneybag: