Oct 07 2021 Trac Wiki converted to Pelican Markdown

The Trac Wiki that used to hold this site has been converted to a wiki-like setup using git, Markdown, Pelican, and m.css.

• git repository behind this Wiki.
• Pelican documentation.
• m.css documentation.

The git repository is configured to generate the web content from the Markdown automatically upon receiving a …

Sep 17 2018 External Projects

External projects using CrypTech technology.

• TorHSM

May 12 2017 Upgrading the Cryptech Alpha HSM

This page explains how to upgrade the Cryptech Alpha firmware, bootloader, and FPGA bitstream (as needed).

All of the operations here use the Alpha's "management" (MGMT) port, so that cable must be connected to your Linux or OSX host machine.

Upgrading from the stock firmware (Berlin workshop or CrowdSupply)

The …

Dec 15 2016 An Open Crypto Chip

The Layer Cake Architecture Picture

Use Cases

• RPKI/DNSSEC Signing
• Transport VPNs
• Routers and TCP/AO
• Email
• Federations, Identity Systems, SSO etc
• Password Stretching & HMAC:ing
• PGP and SSH Keys on a Stick
• High Quality Entropy Randomness
• A Communications Terminal Doing One Thing Well, Like Jabber w/o X11
• HSM …

Dec 15 2016 Comparison of On-Chip Bus Standards

Introduction

This document contains a brief summary of different on-chip bus standards. The standards are described and compared based on license and availability, technical specifications and general usage.

The purpose of the document is to provide a basis for selecting the primary bus standard for the Cryptech Open HSM project …

Dec 15 2016 CrypTech Workshop, Praha, 18 July 2015

Logistics

• Hilton Hotel, the IETF venue
• Amsterdam Room (this is a change)
• 09:00 - 17:00

Introductions

• The CrypTech Team
• Others Who Have Contributed
• Other Folk at the Meeting

Workshop Goals

• Get an understanding of the project status and roadmap
• Discus your requirements and expectations with the team
• Get hands-on …

Dec 15 2016 Development of a Cryptech ASIC Implementation

Introduction

The aim of the Cryptech project is to develop an open, free, and auditable HSM. The Cryptech HSM includes both SW and HW parts. In at least the first iteration of the Cryptech HSM, the HW parts are implemented using FPGA devices. However, the ability to implement the HW …

Dec 15 2016 DNSSEC/Requirements

DNSSEC Requirements

Questions

• Should we even support SHA-1?
• GOST?

Must implement

Target DNSSEC Algorithms:

• RSA/SHA-256 (RFC 5702)
• RSA/SHA-512 (RFC 5702)

Algorithms:

• Hash: SHA-256
• Hash: SHA-512
• Sign: RSA

Required PKCS11 Mechs:

• CKM_RSA_PKCS_KEY_PAIR_GEN
• CKM_SHA256_RSA_PKCS
• CKM_SHA512_RSA_PKCS
• CKM_RSA_PKCS (possible cross-check hash with CKM_SHA256 and CKM_SHA512 before signing)
• CKM_SHA256
• CKM_SHA512

Should implement

Target …

Dec 15 2016 Getting Started on the Novena

The Novena Board

Novena is an open hardware and F/OSS-friendly computing platform. It is a small single-board Linux PC, with a Freescale i.MX6 (ARM Cortex-A9) CPU and a Xilinx Spartan-6 LX45 FPGA.

It is available in limited quantities through crowd supply.

Setting up the Novena

The Novena PVT-2 …

Dec 15 2016 How to start using coretest_hashes on the Novena PVT1

This is a writeup on how to setup, build and testrun the coretest_hashes Cryptech subsystem on a Novena PVT1 development board.

Getting started with Novena

Novena is an open hardware and F/OSS-friendly computing platform.

It is a small single-board Linux PC, which happens to include a Xilinx Spartan-6 FPGA …