Home GnuPG
Calendar September 2017 Mon 18th E205

Weekly Standup
ActivePublic
Actions

Hosted by wk on Sep 18 2017, 10:00 AM - 11:00 AM.

Recurring Event
Next
Previous

Event Series
This event repeats every week.

Details

Invitees
aheinecke
werner
gniibe

Event Timeline

gniibe is attending this event.Sep 15 2017, 8:57 AM
gniibe added a subscriber: gniibe.Sep 15 2017, 10:24 AM
  • Considering next, ed25519/cv25519 only Gnuk and new board design
    • Reasons
      • STM32F103 is getting older (since 2007)
      • Dependency to ARM would not be good
      • For current implementation, the execution is not 100% constant-time. Or it is difficult to keep it, because:
        • Pipeline of Cortex-M3 is not that simple
          • e.g., multiply 32x32 may execute less cycles if operand higher bits are zero
        • Flash ROM access has prefetch buffer (although some specific chip, like Fujitsu's Cortex-M3 has no-wait feature)
  • Candidate
    • PIC32MM running at 25MHz
    • no wait for flash access
    • No branch predictor (as Cortex-M3 doesn't have)
    • MADDU operation is supported
    • 5-stage pipe line, simpler
  • PIC32MM uses MIPS microAptiv core
    • In general, considering RSA, MIPS is difficult architecture for bignum implementation (no carry flag)
    • But, for the field 2^255-19 computation, we can adopt 10-limb representation, which avoids carry propagation
    • Apparently, the chip is not intended to be used for secure token (thus, risk would be lower)
  • 0.3 sec could be achievable? 0.5 sec can be done
marcus uninvited: neal.Sep 15 2017, 10:56 AM
marcus changed the host of this event from marcus to wk.Sep 15 2017, 11:07 AM
marcus uninvited: kai, justus, marcus.Sep 15 2017, 11:15 AM
aa added a subscriber: aa.Sep 15 2017, 3:50 PM