10. Unique identification and randomness source #25
Comments
BeataZdunczyk
added this to the TwPM: Open hardware implementation of Trusted Platform Module milestone
|
Due to problems with implementation unique identification, we have to postpone the point Most of information from the attempt is described here, but I'm going to summarize what we tried and what we might do in the future. We tried to implement PUF (Physically Uncloneable Function), details of PUF implementation are described in the link I provided above. Unfortunately, PUF turned out to be unstable, making it impossible to obtain unique ID. Future plans may involve locating the cause for PUF instability and fixing it, evaluating other PUF techniques, or evaluating other methods. One of methods discussed before was usage of the encrypted bitstream feature, so that unique ID could be hidden in the bitstream itself. However, this requires the bitstream encryption key to be programmed into OTP which is an irreversible operation. Open-source toolchain currently does not support OTP programming, so reliance on encrypted bitstream would require users to use Diamond and one of Diamond-supported JTAG probes. Lattice provides documentation which could be used to implement OTP programming, however doing that requires massive effort. If OTP becomes supported by Trellis, encrypted bitstream method could re-evaluated. |
Allow to set constant unique value through Kconfig, the value will be contained in binary and will be the same for all devices. This is intented as testing or for platform bringup, where unique data cannot be obtained through HWINFO or other interfaces. Enable this by default on OrangeCrab as we don't support generating per-platform unique-ID yet. See Dasharo/twpm-docs#25 (comment) for details.
|
Dasharo/zephyr#2 brings TRNG support. With TRNG we have proper entropy source and we no longer depend on cryptographically-unsafe PRNG. On Orangecrab TRNG is enabled by default. We also updated to latest Zephyr in Dasharo/zephyr#2, and fixed a long-standing bug - sysinfo driver which is used for detecting what peripherals are present, had wrong bitfield definitions (for a very old version of Neorv32). Dasharo/zephyr#2 adds code for dumping random data, which can be enabled using I collected 4 MiB of random data over two runs and as a simple test I used And both tests succedeed without failures. However, please note those were simple tests, we have not tested TRNG against temperature/voltage variations etc. I attach the data for further evaluation, if ever needed TRNG was tested on updated neorv32 from Dasharo/TwPM_toplevel#30, but with cache disabled by setting |
Each TPM has to be uniquely identifiable. This uniqueness is used e.g. to create primary seeds which are used to derive primary keys for various hierarchies. Random number generator is also included in this task - unique registers (with e.g. serial numbers) and RNG engines are usually specific to the given hardware. FPGA can also be used if any of those isn't available or doesn't have enough entropy on MCU.
Milestones:
The text was updated successfully, but these errors were encountered: