search

tillitis / tillitis-key1

Board designs, FPGA verilog, firmware for TKey, the flexible and open USB security key 🔑
https://www.tillitis.se
382 stars 24 forks source link

fw: Add randomness to memory #162

Closed mchack-work closed 3 weeks ago

mchack-work commented 4 months ago

At start the firmware first does a complete wipe of the memory in the crt0.S in assembly, then in scramble_ram() it turns on the RAM address and memory scrambling so an outside observer has to do more work to get at the content. Then it also fills the entire memory with data. The data is derived by (once) generating a random word, that is incremented for each word with another (once) generated word.

It would probably be better to randomize the entire RAM content. However, the TRNG is slow, so we need some other way of doing this. Perhaps by using our blake2s() and hashing over something like something from the TRNG and something, like the address?

secworks commented 2 months ago

PR https://github.com/tillitis/tillitis-key1/pull/201 adds randomness.