Rubens Kuhl <[email protected]> wrote: > On Oct 17, 2012, at 2:14 PM, Tony Finch <[email protected]> wrote: > > > > One interesting possibility might be to wire the keys into the FPGA > > configuration, so it has to be re-flashed to change keys. > > That would require partially reconfigurable FPGA in order not to disrupt > operations, so then 2x cells, but both are achievable nowadays.
If you are being paranoid then reflashing should happen offline so that the key material is never available to the host software, even if it is obfuscated into an FPGA configuration. Tony. -- f.anthony.n.finch <[email protected]> http://dotat.at/ Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first. Rough, becoming slight or moderate. Showers, rain at first. Moderate or good, occasionally poor at first. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
