Bernd Paysan <be...@net2o.de> writes: >It is highly unlikely that you can continue to operate when your in-FPGA >jitter-based entropy source fails.
You can do that, that's what the Capstone design (and stuff I've worked on) allows for. Even if the noise source fails, or goes into a still-operational- but-faulty mode, the various backups ensure that you're still getting usable random data. >How could that happen? Environmental conditions is the most obvious answer, either natural or attacker-caused. >But in any such failure mode, don't continue to operate without alarm. This assumes that the device is running with a human operator standing by, and that they can do something to remedy the fault, e.g. swap in a second HSM that doesn't have the problem. Often one or both of these are not possible. Peter. _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
