In August of last year I wrote in a blog about the importance of cryptech to wide-scale trust in the Internet.
For those who don’t know about it, http://cryptech.is is a project aiming to design and deploy an openly developed, trustable Hardware Security Module (HSM) which can act both as a keystore (holding your secrets and keeping them private) and as a signing engine.
Unfortunately, the Project is underfunded. At the time of writing it has enough headroom for the next few months, but development could slow to a crawl if it cannot secure more backing. Cryptech operates on a model that caps funding to $100,000 per year maximum per donation, to ensure there is no capture by a single entity. Larger sums can be donated through ISOC which can act as a clearing house.
So, it’s time for us all to tighten the belts, reach into the pockets, and pony up some funds to keep this project going.
Where Cryptech is at
Recently, the project completed its first phase of design and has now got initial units built around the novena board. This is a general purpose (Linux friendly) hackable board which includes an FPGA, and therefore can be targeted by the Verilog/VHDL of the cryptech design. The group has also designed a board to act as a source of ‘noise’, which is used to seed the random number generators (strong cryptography depends in many cases on a source of trustable random information to seed key generation and for other purposes such as one-time pads).
The noise sources have been tested, with large amounts of data produced and run through well understood external tests of randomness, and passed the review.
This initial design doesn’t have things a real HSM must have: ‘potting’ of parts of the system to ensure they cannot be measured externally to derive information about the keys, and intrusion detection, which can be used to securely wipe secret keys if somebody attempts to subvert the hardware and read them off the system. Even without these, the units are capable of acting as a keystore, and signing engine, and can be tested against mainstream crypto packages like OpenSSL (which has a PKCS11 module and can ‘talk’ to an HSM in a standards defined manner).
The final device will be using USB to communicate with the outside world. Given recent news about the risks of USB, the design terminates the USB communications in a small single-purpose chip which then provides standard serial I/O signals to the main system: there is no direct USB connection to the outside world, and you cannot ‘take control’ of the cryptech device via a USB hack on the hardware.
The ‘alpha’ stage boards are in late stage development, due this summer. Board designs are being discussed and layout finalized.
If you cannot help with funding, Cryptech welcomes assistance with documentation, promotion and you can show support (like me) by getting the word out to the wider community, and ensuring people realize how important a community led independent HSM is going to be to the long-term trust of the Internet.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.