Hi ! I just want to share my enthusiasm for this kind of security stuff.
Recently I wrote a short post about the recent security issue on the Intel platform where I was saying that we need a co-processor with its own storage/memory using a security protocol has implemented in a Hardware Wallet like the Trezor.
This guy, Denys Fedoryshchenko managed to build a small firmware implementing such kind of a protocol on a super cheap STM32 (2$ a piece + 3$ for the ST-Link V2 programmer). The difficulty is to have enough flash to store your keys and a very small firmware. The keys are stored in encrypted form using AES256 (the best is to have the 128KB Flash version if you need to store several keys)
There is another firmware that exists but it is bigger and the keys are encrypted with a slightly less secure algorithm: https://www.fsij.org/doc-gnuk/intro.html#what-s-gnuk
This is this project that inspired Denys to build his own.
Check out his github repository, there is some activity around: https://github.com/nuclearcat/cedarkey
It has dependencies to :
- ARM MBED, MBED TLS https://tls.mbed.org/ (Available as Apache or GPL2 license, I just found it funny :))
- libopencm3 (LGPLv3)
- SCRYPT
This is really a pretty nice stuff implemented on those STM32, I am really eager to see how it is going to be used and what feature he is going to add. If they add a lot more flash, it will be probably possible to implement a FIDO style protocol.
It would be nice if this works on arduino too.
I think it was simpler to build it with MBED due to the TLS/SSL part.
You just received a 66.67% upvote from @honestbot, courtesy of @boucaron!
You got a 3.90% upvote from @upmyvote courtesy of @boucaron!
If you believe this post is spam or abuse, please report it to our Discord #abuse channel.
If you want to support our Curation Digest or our Spam & Abuse prevention efforts, please vote @themarkymark as witness.