Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

SC4 Hardware Security Module
SECURITY SHELF

SC4 Hardware Security Module 

Garret is designing simple and effective software. “PGP contains 200,000 lines of code and includes a lot of algorithms and options people don’t need,” he explained. His software, SC4, is implemented in 3000 lines of javascript, including a port of the public-domain TweetNaCl cryptographic library. Garret said he “ruthlessly eliminated everything that wasn’t strictly necessary,” resulting in smaller and more auditable software. He also made it freely available on Github.

Garret demonstrated fast, easy-to-use secure email and instant messaging based on SC4. He was refreshingly direct about the alpha status of the software and underlying design assumptions; the security of the system relies on being able to trust the javascript downloaded from his server, and if the user’s browser or underlying operating system is compromised all bets are off. When first executed, SC4 creates key pairs and stores them in the browser’s local storage, where they potentially could be compromised. But being able to simply visit a URL, have keys automatically created, and then engage in an instant messaging session with end-to-end encryption on top of TLS clearly demonstrates the possibilities.

His experience developing SC4, and his understanding of how easily PCs can be compromised, motivated Garret to develop an open source USB Hardware Security Module (HSM). SC4-HSM is designed to defend against a compromised client machine. According to the company’s web site, “It generates and stores cryptographic keys using an on-board hardware random number generator, and it uses those keys to perform cryptographic operations, mainly generating secure digital signatures. The keys are stored in such a way that they cannot be extracted from the device even by someone who has physical possession.”

According to Garret, “before the unit performs a cryptographic operation it can display information and wait for the user to confirm the operation by pushing one of the user input buttons. Because these operations are entirely under the control of the device firmware, they cannot be directly attacked from the host machine.” The screen also makes it possible for short, secure messages to be displayed directly on the SC4-HSM instead of exposing the message to a potentially compromised PC.

The SC4-HSM is based on the STM32F415 32-bit ARM processor. Garret chose the processor because it is designed to protect the firmware in embedded devices. A bit can be set that prevents the firmware from being read. Other specifications include 1MB of flash, 128kB of RAM, an integrated 128×32 pixel monochrome OLED display, hardware random number generator, tri-colour LED, and two push-buttons.

Prototype firmware for the device is written in C and is also available on Github. It includes the TweetNaCl core and performs key generation, storage, Elliptic Curve Diffie Hellman (ECDH) key exchange, and digital signing.

Garret explained that, compared to high-end HSMs, the SC4-HSM is slower (taking approximately one second to complete a cryptographic function) and doesn’t include a self-destruct mechanism. It also costs a fraction of the price. He hasn’t ruled out pursuing FIPS or Common Criteria certification in the future, but at this point Garret is focused on keeping production costs low.

Twenty prototypes have been sold, and Spark Innovations is working on a first production run. Garret expects the SC4-HSM to retail for between $50 and $100, and is cautiously optimistic that the first batch will be available in September.

SC4-HSM is open and anyone can therefore write their own firmware. So far, demand for the product has been primarily from the hobbyist market, but at this price point SC4-HSM may very well find its way into commercial applications.

Have a security question you’d like answered in a future column? Email eric.jacksch@iticonline.ca

 

Related posts