Git-Mirrors/tillitis-key
1
0
Fork 0
mirror of https://github.com/tillitis/tillitis-key1.git synced 2024-10-01 01:45:38 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix nits

Browse Source
This commit is contained in:
Daniel Lublin 2022-11-21 15:49:19 +01:00
parent acb9c37ee7
commit 888a9d4cc3
No known key found for this signature in database
GPG Key ID: 75BD0FEB8D3E7830
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -4,13 +4,13 @@
Tillitis Key 1 (TK1) is a new kind of USB security token. What makes Tillitis Key 1 (TK1) is a new kind of USB security token. What makes
the TK1 unique is that it allows a user to load and run applications on the TK1 unique is that it allows a user to load and run applications on
the device, while still providing security. This allow for open ended, the device, while still providing security. This allow for open-ended,
flexible usage. Given the right application, the TK1 can support use flexible usage. Given the right application, the TK1 can support use
cases such as SSH login, Ed25519 signing, Root of Trust, FIDO2, TOTP, cases such as SSH login, Ed25519 signing, Root of Trust, FIDO2, TOTP,
Passkey and more. Passkey, and more.
During the load operation, the device measures the application During the load operation, the device measures the application
(calculates a cryptographic hash digest over the) before running (calculates a cryptographic hash digest over it) before running
it on the open hardware security processor. This measurement it on the open hardware security processor. This measurement
is similar to [TCG DICE](https://trustedcomputinggroup.org/work-groups/dice-architectures/). is similar to [TCG DICE](https://trustedcomputinggroup.org/work-groups/dice-architectures/).
@ -21,7 +21,7 @@ application. This guarantees that if the integrity of the application
loaded onto the device has been tampered with, the correct keys loaded onto the device has been tampered with, the correct keys
needed for an authentication will not be generated. needed for an authentication will not be generated.
The key derivation with user provided seed allows users to build and Key derivation with a user-provided seed allows users to build and
load their own apps, while ensuring that each app loaded will have load their own apps, while ensuring that each app loaded will have
its own cryptographic identity, and can also be used for authentication its own cryptographic identity, and can also be used for authentication
towards different services. towards different services.
@ -32,7 +32,7 @@ up to 100 KB in size, and gives it a stack of 28 KB. A smaller app may
move itself in memory to get larger continuous memory. move itself in memory to get larger continuous memory.
All of the TK1 software, FPGA logic, schematics, and PCB layout are All of the TK1 software, FPGA logic, schematics, and PCB layout are
open source, as all security software and hardware should be. This in open source. Like all security software and hardware should be. This in
itself makes it different, as other security tokens utilize closed source itself makes it different, as other security tokens utilize closed source
hardware for its security-critical operations. hardware for its security-critical operations.