mirror of
https://github.com/tillitis/tillitis-key1.git
synced 2025-01-17 02:17:14 -05:00
Change TK1 to TKey and improve wording
Signed-off-by: Joachim Strömbergson <joachim@assured.se>
This commit is contained in:
parent
292ae28669
commit
d59638094b
31
README.md
31
README.md
@ -2,10 +2,10 @@
|
|||||||
|
|
||||||
## Introduction
|
## Introduction
|
||||||
|
|
||||||
Tillitis Key 1 (TK1) is a new kind of USB security token. What makes
|
Tillitis Key (TKey) is a new kind of USB security token. What makes
|
||||||
the TK1 unique is that it allows a user to load and run applications on
|
the TKey unique is that it allows a user to load and run applications on
|
||||||
the device, while still providing security. This allow for open-ended,
|
the device, while still providing security. This allow for open-ended,
|
||||||
flexible usage. Given the right application, the TK1 can support use
|
flexible usage. Given the right application, the TKey can support use
|
||||||
cases such as SSH login, Ed25519 signing, Root of Trust, FIDO2, TOTP,
|
cases such as SSH login, Ed25519 signing, Root of Trust, FIDO2, TOTP,
|
||||||
Passkey, and more.
|
Passkey, and more.
|
||||||
|
|
||||||
@ -14,7 +14,7 @@ During the load operation, the device measures the application
|
|||||||
it on the open hardware security processor. This measurement
|
it on the open hardware security processor. This measurement
|
||||||
is similar to [TCG DICE](https://trustedcomputinggroup.org/work-groups/dice-architectures/).
|
is similar to [TCG DICE](https://trustedcomputinggroup.org/work-groups/dice-architectures/).
|
||||||
|
|
||||||
Each TK1 device contains a Unique Device Secret (UDS), which
|
Each Tkey device contains a Unique Device Secret (UDS), which
|
||||||
together with the application measurement, and an optional
|
together with the application measurement, and an optional
|
||||||
user-provided seed, is used to derive key material unique to each
|
user-provided seed, is used to derive key material unique to each
|
||||||
application. This guarantees that if the integrity of the application
|
application. This guarantees that if the integrity of the application
|
||||||
@ -26,23 +26,25 @@ load their own apps, while ensuring that each app loaded will have
|
|||||||
its own cryptographic identity, and can also be used for authentication
|
its own cryptographic identity, and can also be used for authentication
|
||||||
towards different services.
|
towards different services.
|
||||||
|
|
||||||
The TK1 platform is based around a 32-bit RISC-V processor and has
|
The Tkey platform is based around a 32-bit RISC-V processor and has
|
||||||
128 KB of RAM. The current firmware is designed to load an app that is
|
128 KB of RAM. The current firmware is designed to load an app that is
|
||||||
up to 100 KB in size, and gives it a stack of 28 KB. A smaller app may
|
up to 100 KB in size, and gives it a stack of 28 KB. A smaller app may
|
||||||
move itself in memory to get larger continuous memory.
|
move itself in memory to get larger continuous memory.
|
||||||
|
|
||||||
All of the TK1 software, FPGA logic, schematics, and PCB layout are
|
All of the Tkey software, firmware, FPGA Verilog source code, schematics
|
||||||
open source. Like all security software and hardware should be. This in
|
and PCB design files are open source. Like all trustworthy security software
|
||||||
itself makes it different, as other security tokens utilize closed source
|
and hardware should be. This in itself makes it different, as other
|
||||||
hardware for its security-critical operations.
|
security tokens utilize at least some closed source hardware for its
|
||||||
|
security-critical operations.
|
||||||
|
|
||||||
![Tillitis Key 1 PCB, first implementation](doc/images/mta1-usb-v1.jpg)
|
![Tillitis Key 1 PCB, first implementation](doc/images/mta1-usb-v1.jpg)
|
||||||
*Tillitis Key 1 PCB, first implementation*
|
*The TK1 PCB, the first implementation of the TKey.*
|
||||||
|
|
||||||
|
|
||||||
## Documentation
|
## Documentation
|
||||||
|
|
||||||
### Getting started
|
### Getting started
|
||||||
* [Quickstart](doc/quickstart.md) to program the Tillitis Key 1
|
* [Quickstart](doc/quickstart.md) to program the TKey
|
||||||
* [Toolchain setup](doc/toolchain_setup.md)
|
* [Toolchain setup](doc/toolchain_setup.md)
|
||||||
* [Release Notes](doc/release_notes.md)
|
* [Release Notes](doc/release_notes.md)
|
||||||
|
|
||||||
@ -64,12 +66,13 @@ releases.
|
|||||||
Applications and host programs that communicate with the apps are kept
|
Applications and host programs that communicate with the apps are kept
|
||||||
in this repository: https://github.com/tillitis/tillitis-key1-apps
|
in this repository: https://github.com/tillitis/tillitis-key1-apps
|
||||||
|
|
||||||
|
|
||||||
## About this repository
|
## About this repository
|
||||||
|
|
||||||
This repository contains hardware, software and utilities written as
|
This repository contains hardware, software and utilities written as
|
||||||
part of the Tillitis Key 1 project. It is structured as monolithic
|
part of the TKey. It is structured as monolithic repository, or
|
||||||
repository, or "monorepo", where all components live in one
|
"monorepo", where all components live in one repository.
|
||||||
repository.
|
|
||||||
|
|
||||||
## Licensing
|
## Licensing
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user