Board designs, FPGA verilog, firmware for TKey, the flexible and open USB security key
Go to file
Michael Cardell Widerkrantz 6d08a82c05
Pass the blake2s_ctx to blake2s() as arg
Instead of allocating the blake2s_ctx in the blake2s() function we
pass it as a pointer as an argument to be able to better control where
the variable is in memory.
2022-10-18 14:51:26 +02:00
contrib Add deps for building qemu 2022-09-29 15:24:21 +02:00
doc Restore start and stop bits, but clarify in documenation 2022-10-13 16:10:08 +02:00
hw Pass the blake2s_ctx to blake2s() as arg 2022-10-18 14:51:26 +02:00
LICENSES Make initial public release 2022-09-19 08:51:11 +02:00
.editorconfig Help our editors fight less 2022-09-21 14:47:24 +02:00
.gitattributes Make initial public release 2022-09-19 08:51:11 +02:00
.gitignore Make initial public release 2022-09-19 08:51:11 +02:00
README.md Add link to SW page to the list of documents 2022-10-12 10:14:07 +02:00

Tillitis Key 1

Introduction

Tillitis Key 1 is a new kind of USB security token. All of its software, FPGA logic, schematics, and PCB layout are open source, as all security software and hardware should be. This in itself makes it different, as other security tokens utilize closed source hardware for its security-critical operations.

What makes the Tillitis Key 1 security token unique is that it doesnt verify applications, it measures them (hashes a digest over the binary), before running them on its open hardware security processor.

Each security token contains a Unique Device Secret (UDS), which together with an application measurement, and an optional user-provided seed, is used to derive key material unique to each application. This allows users to build and load their own apps, while ensuring that each app loaded will have its own cryptographic identity. The design is similar to TCG DICE. The Tillitis Key 1 platform has 128 KB of RAM. The current firmware design allows for applications up to 64 KB with a 64 KB stack.

Tillitis Key 1 PCB, first implementation Tillitis Key 1 PCB, first implementation

Documentation

Note that development is ongoing. For example, changes might be made to the measuring and derivation of key material, causing the public/private keys of a signer app to change. To avoid unexpected changes, please use a tagged release. Read the Release Notes to keep up to date with changes and new releases.

Applications and host programs that communicate with the apps are kept in this repository: https://github.com/tillitis/tillitis-key1-apps

About this repository

This repository contains hardware, software and utilities written as part of the Tillitis Key 1 project. It is structured as monolithic repository, or "monorepo", where all components live in one repository.

The repository follows the OpenTitan layout.

Licensing

See LICENSES for more information about the projects' licenses.