Recent revelations have called into question the integrity of some of the implementations of basic cryptographic functions and devices used to secure communications on the Internet. There are serious questions about algorithms and about implementations of those algorithms in software and particularly hardware. The goal of the CrypTech project is to provide some possible answers to those questions by developing an open-source hardware cryptographic engine that meets the needs of high assurance Internet infrastructure systems that use cryptography.
The algorithmic issues are in the domain of the heavy math cryptography folk; the implementation issues are the primary focus of the project. The open-source hardware cryptographic engine must be of general use to the broad Internet community, covering needs such as secure email, web, DNS, PKIs, etc.
The intent of the project is that the final open-source hardware cryptographic engine can be built by anyone from public hardware specifications and open-source firmware. Anyone can then operate it without fees of any kind.
We are actively seeking use cases for an initial project which is to produce a design of an open and auditable Hardware Security Module (HSM) and supporting software.
We are also considering the issues around assurance of a tool-chain, from compiler to operating system and as close to the hardware as we can reasonably get.
The project solicits functional requirements from a wide range of organizations. It will focus on the classic low level cryptographic functions and primitives, and not get drawn into re-implementation of application protocol layers.
We hope that a group of interested organizations will offer funding for development, and that the IACR and public sector cryptographers will provide algorithmic advice and wide and open review. If you or your organization is interested in helping this effort, please consider offering financial support to keep the work flowing.
- including pointers to the git repositories, information on how to set up and configure the board and software, and HSM requirements
- including the architecture diagrams, and known information
- including information on the chip design and prototypes as well as the pilot project(s)
- including information on presentations and meeting notes, technical references, and related work
- including information on dormant and far-future work