Title: WikiStart
Author: sra
Date: 2016-12-15 20:46
Modified: 2017-05-13 20:30
Recent revelations have called into question the integrity of some of
the implementations of basic cryptographic functions and devices used to
secure communications on the Internet. There are serious questions about
algorithms and about implementations of those algorithms in software and
particularly hardware. The goal of the CrypTech
project is to provide some possible answers to those questions by
developing an open-source hardware cryptographic engine that meets the
needs of high assurance Internet infrastructure systems that use
cryptography.
The algorithmic issues are in the domain of the heavy math cryptography
folk; the implementation issues are the primary focus of the project.
The open-source hardware cryptographic engine must be of general use to
the broad Internet community, covering needs such as secure email, web,
DNS, PKIs, etc.
The intent of the project is that the final open-source hardware cryptographic
engine can be built by anyone from public hardware specifications and
open-source firmware. Anyone can then operate it without fees of any
kind.
CrypTech.IS is a loose international collective
of engineers trying to improve assurance and privacy on the
Internet. It is funded diversely and is administratively quartered outside
the US.
We are actively seeking use cases for an initial project which is to
produce a design of an open and auditable Hardware Security Module (HSM)
and supporting software.
We are also considering the issues around assurance of a tool-chain,
from compiler to operating system and as close to the hardware as we can
reasonably get.
The project solicits functional requirements from a wide range of
organizations. It will focus on the classic low level cryptographic
functions and primitives, and not get drawn into re-implementation of
application protocol layers.
We hope that a group of interested organizations will offer funding
for development, and that the IACR and public sector cryptographers will
provide algorithmic advice and wide and open review. If you or your
organization is interested in helping this effort, please consider
offering financial support to keep the
work flowing.
- including pointers to the git repositories, information on how to set up and configure the board and software, and HSM requirements
- including the architecture diagrams, and known information
- including information on the chip design and prototypes as well as the pilot project(s)
- including information on presentations and meeting notes, technical references, and related work
- including information on dormant and far-future work