By: Karen O’Donoghue
Date: November 1, 2016
CrypTech marked a major milestone the weekend before IETF 96 by delivering the first version of alpha hardware to a select group of alpha testers. These alpha testers joined the CrypTech engineering team for a two-day, hands-on workshop on installing and testing alpha hardware and its accompanying software. A discussion of priorities for future development wrapped up the event.
What Is CrypTech?
The goal of the CrypTech project (https://cryptech.is) is to create an open-source hardware cryptographic engine that can be built from public hardware specifications and open-source firmware. Its team comprises a loose international collective of engineers, who seek to improve assurance and privacy on the Internet. It is funded diversely and is administratively housed outside the United States.
The CrypTech project was originally motivated by the loss of trust in cryptographic algorithms and products that arose after revelations of pervasive monitoring and potentially compromised algorithms and products. It evolved from discussions within both the IETF and Internet Architecture Board (IAB) communities, and was founded as an independent international development effort charged with creating a trusted, open-source, design and prototype of an inexpensive hardware cryptographic engine.
CrypTech is a trusted reference design for a hardware security module (HSM), a specialized device used to securely store the public/private key pairs used with digital certificates, most commonly Secure Sockets Layer/Transport Layer Security (SSL/TLS). It supports the Internet community by providing the possibility of an open and auditable alternative to existing crypto devices. Its development model is based on a composable system that lets the designer select the bare minimum of components needed, thereby further reducing the risk and attack surface of any CrypTech-based device.
CrypTech started from the ground up. First, implementing a wide variety of cryptographic algorithms to be loaded into a specialized field programmable gate array (FPGA), then designing the hardware required for a true random number generator (TRNG), and writing the necessary support software to link the CrypTech HSM to existing public key infrastructure (PKI) applications such as DNSSEC. There is much yet to be done, including building the links to additional applications, like RPKI, and building high-assurance auditing and management tools for key and cryptographic operations.
The CrypTech Alpha
Designing a hardware cryptographic device is significantly more complicated than writing open-source software. Because the CrypTech project must integrate both hardware and software components, there are real material costs that most open-source projects don’t incur.
The CrypTech alpha board consists of an ARM processor and an FPGA on a EuroCard form factor (120 x 100mm) board. These reside in an enclosure with a pair of Universal Serial Bus (USB) interfaces and power. The interface to the board is a custom Remote Procedure Call over the USB interface with a client-side PKCS #11 library layered on top of it.
A significant hardware aspect of the CrypTech project is the use of an FPGA for crucial cryptographic functions. Encryption or hash algorithms written in software and executed on general-purpose CPUs remain vulnerable to attack: software can be changed, often subtly, and memory contents can be read during operations. Even the length of time to perform operations can be measured to reveal information. However, when cryptography is performed in a dedicated hardware device—completely inaccessible to the normal operating system—these weaknesses are significantly reduced. As the CrypTech design matures, the FPGA may be migrated to a specialized application specific integrated circuit (ASIC) in order to further improve security and performance.
CrypTech also built a true random number generator that requires specialized hardware components to be a source of randomness. Cryptographers have long been critical of algorithmic methods of generating random numbers, and poorly written random-number algorithms have been critical factors in security failures. A true random number generator (TRNG) is an important building block in a secure cryptography infrastructure. CrypTech’s initial TRNG has been tested by reputable sources and the feedback is overwhelmingly positive.
A key feature of HSMs is the potential to resist tampering. CrypTech has implemented and tested tamper circuitry to support this functionality, although the current enclosure does not make use of it. (This was one of the priority development items discussed during the workshop).
The delivery and alpha-testing of this portion of the CrypTech project was the successful culmination of two years of community effort. The first batch of alpha-version hardware was delivered to a set of alpha testers and formed the basis for the CrypTech workshop at IETF 96.
The CrypTech Workshop at IETF 96
Participants received their alpha hardware and were given a detailed overview of CrypTech’s major design components, including hardware, firmware, software, and FPGA (see https://trac.cryptech.is/wiki/BerlinWorkshop).
They were then given the following tasks:
- Initialize the cryptographic services on their own CrypTech alpha hardware.
- Establish the use of PKCS #11 for communications to a server.
- Configure OpenDNSSEC from NLnetLabs to get its keys from the CrypTech alpha hardware.
- Utilize the system to perform DNSSEC zone signing.
While the CrypTech technology has a number of applications, the first target use case is as an HSM for DNSSEC key management.
After the workshop, the CrypTech engineering team met to discuss the results of the workshop and to plan the next steps for the project based on these results. In the near term, the engineers plan to continue improving CrypTech’s quality, capacity, and performance in order to make it suitable for production applications. In addition, the team plans to add features that increase its appeal for production environments and make it suitable for applications beyond DNSSEC.
During the week of IETF 96, highlights from the CrypTech workshop were discussed in several meetings, including the IEPG, IETF Security Area Advisory Group, and IRTF Crypto Forum Research Group sessions. Detailed questions about it pointed to the relevance of the effort.
Join the CrypTech Community
Open-source development was critical to the successful development and growth of the global open Internet. The CrypTech project is the same—by bringing an open source philosophy to cryptographic software and hardware, our plan is to increase trust and transparency, offer alternatives to commercial products, and reduce costs.
Interested in obtaining your own version of the alpha hardware and being a CrypTech alpha tester? Although the first batch of hardware is in the hands of the current alpha testers, additional boards will be made available via CrowdSupply (https://www.crowdsupply.com/cryptech).
To learn more about CrypTech and how you can help support this important effort, see https://cryptech.is.