The TKey is a RISC-V-based security key that plugs into a USB port. The device has a number of features, including a device-specific serial number, RAM scrambling, and a monitor that kills the CPU in the event of access to protected memory. There is also an FPGA that, on the end-user version, is locked down. This prevents you from changing the core features and the unique ID number for the device.
As part of the start-up code, the device calculates a hash of the application and merges it with the device ID and, potentially, a user-defined secret. If this number matches a previous calculation, it is reasonably certain that nothing has changed between the times of the calculations.
Don’t trust the developers? Make your own key since it is all on GitHub. If nothing else, having everything out for review means that any glaring problems will be open for scrutiny by the community.
Of course, you can just buy the device for about $70, and that’s probably what most people will do. We will leave it to the experts to tell us if it is better or worse than commercial offerings out there today.
A key like this can be one factor in a multi-factor authentication system. It isn’t like these hardware tokens don’t already exist, but they never seem to be widely adopted.
0 Commentaires