Kryptor FGPA is a Hardware Security Module that adds Complex Open-source Encryption
Designed for processors that support serial interfaces, the one-chip module offers all the functionalities of a dedicated HSM within a single compact MAX10 FPGA chip.
The new release from Skudo is a professional FGPA development board built as an encryption solution to project boards like Raspberry Pi, Arduino, and BeagleBone. It is a plug and play Hardware Security Module that provides a compact pre-configured FPGA chip with functionalities for encrypting data, and can easily be used by any maker board.
“Any controller board (e.g. Raspberry Pi, Arduino etc.) can be connected to the Kryptor PCB via SPI, 12C and UART using a simple data protocol (free Linux API software libraries are also provided) enabling access to the functionalities of the Hardware Security Module (symmetric encryption, asymmetric encryption, hashing, keys generation/storing/management and a True Random Number Generator). Any maker is able to access those functionalities and build complex solutions based on them”.
Being able to offload an encryption work via 12C, SPI, or UART to your application helps you to focus more on the application’s code and worry less about implementing encryption.
“To make the Kryptor easy to use for IoT developers and makers, we also provide a free and easy-to-use API for Linux (e.g compatible with Raspberry Pi), which lets almost anyone start working with Kryptor in mere minutes,” Skudo adds.
Features of the HSM include:
- FPGA: Intel/Altera MAX10 8K LE (10M08DAF256C8G)
- Dimensions: 23×35 mm
- Internal flash: 1376 Kb
- Internal RAM: 378 Kb total
- GPIO: 250 available from the FPGA (fewer accessible via board)
- Operating frequency: 100 MHz
- Control: API / encrypted command line interface (CLI)
- Platform compatibility: Linux, RPi, Arduino, etc.
- Duplication protection: Anti-piracy duplication protection via chip ID
- Encryption speed: symmetric encryption speed up to 108 Mbps on a single core (SPI link speed capped at 2 Mbps)
- Power consumption: ~58 mAh (idle state) to ~65 mAh (constant operations)
One advantage it has over most commercial elliptic curve cryptography chips is that its entire implementation can be verified, as both hardware and software designs are available for inspection.
“The security of any encryption solution cannot rely on blind trust for a certain chip manufacturer. Rather, trust must be earned – which is why we’re making our files available for review by completely independent third-party companies for review and analysis.”
Another beautiful thing about the module is that it replaces all SW based encryption functionalities with HW based ones, so there is no need to consider using any Operation System which in turn reduces the chances of potential surface attacks.