Data security and privacy are becoming more of a necessary requirement for the Internet of Things (IoT), and other communication-based solutions. This is because for these solutions to become ubiquitous in homes, businesses, and agencies around the world, they have to be immune to data theft or even bad actors who try to cause system damage by introducing false data.
Several firms are developing efforts around hardware security and the team at Skudo is not left behind as they recently announced the development of Kryptor, a professional FPGA development board that is capable of offering all the functionalities of a dedicated Hardware Security Module (HSM) when running their soft-core, within the compact Intel/Altera MAX10 FPGA chip.
Kryptor’s powerful end-to-end encryption eliminates the need for software encryption and also avoids using any Operating System (OS) thereby considerably limiting the options for potential attacks since there’s just one chip to secure.
Designed with versatility and compatibility in mind, Kryptor comes in a small form-factor and can communicate over I2C, SPI or UART. It’s RAM and flash memory circuits are self-contained within the FPGA surface, which provides a much safer architecture compared to the usage of external chips which would require individual security.
While there are other encryption chips which use proprietary, closed-source solutions that limit the flexibility and the ability of users to modify the chip, Krypton, makes use of well-known and proven open-source encryption primitives on a verifiable HSM soft-core, bringing a professional encryption solution to IoT developers and maker communities with an easy plug-and-play module.
Some Specification and features of Kryptor include:
- FPGA: Intel/Altera MAX10 8K LE (10M08DAF256C8G)
- Dimensions: 23×35 mm
- Internal flash: 1376 Kb
- Internal RAM: 378 Kb total
- GPIO: 250 available from the FPGA (fewer accessible via the board)
- Operating frequency: 100 MHz
- Control: API / encrypted command-line interface (CLI)
- Platform compatibility: Linux, RPi, Arduino, etc.
- Duplication protection: Anti-piracy duplication protection via chip ID
- Encryption speed: symmetric encryption speed up to 108 Mbps on a single core (SPI link speed capped at 2 Mbps)
- FPGA Features
- 55 nm TSMC embedded flash (flash + SRAM) process technology
- 4-input look-up table (LUT) and single register logic element (LE)
- Flash memory data retention of 20 years at 85 °C
- Up to 830 Mbps
- LVDS receiver, 800 Mbps LVDS transmitter
HSM Soft-core Encryption Features
- Key agreement scheme: Elliptic Curve Diffie-Hellman / Curve25519 (ECDH)
- Symmetric key block cipher: Camellia
- Asymmetric: ECC25519
- Cryptographic hash function: Skein
- True Random Number Generator (TRNG): running in dedicated Hardware (FPGA)
- Expandable: The FPGA is expandable with external software functions executed inside the chip
- Optional functions: Other functions (e.g. RSA, AES256, Keccak, etc) can be integrated if needed for legacy applications
While the Kryptor FPGA is targeted at IoT professionals, it is compatible with Arduino and Raspberry Pi, with an Arduino library as well as a free and easy-to-use API for Linux (which can be used on a raspberry pi) already provided to help almost anyone get started with Kryptor in minutes.
The Kryptor FPGA is scheduled to go on sale in March, but information about its price is not yet available. You can, however, follow the project’s progress via its Crowd Supply project page or on the official product page.