YAST security token

The RNG firmware is now available on Github. This firmware generate a continuous stream of random bytes through a VCOM port. Three modes of operation are available:

This is a demo firmware and, for a given security strength, throughput can certainly be improved. 

I'm going to start to work on a Fido2 demo application. I will let you know when I will have made substantial progress. I also plan to work on a open source contactless Java Card implementation of the FIDO2 standard. I have ordered an ACOSJ dual interface smart card as development platform.

YAST is now for sale on Tindie.

In parallel, I'm working on an RNG firmware which would provide a continuous random number stream through a virtual com interface. Expected throughput goes from 15kB/s using directly the RNG feature of the SE050 up to 210kB/s when a DRBG is executed on the LPC55 and seeded by the SE050.

The Open PGP card firmware for YAST token is available on github. This firmware implements the OpenPGP Card standard version 3.4.The following features are available:

• RSA 2048 keys (up to 4096 by modifying
• 6-digit PW1 password, 8-digit PW3 and RC passwords
• Get challenge (up to 3070 bytes per call)
• Factory reset
• Key on-chip generation and key import trough GPG application.

The token hardware and firmware are specifically designed to prevent the usage of the keys without the consent of the user. Keys stored onto the token cannot be extracted by any means.

YAST token will be on sale on Tindie soon. By the way, this firmware can be ported on LPC55S28 dev. kit (see. repo README.md). If your are interested by separately evaluating the SE050 secure element using a Raspberry PI, a breakout board is already on sale on Tindie.