At the moment, OpenSK firmware can only be used in the Nordic chip. As Google explains in its security blog, Nordic has been chosen as initial reference hardware because “it is compatible with all major transport protocols mentioned by FIDO2: NFC, Bluetooth Low Energy, USB and a core of dedicated hardware encryption.”
In addition to the technology itself, Google also facilitates the model of a fully customizable 3D printable case to easily protect and transport the security key.
OpenSK is developed in Rust language and runs in TockOS which, according to Google, “makes the code less vulnerable to logical attacks, as it provides better isolation and cleaner OS abstractions in support of security.” The company says in its blog that they hope that over time this project “will provide innovative features, stronger embedded crypto, and encourage widespread adoption of trusted phishing-resistant tokens and a passwordless web.”
For now, this initial version of OpenSK is considered an experimental research project. For more information you can check Google security blog and this video about OpenSK. The source code is available in this GitHub repository.
0 Comments