[OneRNG-Discuss] Tillitis TKey

Denis BEURIVE dbeurive at protonmail.com
Thu Jul 6 08:35:10 BST 2023


Hello,

Thanks for sharing the information. It's pretty interesting.

Regards,

Denis


-----------------------------

Ce message et toutes les pièces jointes (ci-après le "message") sont établis à l'intention exclusive de ses destinataires et sont confidentiels. Si vous recevez ce message par erreur ou s'il ne vous est pas destiné, merci de le détruire ainsi que toute copie de votre système et d'en avertir immédiatement l'expéditeur. Toute lecture non autorisée, toute utilisation de ce message qui n'est pas conforme a sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite.

-----------------------------

This message and any attachments (the "message") is intended solely for the intended addressees and is confidential. If you receive this message in error,or are not the intended recipient(s), please delete it and any copies from your systems and immediately notify the sender. Any unauthorized view, use that does not comply with its purpose, dissemination or disclosure, either whole or partial, is prohibited.

Envoyé avec la messagerie sécurisée Proton Mail.

------- Original Message -------
Le mercredi 5 juillet 2023 à 22:24, Jim Cheetham <jim at cheetham.nz> a écrit :


> I'm sure we've mentioned the TKey before, but it's being seen out and about in production now ...
> 
> https://dev.tillitis.se/intro/
> 
> It's basically a full computer with measured boot, and it's up to you what applications you put on it.
> 
> > 32-bit RISC-V CPU running at 18 MHz
> > Execution monitor
> > Hardware-assisted address randomization and RAM scrambling
> > 128 kiB RAM for TKey device applications
> > 2 kiB firmware RAM
> > 6 kiB ROM
> > True random number generator
> > USB CDC (Communications Device Class) over a Type-C connector
> > Timer
> > Two levels of hardware privilege modes: firmware mode and application mode
> > CPU-controlled LED
> > No persistent storage
> 
> 
> The RNG is described as
> 
> > The True Random Number Generator (TRNG) ring oscillator based internal entropy source.
> > The TRNG generates randomness with a fairly good quality. However for security related use cases, for example generating keys, the TRNG should not be used directly. Instead use it to create a seed for a Digital Random Bit Generator (DRBG), also known as a Cryptographically Safe Pseudo Random Number Generator (CSPRNG). Examples of such generators are Hash_DRGG, CTR_DRBG, HKDF.
> 
> 
> More hardware details are available in https://github.com/tillitis/tillitis-key1
> 
> Here's a blog post where the device user set the TKey up as an ssh agent, and as an authenticator for PAM:
> https://www.assured.se/posts/getting-started-tillitis-tkey-security-token
> 
> --
> Jim Cheetham
> jim at cheetham.nz
> 
> _______________________________________________
> Discuss mailing list
> Discuss at lists.onerng.info
> https://lists.ourshack.com/mailman/listinfo/discuss
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - dbeurive at protonmail.com - 0x3E433681.asc
Type: application/pgp-keys
Size: 1767 bytes
Desc: not available
URL: <http://lists.ourshack.com/pipermail/discuss/attachments/20230706/e0811808/attachment.key>


More information about the Discuss mailing list