Git Product home page Git Product logo

opensk's Introduction

OpenSK logo

markdownlint pylint Cargo check Cargo format Coverage Status

OpenSK

This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application.

We intend to bring a full open source experience to security keys, from application to operating system. You can even 3D print your own open source enclosure! You can see OpenSK in action in this video on YouTube!

FIDO2

The stable branch implements the CTAP2.0 specification and is FIDO certified. OpenSK supports U2F, and non-discoverable credentials created with either protocol are compatible with the other.

If you want to use features of the newer FIDO 2.1, you can try our develop branch. This version is NOT certified and less thoroughly tested though. If you plan to add features to OpenSK, you should switch to develop.

⚠️ Disclaimer

This project is proof-of-concept and a research platform. It is NOT meant for a daily usage. The cryptography implementations are not resistent against side-channel attacks.

We're still in the process of integrating the ARM® CryptoCell-310 embedded in the Nordic nRF52840 chip to enable hardware-accelerated cryptography. Our placeholder implementations of required cryptography algorithms (ECDSA, ECC secp256r1, HMAC-SHA256 and AES256) in Rust are research-quality code. They haven't been reviewed and don't provide constant-time guarantees.

Hardware

You will need one the following supported boards:

Installation

To install OpenSK,

  1. follow the general setup steps,
  2. then continue with the instructions for your specific hardware:

To test whether the installation was successful, visit a demo website and try to register and login. Please check our Troubleshooting and Debugging section if you have problems with the installation process or during development. To find out what else you can do with your OpenSK, see Customization.

Research

We implemented post-quantum cryptography on OpenSK. The code is released under the hybrid-pqc tag. Our paper was published in the ACNS Secure Cryptographic Implementation workshop 2023.

Contributing

See Contributing.md.

Reporting a Vulnerability

See SECURITY.md.

opensk's People

Contributors

jmichelp avatar ia0 avatar gendx avatar kaczmarczyck avatar mshetairy avatar krkhan avatar mingxguo27 avatar cfsghost avatar mxi1 avatar gebogebogebo avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.