Kryptor: Single-chip Hardware Security Module for Embedded Systems

Published  September 3, 2021   0
Kryptor FPGA Board

Kryptor is a single-chip, easy-to-use, plug-and-play encryption solution for your embedded systems. This Max10 FPGA-based tool is a hardware security module (HSM) for processors supporting serial interface communication, a perfect security solution for boards like Raspberry Pi, Arduino, and BeagleBone.  

Advantages of Kryptor FPGA Board

The advantage Skudo’s Kryptor has over other available modules is its open design which makes it a reliable and safer option compared to modules that have closed firmware. Although there are many closed chip modules available for Elliptic-Curve-Cryptography (ECC), unless you trust the company making the product, the security provided by properly implementing the algorithm is questionable. 

The company is also providing a free Raspberry Pi compatible API and an Arduino Library which will make adopting this package easier. Another advantage about the module is its adoption of hardware-based encryption which essentially replaces the software-based encryptions making it immune against malware-injection attacks, exploitable bugs, and viruses by avoiding the use of an operating system essential for software-based encryption. Furthermore, the FPGA contains both the RAM and flash memory circuitry making the overall architecture safer than relying on external chips, thus, making the Kryptor FPGA board more lucrative to IoT developers and electronic makers.  

Kryptor FPGA Board

What’s inside the box?

According to Skudo, the box product will cost $129 and the package will include a free voucher for Skudo HSM softcore download, one BB-170 Solderless Plug-In Breadboard with addition to six male/female 10 cm jumper wires, and the SKUDO Kryptor FPGA board. The image below illustrates the contents of the package.

Kryptor FPGA Board Connection

Technical Specifications

The board contains multiple GPIOs, 3 LEDs, JTAG/pogo pins and the application processor communicates with the HSM. Other specifications of the board are:

  • FPGA: Model Intel/Altera MAX10 8K LE (code: 10M08DAF256C8G)

  • Dimensions: 22.8 x 31.2 mm

  • Internal flash: 1376 Kb

  • Internal RAM: 378 Kb total

  • GPIO: 250 available from the FPGA (fewer accessible via the board)

  • Operating frequency: 100 MHz

  • Control: API compiled library / Command Line Interface (CLI)

  • Platform compatibility: Linux, Raspberry Pi (RPi), Arduino, etc.

  • Electrical interfaces: 1x SPI

  • Duplication protection: Anti-piracy duplication protection via chip ID (soft-cores are encrypted and cannot be executed on a different physical PCB)

  • Encryption speed: Camellia symmetric encryption speed up to 108 Mbps on a single core (SPI link speed capped at 100 Kbps)

  • PCB power consumption: 58 mAh (FPGA idle) to 64 mAh (FPGA encrypting)

MAX10 8K LE Module

FPGA Features

  • 55 nm TSMC embedded flash (flash + SRAM) process technology

  • Four-input look-up table (LUT) and single register logic element (LE)

  • Flash memory data retention of 20 years at 85 °C

  • Up to 830 Mbps

  • LVDS receiver, 800 Mbps LVDS transmitter

Encryption Algorithm Suite

According to the manufacturer, the Krypto utilizes the following encryption algorithm suites:

  • Symmetric encryption: Camellia, Camellia-CBC, Camellia-CTR

  • Asymmetric: Elliptic Curve25519 (ECDH)

  • Hashing: Skein

  • All crypto functions are embedded and running in our custom FPGA chip inside Skudo PCB (without OS, bare metal)

  • True Random Number Generator (TRNG): FIGARO

This is a feature-rich board, which is easy to set up with your Raspberry Pi or other microcontrollers. If you are planning to know more about it, then head to their Crowdsupply page. The Crowd Supply campaign is scheduled to end on September 28 and orders placed before that are scheduled to be shipped by February, 28 next year.