Interesting. That's a $2 SoC, part of NXP's "Ultra Low Cost" line. The whole BOM cost is probably around $10-15, so hopefully F-Secure can sell enough of these to bring consumer cost down.
I can see a lot of use for these guys, but it's hard to justify when as Pi Zero outspecs it for 5% of the cost. I'd pick it up just to hack around if it was closer to the $50 range.
I wonder if it's one of the chips that has a bootloader vulnerability. All of the trustzone stuff was completely broken on their original, and nobody ever implemented working code for it anyway.
The BOM cost is probably pretty high because of the BGA package, the original was like a 8 layer board or something absurd.
Those processors, as you pointed out, are comically slow even compared with the raspberry pi.
The ATECC608A is a very nice feature. I have an older version of the USB Armory--i.MX53 and USB-A. The cryptographic engine (SCCv2), and in particular the AES module with unique, secret eFUSE'd key (for creating a proper HSM) was poorly documented. NXP only made security component documentation available under NDA, and to achieve that you needed to work with a reseller, which after repeated attempts over many weeks I never managed to accomplish. Plus, even if I got the documentation, the keyed AES module only worked properly if you had secure boot working, otherwise it used a fixed test key rather than an alternative unique key. This was such a steep hill to climb that none of the example or open source applications ever made proper use of the AES module, AFAIK.
I ended up simply buying a Pi 3, a Mikroe Click shield, and Mikroe ATECC608A board (for the shield), though by that time I had already run out of steam so I never had a chance to bring it up.
So, the ATECC608A is very nice and I'd like to see it more widely included in hardware.[1] And the armory is much smaller than my literal Pi 3 hardware stack. Bonus points if documentation for i.MX6ULZ and related bits are publicly available, but I'm not keen on risking another goose chase so I probably wouldn't even factor that in one way or another.
[1] I believe an ATECC chip is what AWS originally used for end-to-end hardware attestation of EC2 servers. And maybe still do. Though, this is speculation on my part based on some AWS developer blog posts discussing the chip.
I didn't know the ATECC608A had an NDA'd datasheet. But as far as I remember all documentation needed to utilize it from software (e.g. I2C protocol) was available, in PDF or in code (https://github.com/MicrochipTech/cryptoauthlib/).
Not all of them, but the A, A+ and zero do. Basically all models _without_ a built-in USB hub work. The Pi 4 is capable of OTG only over the USB-C port, and only with a recent firmware.
They support a bunch of modes, like Mass Storage, Ethernet, Serial, HID, etc.
I have a bricked mk1, it was a convenient place to keep private keys while it worked but unfortunately it didn't last very long before it quit booting.
The idea is nice, it will have to be seen how the actual product will result in practical use, at first sight, it seems like (mechanically) very "flimsy", the device is intended to be supported by its USB-C connector (and that bar the possibility of accidentally breaking it[1] should be fine) but the moment you use the female connector (which is at the other end of the male one) any weight, be it the connected device or the cable to connect it will create a relatively powerful lever on the male USB-C connector.
The only "safe" way to use it seems to me having it on a stable surface and connect also the USB-C male through a cable.
[1] disclaimer, I am not saying that it will happen to you, but I had several USB sticks and/or USB receptacles (the much sturdier type A) broken and/or bent and or however ruined by clumsy colleagues or cleaning ladies and even pets.
My note/doubt wasn't about inserting/plugging/unplugging it (I am pretty sure that is fine or at least as fine as any other USB-C device), it is about leaving it plugged (and sticking out without support) to a PC or some other device (thus exposed to accidental hits).
And if at the end of it there is another little device plugged (or a cable) in the female connector, little by little the weight might losen the receptacle of the PC or however put too much traction on the connector soldering or even (I have seen it happening with some devices) slightly bend the board.
ARM SecureZone is an odd choice on a platform that's aiming to be highly trusted. It's got a very weak security model compared to isolated TPMs (like the two that they have on-board as well). The boot-chaining on this looks like it's entirely reliant on the TrustZone separation, not on either of the two on-board TPMs, nu?
34 comments
[ 3.0 ms ] story [ 84.4 ms ] thread- Landing page https://inversepath.com/usbarmory.html
- Wiki https://github.com/f-secure-foundry/usbarmory/wiki
- MkII introduction on there https://github.com/f-secure-foundry/usbarmory/wiki/Mk-II-Int...
They don't want users to click links and go away.
Hardware specs:
SoC: NXP i.MX6ULZ ARM® Cortex™-A7 900 MHz
RAM: 512 MB DDR3
Storage: internal 16 GB eMMC + external microSD
Bluetooth module: u-blox ANNA-B112 BLE
USB-C ports: DRP (Dual Role Power) receptacle + UFP (Upstream Facing Port) plug, USB 2.0 only (no video support)
LEDs: two
Slide switch: for boot mode selection between eMMC and microSD
External security elements: Microchip ATECC608A + NXP A71CH
Physical size: 66 mm x 19 mm x 8 mm (without enclosure, including USB-C connector)
I can see a lot of use for these guys, but it's hard to justify when as Pi Zero outspecs it for 5% of the cost. I'd pick it up just to hack around if it was closer to the $50 range.
The BOM cost is probably pretty high because of the BGA package, the original was like a 8 layer board or something absurd.
Those processors, as you pointed out, are comically slow even compared with the raspberry pi.
Please see https://github.com/f-secure-foundry/advisories
Of course all P/Ns used for the Mk II have a patched boot ROM, please see https://github.com/f-secure-foundry/usbarmory/wiki/Secure-bo....
The original Mk I was 6 layers in the end, the Mk II is also 6 layers.
And yes the BOM cost is considerable due to its specifications.
The i.MX SoC core we use is comparable to a 1st gen Raspberry PI in speed, but of course slower than newer multi-core ones.
However security and form factor, rather than pure speed, is our goal. For the intent and purposes of the board performance is more than adequate.
Some benchmarks here: https://github.com/f-secure-foundry/usbarmory/wiki/Benchmark...
I ended up simply buying a Pi 3, a Mikroe Click shield, and Mikroe ATECC608A board (for the shield), though by that time I had already run out of steam so I never had a chance to bring it up.
So, the ATECC608A is very nice and I'd like to see it more widely included in hardware.[1] And the armory is much smaller than my literal Pi 3 hardware stack. Bonus points if documentation for i.MX6ULZ and related bits are publicly available, but I'm not keen on risking another goose chase so I probably wouldn't even factor that in one way or another.
[1] I believe an ATECC chip is what AWS originally used for end-to-end hardware attestation of EC2 servers. And maybe still do. Though, this is speculation on my part based on some AWS developer blog posts discussing the chip.
Also the ATECC608A library from Microchip is open source and you can gather all necessary info from there.
Then we also have the NXP AT71CH with all info available publicly.
Does Pi do USB device "emulation" (has it "gadget" drivers)?
They support a bunch of modes, like Mass Storage, Ethernet, Serial, HID, etc.
Example: https://gist.github.com/gbaman/50b6cca61dd1c3f88f41
We can take costs down a little more with larger numbers but not by a great margin.
The assembly process of Type-C plugs is also time consuming and therefore costly.
[0]:https://www.businesswire.com/news/home/20081104005569/en/Cry...
[1]:https://www.nxp.com/docs/en/data-sheet/A71CH-SDS.pdf
Is it secure against key extraction from somebody with physical access to the hardware?
it is supposed to be.
When used in combination with user supplied passphrases this leaves little chance for physical attacks.
The two external security elements have active protection against glitching and side channel.
- https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events...
- https://media.ccc.de/v/36c3-10597-tamago_-_bare_metal_go_fra...
The only "safe" way to use it seems to me having it on a stable surface and connect also the USB-C male through a cable.
[1] disclaimer, I am not saying that it will happen to you, but I had several USB sticks and/or USB receptacles (the much sturdier type A) broken and/or bent and or however ruined by clumsy colleagues or cleaning ladies and even pets.
While developing TamaGo I have plugged/unplugged it about 200 times a day for months ;).
And if at the end of it there is another little device plugged (or a cable) in the female connector, little by little the weight might losen the receptacle of the PC or however put too much traction on the connector soldering or even (I have seen it happening with some devices) slightly bend the board.
[1] https://shop.hak5.org/products/bash-bunny
[2] https://forums.hak5.org/topic/40208-bash-bunny-specs/
- Serpente, $15 Cortex-M0+ https://www.tindie.com/products/arturo182/serpente-a-tiny-ci...
- Somu, $35 Cortex-M4 https://www.crowdsupply.com/solokeys/somu
- Fomu, $50 ICE40UP5K https://www.crowdsupply.com/sutajio-kosagi/fomu
- GL.iNet GL-USB150, $30 MIPS 24K https://www.gl-inet.com/products/gl-usb150/
- Bash Bunny, $100 Cortex-A7 https://shop.hak5.org/products/bash-bunny
- Espruino Pico, $25 Cortex-M4 https://www.espruino.com/Pico
- IceStick, $25 ICE40HX1K https://www.latticesemi.com/icestick