Google company
OpenSK allows you to create your own token for two-factor authentication on websites, which, unlike ready-made solutions produced by manufacturers such as Yubico, Feitian, Thetis and Kensington, is built on a completely open firmware that is available for expansion and auditing. OpenSK is positioned as a research platform that token producers and enthusiasts can use to develop new features and promote tokens to the masses. The OpenSK code was originally developed as an application for
Besides software project
ARM TrustZone Cryptocell 310. Nordic nRF52840 is the first reference platform for OpenSK. OpenSK provides support for the ARM CryptoCell crypto accelerator and all modes of transport provided by the chip, including USB, NFC and Bluetooth Low Energy. In addition to using the crypto accelerator in OpenSK, separate implementations of the ECDSA, ECC secp256r1, HMAC-SHA256 and AES256 algorithms written in Rust have also been prepared.
It should be noted that OpenSK is not the first open implementation of firmware for tokens with FIDO2 and U2F support, similar firmware is being developed by open projects
The proposed firmware for installation is based on
operating system for microcontrollers based on Cortex-M and RISC-V, which provides sandbox isolation of the kernel, drivers and applications. OpenSK is packaged as an applet for TockOS. In addition to OpenSK, Google also prepared for TockOS optimized for Flash drives (NVMC)
Source: opennet.ru