Of the ATECC508A chip and creation of a unique attestation cert for each U2F token. Programming was a challenge because it’s dependent on my scripts to handle the initial configuration But that proved to be too time consuming, messy, and unreliable. I was originally hopeful when starting this project that I would be able to With a tamper resistant case or coating, but the initial capital to get that going is currently out of my reach. You can see the full source of the design here. The ATECC508A chip fulfills all security requirements because it has a hardware RNG, write only keys, and hardwareĪcceleration for elliptic curve operations **. Other discrete components - Button, bypass capacitors, ESD protection, current limiting resistor.EFM8UB1 - Cheapest microcontroller with USB.ATECC508A - Atmel chip that securely implements P-256 signatures and key generation *.I chose to use the following components to implement the design (in order of importance): Strong computation for the crypto (using an 8 bit processor would be too time consuming).A good source of randomness to generate keys.I decided that a U2F token would need to meet 3 core requirements: U2F uses challenge response for authentication and is based on the P-256 NIST Elliptic Curve.įIDO additionally provides U2F standards for transports like USB, Bluetooth, and NFC which It uses the U2F protocol, which is a standard developed by the FIDO Alliance and Google. You can copy everything as it’s all open source. If you’re interested in doing something similar, In this post I’ll talk about the design, how I produced it affordably, and some I made a two factor authentication token and have made it available on Amazon. Designing and Producing 2FA tokens to Sell on Amazon 23 September 2020
0 Comments
Leave a Reply. |