smart HSM

Your next data vault could be this : the next generation Hardware Security Module. Store securely important information without password.

Similar projects worth following
Based on Inversepath's usbarmory I am going to develop what is called an HSM.
Currently HSM cost more than 10 000 $.
They are bulky and are able to process hundreds to thousands of secure operations per seconds. Of course,we are not going to compete with that.

our target is to make a data vault to store important information like your ID card information, credit card information encrypted, to do authentication processing based on that information and run applications that can require the use of that kind of information.

To make things easier to understand what we will have:
- An online payment terminal without keyboard : thinkof what you use when doing online payments.
- A secure storage for login/password information. You get access to it by using your credit card to identify yourself. No more extra password to remember.
- A secure VPN, SSL proxy that will let you communicate securely over Internet using Banking Level security.
- and more ...

some FAQ:

What is an HSM :

Why making it :

  • Today, we are at a critical point :
    • Advance in technology allows us to develop secure device using low cost hardware (ARM TrustZone)
    • Companies are opening access to these technologies.
    • You are asked to identify yourself using a password for nearly everything. Do you remember them all ? do you change them often enough ? Are they good enough ?
    • Hackers become more dangerous everyday through fishing attacks, viruses and malwares stealing your identity and your money.

You are human. You deserves security, safety and an easy life. Keeping control on your life should be a given like the ability to trust people.

You trust the state and your bank. You are sure at least that they will not let somebody else use your identity.

You are right.

It is their worst fear. And they developed standards and procedures to make sure it won't happen (or at least they are not responsible). Those standards are open.

As a human you can make mistakes, forget things and be fooled. So why being involved in complex procedures on websites. Use a device you trust because you made it so and let it deals with in your daily life.

What it is :

  • a USB dongle running an ARM processor with TrustZone.
  • A cryptographic device where every communication and storage is encrypted.
  • A device that is able to communicate with ID card,credit cards and certification authorities.
  • An application platform that give you the functionality you need.

What can you use it for :

  • Store your login/password
  • Authentication token
  • VPN hardware device
  • Secure storage
  • ...

View project log

Enjoy this project?



Similar Projects

Does this project spark your interest?

Become a member to follow this project and never miss any updates