Search
Close this search box.
Search
Close this search box.
Making the Internet a bit safer

Making the Internet a bit safer

cryptech_vers1

Research and education networks are not only about fibres, routers and switches. They also try to contribute to the common good of Internet users. Enter CrypTech, hosted by NORDUnet and making the Internet a little bit safer for everybody.

Software developers and electronics designers from around the world are uniting their efforts in the CrypTech project, designing open source hardware securing the authenticity of digital content transmitted through the internet. NORDUnet plays a key role in the project.

To increase trust, geographical and cultural diversity lies at the very heart of CrypTech. In addition to CrypTech being open source, the diversity principle also applies to the funding of the project, allowing a maximum of 100k USD per donor per year; trying to avoid any one sponsor having too much influence over the project.

Fear of backdoors

All this is for a reason: CrypTech was initiated as a reaction to revelations from Edward Snowden and other security experts regarding massive surveillance by NSA and other surveillance agencies. Experts have questioned the integrity of some of the implementations of basic cryptographic functions and devices used to secure communications on the Internet. This has lead to a widespread fear of backdoors, being open to not only surveillance agencies from different countries but also to cyber criminals.

In particular there is a great need for open, verifiable, implementations of cryptographic algorithms in hardware. Even more so, as the majority of Hardware Security Modules are manufactured by worrysome nation states, giving rise to suspicions that national surveillance agencies could compromise these devices. Hardware Security Modules are machines creating cryptographic keys and storing them safely. The keys are used to authenticate digital content and to assure, that the content you’ve sent hasn’t been tampered on the way to its destination.

Open source crypto-hardware

Now CrypTech is developing an open source hardware cryptographic engine that meets the needs of high assurance Internet infrastructure systems that use cryptography.

In general, cryptography built on software alone, has weaknesses. When an encryption or hash algorithm is written in software and built into a general purpose CPU, or loaded into a general-purpose computer, it remains vulnerable to attack. However, when the cryptography is performed in a dedicated hardware device, inaccessible to the normal operating system, these weaknesses are reduced significantly.

Fredrik Thulin, one of the developers working on CrypTech, explains:

“The financial sector has been using Hardware Security Modules for many years, together with some of the really big tech companies. But apart from that, these modules are not widely spread, partly because they are very expensive. CrypTech aims to provide a much cheaper solution, thus spreading the use of HSMs to the broad Internet community, covering needs such as secure email, web, domain name systems and public key infrastructure.”

Around for a long time
The Nordic research and education networks Sunet and RHnet – together with NORDUnet – play a key role in CrypTech, providing both staff and administrative support.
NORDUnet has been around for a long time. Actually, nordu.net is one of the oldest domain name in existence. Trust is important in the CrypTech project, so when people were looking around for an organisation to host the project, NORDUnet was the obvious choice.

Berlin in July
According to Fredrik Thulin, the upcoming Internet Engineering Task Force, IETF, meeting in July in Berlin is an important date for CrypTech:

“The aim is to build a Hardware Security Module from the ground up, and my job in the project is mostly hardware related. I’m working on hardware prototypes, and we hope to have some Alpha boards ready for the IETF meeting in Berlin. This will then be the first really useable board, built based on the CrypTech blueprints.”

Hopefully, provided adequate funding, the CrypTech engine will be up and running by 2017. The intent is that it can be built by anyone from public hardware specifications and open source firmware. Anyone can then operate it without fees of any kind.

For more information, please visit the CrypTech website.

 

Other posts

Time to register for the 2024 NORDUnet Conference

Time to register for the 2024 NORDUnet Conference

The 32nd NORDUnet conference will take place on 10th-12th September, 2024 in Bergen, Norway hosted by Norwegian NREN Sikt together with…
A vision for two Arctic subsea cables

A vision for two Arctic subsea cables

Nordic NRENs and NORDUnet: By 2030 or soon thereafter, a resilient submarine cable system across the Arctic region towards East…
DeiC hosting Federated Trust and Identity meetings in Copenhagen

DeiC hosting Federated Trust and Identity meetings in Copenhagen

Danish NREN DeiC will host the TIIME Unconference and a number of related meetings on federated trust and identity in…
NORDUnet at PTC'24

NORDUnet at PTC'24

Once again NORDUnet is joining the Pacific Telecommunications Council (PTC) meeting in Honolulu, Hawaii. Taking place 20-25 January 2024, PTC’24…