Google Open Sources Code for Security Key Devices
Google on Thursday announced that it has released the source code for a project named OpenSK in an effort to allow users to create their own security key devices.
OpenSK is written in Rust and it supports both FIDO U2F and FIDO2. Google says that by releasing OpenSK it will “help advance and improve access to FIDO authenticator implementations.”
Specifically, the company hopes that researchers, manufacturers of security keys and even enthusiasts will help develop new features and accelerate the adoption of these authentication devices.
The OpenSK firmware can be used with a Nordic chip, which supports a dedicated hardware crypto core, along with all major transport protocols, including Bluetooth, NFC and USB.
Google has also made available the design for a security key enclosure that can be created using 3D printers.
However, the company has warned that the project is still under development and it should be used mainly for testing and research purposes.
“Under the hood, OpenSK is written in Rust and runs on TockOS to provide better isolation and cleaner OS abstractions in support of security. Rust’s strong memory safety and zero-cost abstractions makes the code less vulnerable to logical attacks. TockOS, with its sandboxed architecture, offers the isolation between the security key applet, the drivers, and kernel that is needed to build defense-in-depth,” Google explained.
Google announced earlier this month that it has simplified the enrollment process for its Advanced Protection Program, which is designed to help high-risk users add an extra layer of protection to their account through the use of security keys. The company also recently started allowing users to activate a security key on their iPhone.