USB armory

The USB armory is an open source hardware design, implementing a flash drive sized computer.

Contact us Buy now

Primary applications | Security features | Example use cases | How to order

The USB armory is the world’s smallest secure computer.

It can safeguard data and run trusted applications, preventing unauthorized access or execution. Minimal attack surface, vast performance and capabilities. Fits right in your pocket, your laptop, your servers.

Compact. Customizable. Secure.

The capability of implementing arbitrary USB devices, act as a Power over Ethernet network element, in combination with its speed, security features, and the flexible and customizable operating environments, make the USB armory the ideal platform for innovative and powerful security applications.

Documentation

Primary applications

Encrypted storage solutions

Encrypted storage solutions

Hardware security module

Hardware Security Module (HSM)

Enchanted smart cards

Enhanced smart cards

Electronic vaults

Electronic vaults

e.g., cryptocurrency wallets, e-voting

Escrow services

Key escrow services

Authentication

Authentication, provisioning, licensing, tokens

USB firewall

USB firewall

Safety

Transparency Witness

Hardware

PoE Private Compute Module

USB ARMORY

Solution overview

USB ARMORY

Datasheet

Security features

The USB armory incorporates a vast number of features that can support a wide variety of security architectures. Its capabilities allow the safe storage of data as well as the trusted execution of operating environments and their applications, natively on the device itself.

Beyond simple smartcards or security tokens, the USB armory is a personal, self-contained, secure server.

Icon

Secure boot

The HAB feature enables on-chip internal Boot ROM authentication of initial bootloader (i.e., Secure Boot) with a digital signature, establishing the first trust anchor for code authentication.

Icon

True random number generator

The CAAM (i.MX6UL) and RNGB (i.MX6UZ) provide true random number generation for cryptographic operations.

Icon

Bluetooth

The built-in Bluetooth (BLE) module allows wireless communication which, in combination with other security features as well as the internal+external storage, enables innovative multi-factor secure storage solutions.

Icon

Secure storage

The SNVS (Secure Non-Volatile Storage) enables encrypted storage of arbitrary data using unique keys. Combined with Secure Boot (HAB) this allows complete lockdown of data through a trusted application.

Icon

RAM encryption

The BEE is included only on in boards mounting the i.MX6UL SoC, it supports on-the-fly (OTF) AES-128 (ECB or CTR) encryption/decryption on the AXI bus, allowing OTF DRAM encryption.

Icon

Secure elements

The NXP SE050 features hardware acceleration for elliptic-curve cryptography as well as hardware based key storage.

Icon

Replay protection

The eMMC RPMB features allows replay protected authenticated access to flash memory partition areas, using a shared secret between the host and the eMMC.

Icon

TamaGo Unikernel

The TamaGo framework provides full support of the USB armory security
features under bare metal Go execution removing any runtime dependency on C
code and/or Operating Systems.

 

Example use cases

Transparency Witness

The USB armory has been used to implement a cross-ecosystem witness network, providing split-view attack prevention to a growing set of transparency-enabled ecosystems.

Project page

Armory Drive

The USB armory provides secure execution of cryptographic operations and data storage.

The user can unlock the USB armory over Bluetooth, authorizing only need-to-know contents, to ensure safe operation even on untrusted laptops.

Project page

GoKey

The GoKey application implements a USB smartcard with innovative properties. Featuring an SSH based management interface, the card provides a dramatically improved security model over traditional smartcards. By leveraging on the TamaGo framework, GoKey is written and executed with only high-level code, minimal dependencies and a memory-safe environment.

Project page

TamaGo

In addition to native support for standard operating environments, such as Linux distributions, the USB armory is directly supported by TamaGo, an Reversec Foundry developed framework that provides execution of unencumbered Go applications on bare metal ARM® System-on-Chip (SoC) processors.

Find out more

How to order

 

Ordering information

Our accreditations and certificates

NCSC CCSS CREST CREST CSIR NCSC PCI QSA NDV
NCSC CCSS CREST CREST CSIR NCSC PCI QSA NDV NCSC CCSS CREST CREST CSIR NCSC PCI QSA NDV

Don’t be a stranger, let’s get in touch.

Our team of dedicated experts can help guide you in finding the right
solution for your unique issues. Complete the form and we are happy to
reach out as soon as possible to discuss more.

This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.