Home / Blogs

Help CrypTech (and Me) Make the Internet More Secure

Are you ready to help me make the Internet more secure? Here’s your chance to join me in a project to create an open-source hardware device to protect email, files and other data from hackers and government spies.

The CrypTech Project was founded in late 2013 after NSA whistleblower Edward Snowden revealed that the US and other governments were exploiting weak cryptography and loose standards to gain access to citizens’ email, documents, and other files.

A group of engineers—myself among them—decided to create and fund open source hardware engine designs capable of strong and reliable encryption and decryption for email, plus public-private key encryption for digital signatures, DNSSEC, files and other uses.

Snowden’s revelations raised many question whether some of the most basic cryptographic building blocks could be trusted to secure the Internet. How many backdoors exist and who knows how to exploit them? How closely had security vendors been working with the NSA to sell-out their customers?

Our response is to create inexpensive ARM/FPGA-powered Hardware Security Module (HSM) designs that can store crypto keys and act as a signing engine to assure the authenticity of digital content.

The HSM uses USB to communicate with a host computer. The USB connection is terminated at an onboard single-purpose controller chip that connects to the CPU over a serial bus. This design protects the CPU from an attack via the USB. The crypto keys remain safe.

We have implemented a true random number generator, now widely tested, fed with system noise from onboard electronics. The ensures that our random numbers really are random, essential to strong cryptography. In the past, weaknesses in random number generators have been exploited by hackers.

Our team has already implemented SHA-512, SHA-256, AES, ECDSA, and other algorithms necessary for strong encryption/decryption. We have a working prototype and are completing an initial hardware design.

The goal is for a user to be able to construct the CrypTech HSM from off=the-shelf parts and free downloadable firmware. We expect commercial manufacturing as well, both of outboard models and internal designs.

CrypTech is a great open source project, which benefits from a watchful community that makes sure the HSM is not compromised by accident or by hidden backdoors or other intentional weaknesses. Open source has proven its ability to create successful security technology, and CrypTech will be no exception.

Still, we need your help. The project has expenses and we always need more volunteers. We’ve received financial support from Google, Comcast, and other companies. To protect the project from dependence on any donor, we have limited contributions to no more than $100,000 per company.

We also appreciate support from the Internet Society and RIPE, the IP allocation organization. If your organization would like to contribute, we would appreciate your support.

If you’d like to volunteer, we would appreciate that, too. While engineers are most in demand, we use some non-engineers, as well. Eventually, we will need beta testers for hardware and software.

I work with the project as a finance lead and my company, Afilias, is a CrypTech supporter.

To learn more, visit our website at cryptech.is where you will find information and links to our wiki and source code.

By Ram Mohan, Chief Operating Officer at Afilias

Mr. Mohan brings over 20 years of technology leadership experience to Afilias and the industry.

Visit Page

Filed Under

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.



Threat Intelligence

Sponsored byWhoisXML API

Domain Management

Sponsored byMarkMonitor

IPv4 Markets

Sponsored byIPXO


Sponsored byVerisign

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign