Signet High-capacity

by Nth Dimension

An all-in-one encrypted USB flash drive, two-factor authentication token, and password manager

$3,734 raised

of $6,000 goal

62% Funded

Pledge Now

$80

Signet HC

An all-in-one physically secured USB flash drive, authentication tool, and personal information manager you can take with you wherever you go.


$150

Two Signet HC's

Two Signet-HC's, an all-in-one physically secured USB flash drive, authentication tool, and personal information manager you can take with you wherever you go. You can give one Signet to a friend or keep one as a backup device.


$700

Ten Signet HC's

Ten Signet-HC's, an all-in-one physically secured USB flash drive, authentication tool, and personal information manager you can take with you wherever you go. You can give one Signet to a friend or keep one as a backup device.


$3

USB Extension Cable

Helps keep your Signet HC close to your keyboard when the closest USB port is too far away. Can also reduce strain on the device's connector to increase its lifespan. 3'

USB Extension Cable

$3

Micro-USB Host Adapter Cable

Connects your Signet HC to a USB-micro Android device. 6"


$3

USB-C host Adapter Cable

Connects your Signet HC to a USB-C Android device. 6"

USB-C host Adapter Cable

Details

Recent Updates


As Featured In

CNXSoft - Embedded Systems News

"The latest version of the Signet thumbdrive is the Signet HC. The HC has a number of enhanced features and a lower price point, making it an attractive alternative to other high-security flash drives."

Your Libre Personal Information Security Multi-tool

Signet HC is a secure USB drive, and the successor to our first product, Signet. It’s built with open-hardware and free and open source software. In addition to being an encrypted flash drive, it is also a two-factor authentication (2FA) device and a hardware password and personal information manager, making it a portable solution to a variety of data security problems. Signet HC’s encrypted data is password protected and can be unlocked through its cross-platform client application (available on Windows, MacOS, GNU/Linux, and Android). For convenience, the client software is stored on the device in a read-only partition allowing you to use it without downloading software.

Physical Security for Malware Resistance

Signet is physically secured in the sense that a user must take physical action (press a button on the device) to allow sensitive commands to be executed. Physical security blocks any malicious software from executing commands on the device. Signet HC’s physical security features make it resistant to malware in a variety of environments. Signet implements physical security by requiring the user to press its button to permit the execution of any sensitive command; the button flashes blue when any sensitive command is sent to the device.

Two-factor Authentication (2FA)

Two-factor authentication requires the presence of a secure device in order to log in to a website or complete an important transaction. Two-factor authentication compensates for weak or compromised passwords. Signet HC implements the FIDO U2F and FIDO2 two-factor authentication protocols used by a variety of popular websites. Once you have paired Signet HC with a compatible website, you can complete your log in or transaction by pressing the device button when its light flashes. For added security, Signet HC can be configured to disable two-factor authentication features until the device is unlocked.

Advanced Mass Storage Security Features

Signet HC can contain several types of storage volumes in its embedded 32 GB flash memory, each suited to different purposes:

  • Read-only volumes: Once populated, these volumes are read-only when the device is locked but write access can be enabled after the device has been unlocked. When we ship Signet HC we will include a read-only volume with the client software stored on it.
  • Encrypted volumes: An encrypted volume is stored in an encrypted format (AES-128 or AES-256 with cypher block chaining) on the eMMC that is not visible to your operating system until the device is unlocked.
  • One-time-use volumes: Flash drives are often used to transfer files from one computer to another. This often results in the drives accumulating an assortment of files from past transfers and risks exposing sensitive data if the drive is later shared. Signet HC’s one-time-use volumes are automatically securely erased after being used for a computer-to-computer data transfer – removing clutter on the drive and protecting your data’s confidentiality.
  • Physically-secured volumes: A physically secured volume is visible to the client but not the operating system. You can request that specific files or folders be made available to your computer’s operating system. Each request requires confirmation by pressing your Signet’s button.
  • Unencrypted volumes: Although our focus is on security, we think it is important to allow use of the device as an ordinary flash drive when data security and confidentiality are not critical.

Password and Personal Information Management

Signet HC implements the password management features we developed in the original Signet device: it stores a password database in an encrypted format inside its microcontroller’s internal flash memory. Once the device is unlocked you may view the data directly in the client and copy to the clipboard.

The client supports browser plugins for Firefox and Chrome that can fill in data such as login and password information on text forms. The client can also forward the data to the device’s USB keyboard interface to type data directly into another application. For website logins, the keyboard device will enter <tab> and <enter> keystrokes to log in to the website with a single request.

Flexible data storage format

Signet HC is not limited to storing information about account passwords. Instead, it has a flexible database structure that allows you to create new data types and to add fields to individual entries for notes and associated data. This allows you to safely store any data you data you wish to keep off the cloud.

Backups

Keeping your Signet HC with you comes with the risk of losing the device. You can configure Signet to regularly back up your data when connected to your primary computer, to either your computer’s hard disk or a designated removable media device such as a USB stick or memory card. The Signet client can then read the backups when you provide the master password, giving you immediate access to your data and the option to upload the data to a replacement device. Since backing up the storage volumes can be time consuming their backup options can be done with a different policy or backup frequency.

Encryption Key Storage and Processing

Signet HC will support the storage and generation of asymmetric cryptographic keys. In addition to storing such keys, Signet HC can perform actions with them such as file encryption, file signing, and SSH authentication. With Signet HC, you can securely use your private cryptographic keys in any environment.

Our aim is to support most of the common functions of the GNU Privacy Guard (GPG) software suite. There is such a wide variety of cryptographic algorithms in use that there are likely to be some algorithms we wont support immediately. However, it should be easy to add new cryptographic algorithms over time. We will listen to our users to determine which features are most important.

Multi-profile Support

Signet HC supports the creation of multiple profiles, each with its own unlock password. Each profile can be configured to display only some database entries or storage volumes stored on the device. This allows you to create different profiles with different settings to prevent sensitive information being seen by eavesdroppers. A common use case would be keep your personal accounts (such as dating sites, online shopping, etc.) invisible when you’re at work. The multi-profile feature provides “plausible deniability” since it is not possible to know about the existence of the different profiles without knowing their unlock passwords. Signet HC makes it easy to maintain multiple profiles by allowing you to assign tags to data. When you create a profile you can specify a set of tags that will be visible in that profile.

Our Open Source Commitment

As with the original Signet, we will release source code and CAD files for Signet HC before we deliver the devices. We will release the software under the GPLv3 license and the hardware specifications under the CERN Open Hardware License v1.2. We believe sharing our files under free software licenses is essential to developing a credible, secure system – closed systems can harbor defects or even backdoors that are harder to find and fix compared to open systems. We invite outside observers to study our systems to look for any security flaws.

Extensible Design

Our devices will not be locked down by default, allowing you to upload your own firmware. Users are free to study the design, make changes to the hardware or firmware as they see fit, or even develop entirely new applications for the hardware.

You’ll be able to choose to lock down the firmware to add a level of tamper resistance to the device. Even locking down the firmware is reversible as long as the device data is wiped first. This increases the difficulty of attacking a stolen device while still protecting a user’s right to use the device for another purpose after locking it down.

In order to make the hardware itself expandable, we have exposed several electrical signals on the board:

  • BOOT0 pin: By pulling this signal high you can enter the microcontroller’s bootloader to flash the firmware. The standard firmware has its own upgrade mechanism, but you might need this signal if you decide to use a completely different firmware image.
  • Three GPIO pins: They can all be used for general purpose signaling and two of them can be configured as a UART port.
  • Single wire debug (SWD) lines: You can use these signals to debug the hardware in real time. For security, this feature is automatically disabled if you lock down the firmware.

Hardware Features

  • Microcontroller: STM32F733 Cortex M7 @ 216 MHz
  • USB interface: 2.0 High-speed
  • Dimensions: 52 mm x 19 mm x 8.5 mm (longer than original Signet, but thinner)
  • Mass storage capacity: 32 GB
  • Mass storage medium: eMMC chip
  • Circuit design license: CERN OHL v1.2
  • Enclosure: Injection molded ABS plastic with snap-together design
  • Database Capacity: 384 KB – enough space for thousands of entries
  • Database Storage Type: On-chip flash memory
  • GPIO: Three GPIO pins, or one UART port and one GPIO
  • Firmware code size: 128 KB
  • Maximum unencrypted transfer speed: 35 MB/s
  • Maximum encrypted transfer speed: 15 MB/s
  • Physical interface: illuminated tactile switch

Software Features

  • Compatibility: Windows, Linux, MacOS, Android
  • Client software license: GPLv3
  • Firmware software license: GPLv3
  • Encryption Method: AES-128 or AES-256 with cipher block chaining (CBC)
  • Encryption Key Derivation: SCrypt hash function with per-device randomized salt
  • Two-factor authentication protocols: FIDO U2F and FIDO2
  • Volume encryption
  • One time use volumes: Created to transfer files; deleted automatically after use
  • Physically secured volumes: Copying files to OS requires a Signet button press
  • Password and personal information manager: Can be accessed by client and/or browser plugin
  • Cryptographic features: File signing, file signature verification, file and email encryption, SSH-authentication, etc
  • Client software on read-only volume
  • Compatible with the original Signet device

Comparisons

Signet HC offers a number of new hardware and software features compared to Signet. Signet contained only a 256 KB microcontroller flash memory whereas Signet has a 32 GB eMMC memory in addition to a 512 KB microcontroller flash memory. It is also runs substantially faster at 216 Mhz with a cryptographic accelerator. The original Signet ran at only 48 Mhz with no cryptographic accelleration. Signet’s capabilities were well suited for managing and encrypting its personal information database. Signet HC’s more advanced capabilities allow it keep Signet’s database capabilites, handle mass storage encryption and perform many other new fuctions.

Signet HC Iron Key D250 Kingston Vault privacy Nitrokey Storage 2
Length 52 mm 75 mm 78 mm 70 mm
FIDO U2F support Yes No No No
One-time password (OTP) support Yes No No Yes
Password management features Yes No No Limited
Private key storage/algorithms Yes No No Yes
Physical Security Features Yes No No No
Encrypted read/write speed (averaged) 15 MB/s 19 MB/s 66 MB/s 5.5 MB/s
Mass storage capacity 32 GB 16 GB 32 GB 32 GB
Price $80 $268 $100 $182

There’s a wide range of prices for encrypted storage devices, but we think most are priced much higher than they should be. Unfortunately, we cannot exceed the transfer speeds of the proprietary USB storage drives we have looked at. Notably these products generally don’t offer significant features beyond drive encryption. Another factor is that we have prioritized keeping Signet HC compact. All devices offering encrypted mass storage capabilities we’ve looked at are 70mm or longer. We limited our device length to 52mm which is the length of the average house key.

Manufacturing Plan

The Signet HC device has three parts: printed circuit board assembly (PCBA), button, and enclosure.

  • The PCBA will be manufactured and assembled by PCAWay. We will have 100 circuit boards made during the campaign and will increase the order quantity as needed for fulfillment.
  • If we receive more than 1,000 orders we will have the buttons injection molded to speed up production. Otherwise, we will have the buttons 3D printed in resin. Each 3D printed button will require some manual work such as support removal, sanding, and defect identification.
  • The enclosure will be injection molded. The mold has already been produced; we have tested samples from the mold and they fit the PCBA design well. We will order 500 parts initially during the campaign. If we have more than 500 orders we will make additional enclosures as needed.

Assembly consists of inserting the button and PCBA into the enclosure halves and snapping the enclosure halves together. After assembly, each unit will go through a basic functional test and have its eMMC memory tested for bad blocks. Devices that pass the functional test and two rounds of bad block checking will be deemed suitable for shipping.

Fulfillment & Logistics

We will ship assembled Signet HC units to Crowd Supply for distribution to backers. For more information, see Crowd Supply’s ordering and shipping page.

Risks and Challenges

We have reduced many campaign risks by building production-quality prototypes and putting them through stress tests as well as everyday use cases. The main remaining risks we see are:

Problems with PCBA Manufacturing

We will have our volume PCBA orders manufactured by PCBWay, which is a different company than the one we used to build our prototypes. They are a reputable company but there is always a risk that miscommunication or differences in their manufacturing processes will reveal new problems. By limiting the size of our initial production order, we will be giving ourselves a chance to correct any initial issues before they become too costly.

Problems with Component Availability

Both our microcontroller and eMMC memory chip of choice are not well stocked by distributors. We have procured 250 eMMC chips in advance to make sure there are no delays in our initial order of 100 PCBAs. It’s possible that at higher volumes fulfillment could be delayed while we locate new suppliers or wait for distributors to refresh their stock.

Software Deliverables

We are promising many software features, some of which are not present in the original Signet and have not been prototyped yet for Signet HC. In many cases, there are open source projects and libraries that we can incorporate or refer to, so these features can be added rapidly. That said, there is still a risk that fulfillment gets delayed by software development alone. In this case, we may decide to ship the hardware with some software features missing and then provide the missing features in an update.

Support and Documentation

Funding ends on Oct 21, 2019 at 04:59 PM PDT (11:59 PM UTC)


Credits

Nth Dimension

Producer of privacy and security focused open source electronics.


Neils Nesse

Creator

Mingjane Wu

Technical writer / UX designer


PCBWay

PCBA Manufacturer

Sea Sky Tooling

injection molding

Subscribe to the Crowd Supply newsletter, highlighting the latest creators and projects: