The Signet firmware has now been ported to Signet HC. Our next goal is to add two-factor authentication support. With the encouragement of Solo Keys we have started to integrate core portions of their FIDO2 implementation for the Somu device. Since their implementation is already certified by the FIDO alliance it should be easier to get Signet HC certified as well.
The video below demonstrates our successful porting of the Signet firmware to Signet HC, including how to initialize the device, create an account, and use the browser plugin to login to a website.
We designed the Signet HC hardware to be a suitable authentication tool and secure storage device. We also took a number of steps to make sure that our users could use it for other applications as well.
Here are a few ideas we’ve had about alternate uses:
The term “Bad USB” refers to an exploit where a USB device can crash or compromise a system by purposefully violating the operating system’s expectations about how USB devices should behave. Signet HC could be used to run through a set of “Bad USB” experiments. It could use the button to cycle through tests and make a record of the results in the eMMC.
Desktop computer cases typically have a series of lights and buttons to show hard-disk activity or allow you to hard reset your computer. Signet HC could act as a second button for a configurable system action, and the button light could be used as a visual activity monitor, such as network activity, processor usage, case temperature, etc. The application could alter the brightness or blink rate to indicate measurement levels.
Signet HC could act as a hardware watchdog: a hardware watchdog receives regular system signals, and will reset the system if it doesn’t receive a signal within a preset time frame (suggesting that the OS kernel has crashed). Hardware watchdogs are frequently used for systems that must run continuously (such as a server).
You could program a simple service on your system to send a periodic message to Signet HC, and wire the motherboard’s reset line to one of the Signet’s GPIO lines to allow it to reset the system if the service stops sending messages.
A One-time pad is a kind of cryptographic key where there are as many bits in the key as there are bits to be encrypted. Since Signet HC microcontroller contains a high-speed true random number generator it could quickly fill up the eMMC with a large one-time pad. The one-time pad could then be shared with a second device over an encrypted channel and the devices could be used together to send highly secure messages between two people.
To make Signet HC the size we wanted, we couldn’t find enough room for a Bluetooth or WIFI chip. However, since two of Signet HC’s GPIO lines can be configured as a UART port, you can potentially connect it to a wireless enabled board (such as the Tiny Pico) and communicate with it over the UART port. This would allow Signet HC to be used or monitored at a distance, even opening up the possibility of web applications.