We are excited to announce our new partnership with Tropic Square and the integration of wolfBoot with their TROPIC01 secure element. Tropic Square has developed an open architecture hardware secure element for applications, including IoT devices, crypto wallets, or any modern application that prioritizes security.
Unlike most hardware secure elements, the TROPIC01 solution is built with an open-architecture. The TROPIC01 implementation is auditable, allowing engineers to review the design to verify the security implementations and ensure there are no hidden features or backdoors.
The Tropic Square team has integrated wolfBoot with the TROPIC01 secure element, using the secure element as hardware Root-of-Trust for the secure boot process. The TROPIC01 chip provides:
- Storage of ECC public keys for verification operation
- Enabling secure provisioning of ECC (verification) keys
- Enabling secure provisioning of AES (decryption) keys
- Storing “associated” data (key values and other secrets)
What makes this integration particularly significant is that it extends the open nature of the wolfBoot solution down to the hardware level. This transparency allows users and security researchers to audit the security of the design and implementation of the solution. This approach follows Kerckhoff’s principle that a cryptosystem should be secure even if everything about it, except the secret key, is known to the attacker: As a result, users no longer have to blindly trust that the secure element is free from vulnerabilities or back doors.
The pull request adding TROPIC01 support can be found here: https://github.com/wolfSSL/wolfssl/pull/8812
The solution is available here: https://github.com/wolfssl/… or https://github.com/tropicsquare/
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now