Send in your ideas. Deadline February 1, 2025
Resources
Source code :
https://github.com/fobnail
Documentation :
https://fobnail.3mdeb.com
Stay up to date
RSS or Atom feed
Website
More info available :
https://fobnail.3mdeb.com
Grant
Theme fund: NGI Assure
Period: 2021-06 — 2023-05
More projects like this
Hardware
Operating Systems

Fobnail

Remote attestation delivered locally

The Fobnail Token is a tiny open-source hardware USB device that provides a means for a user/administrator/enterprise to determine the integrity of a system. To make this determination, Fobnail functions as an attestor capable of validating attestation assertions made by the system. As an independent device, Fobnail provides a high degree of assurance that an infected system cannot influence Fobnail as it inspects the attestations made by the system. Fobnail software is an open-source implementation of the iTurtle security architecture concept presented at HotSec07; in addition, it will leverage industry standards like TCG D-RTM trusted execution environment and IEFT RATS. The Fobnail project aims to provide a reference architecture for building offline integrity measurement servers on the USB device and clients running in Dynamically Launched Measured Environments (DLME). It allows the Fobnail owner to verify the trustworthiness of the running system before performing any sensitive operation. Fobnail does not need an Internet connection what makes it immune to the network stack and remote infrastructure attacks. It brings the power of solid system integrity validation to the individual in a privacy-preserving solution.

Run by 3mdeb Embedded Systems Consulting

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.