Calls: Send in your ideas. Deadline April 1, 2024
logo
hex
Grant
Theme fund: NGI0 PET
Start: 2019-08
End: 2022-10
More projects like this
Hardware

betrusted

A protected hardware device for your private matters.

Betrusted aims to be a secure communications device that is suitable for everyday use by non-technical users of diverse backgrounds. We believe users shouldn’t have to be experts in supply chain or cryptography to gain access to our ultimate goal: privacy and security one can count on. Today’s “private key only” secure enclave chips are vulnerable to I/O manipulation. This means there is no essential correlation between what a user is told, and what is actually going on. Betrusted will build a full technology stack, including silicon, device, OS, and UX that is open for inspection and verification. Betrusted is a simple, secure, and strong device that aims to advance Internet freedom.

Why does this actually matter to end users?

As our lives get more digital every day, we use the internet to have important conversations - both personal and professionally. We also store and share more and more sensitive personal data on devices. On the internet you cannot just close the door to talk privately. So we need digital safe spaces and digital locks and vaults that are just as reliable and easy to use to store our secrets and mediate our communication.

Recently manufacturers have started to build so-called hardware enclaves or secure elements into their devices that function like a digital safe: even if someone is able to get some software installed into your computer, phone or laptop, they should not be able to immediately access what is in the safe.

But of course, creating a secure space or making a digital safe in an environment you don't really control or understand is really hard. All the technical protection no longer matters when someone can invisibly take control or peer over your shoulder. Especially since you as a user can't see yourself what is happening on the inside of your digital house. A safe and a rogue application can and will look completely identical to a user, and there is simply no way to distinguish among them based on their appearance. Users install many unknown games and applications all the time ("install our app to start getting discounts now!"), and forget that this is actually letting more or less random entities run unknown software on the phone that holds some of their most important information. And what if the operating system of your computer or phone itself has an unhealthy interest in your data or metadata, or is weakly protected to that others can just enter - similar to how unsafe it would feel if your landlord or the janitor is a peeping tom or a thief?

Betrusted is a dedicated open hardware device with the goal to create safe and more easily protected private channels for your communication. You can have a frivolous phone to play games, and do all the other things you meanwhile use your phone for. The Betrusted device is a complementary device that restricts itself to protecting the things that matter most, like your conversations and phone calls. It will also be able to hold passwords, digital versions of your passport (and other digital credentials and attributes), and whatever sensitive digital information you need to keep completely secure.

The idea is to create a portable, dedicated physical vault isolated from everything else you do, and with a deliberately limited feature set which makes it much harder to attack. The device can connect to your phone through wifi, and is ideally suited for so-called end-to-end encryption. This means you don't need a separate subscription. It does not matter if your phone is hacked or if the free wifi you use is safe or not - the internet skips your phone and betrusted can set up encrypted communication with end-to-end assurance.

The overall approach is security through isolation and simplicity: you can never leave a backdoor open if you don't build a door in the first place. As a user you can verify this, because the entire design and development of the device will be open to the public, from the software it runs down to the silicon that makes up its chips. A transparent, easy to use and secure digital safe that you can actually trust, with an configurable and easily understandable interface you want to use.

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.