Hackers donate 90% of profit to charity 2019/06/13

NGI Zero awarded two EC research and innovation actions 2018/12/01

EC publishes study on Next Generation Internet 2025 2018/10/05

Bob Goudriaan successor of Marc Gauw 2017/10/12

NLnet Labs' Jaap Akkerhuis inducted in Internet Hall of Fame 2017/09/19



[Pitchfork -- concluded on 2018/08]

The PITCHFORK is a free/libre hardware device for compartmentalizing key material and cryptographic operations in a small and durable USB device. It uses a Cortex-M3 processor and stores all keys in the CPUs flash. The PITCHFORK has an embedded radio interface over which it can do secure key exchanges with other devices, including "post-quantum" cryptography. Over USB it can send and receive messages using various modern low-level crypto protocols providing different aspects of overall security.


Once a computer device you own is compromised, any cryptographic material on the device itself becomes available to the attacker to gain access to wherever that material can give access to - making your secrets as safe as the devices you use.

A Pitchfork board

In a PITCHFORK device, the cryptographic material your security depends on is stored in isolated hardware. It aims to directly protects cryptographic key material from adversaries in many different scenario's controlling the users environment such as network traffic, general computing devices, possession of the key container.


The concept is similar to smartcard-based cryptographic key-compartmentalization devices like the Nitrokey/Cryptostick, however the team behind Pitchfork tries to address some different attack vectors which results in additional capabilities. The radio device allows for offline private key exchanges, while the on-device user interface is resilient against keylogging on a compromised device.

Pitchfork team

Pitchfork is supported by NLnet and the Internet Hardening Fund.


Send in your ideas.
Deadline October 1st, 2019.