Maker Show and Tell at Aleph Objects

Maker Show and Tell at Aleph Objects

Yesterday I presented at Loveland CreatorSpace’s Make Show and Tell hosted by Aleph Objects. As always, I was impressed by everybody’s projects. There was a decent non-member showing as well as the word is getting out about LCS. By the way, we have a physical space now.

Talking about the CryptoCape
Talking about the CryptoCape

Midway through the show-and-tell we receive a tour of Aleph Objects and saw the massive 3D printer array, which is printing parts for more 3D printers. Aleph gives tours frequently so if you are in the Northern Colorado area, you should really check it out.

The early cryptocape.  Made on a prototype SparkFun breadboard
The early cryptocape. Made on a prototype SparkFun breadboard

I was there talking about the CryptoCape and I had brought the first prototype with me. The board has certainly come a long way and there is plenty more to do. I really wanted a crypto board that was hacker-friendly and could be extended in various projects. I keep thinking about new ways to use the cape and I think it’s going to be a lot of fun for people.

In other news, tomorrow is Arduino Day. Swing by SparkFun and pick up some discount Arduinos! I have my eyes set on the pro Minis.

Upgrade the BeagleBone Black to kernel version 3.13

Upgrade the BeagleBone Black to kernel version 3.13

The current shipping kernel version of the BeagleBone Black is 3.8. However, it is fairly easy to upgrade to 3.13 with the help of Robert Nelson’s scripts. Why upgrade to 3.13? Well, mainly because the support for the OMAP hardware random number generator, OMAP crypto accelerators, and TPM support are available. The TI crypto hardware (hwrng and AES, MD5, and SHA accelerators) are enabled by default in the BeagleBoard images. To enable I2C TPM support, we need to configure the kernel. The CryptoCape, which will be soon available at SparkFun Electronics, will have the Atmel 1.2 TPM.

There are three parts to this post. The first is how to flash Debian to the eMMC. This is not technically a prerequisite, but I keep looking this information up all over the web and I finally decided to write it down. This is how I setup all of my BBBs. The second section is how to use the scripts to quickly upgrade to the 3.13. The last section shows how to customize the kernel and add TPM support.
Continue reading “Upgrade the BeagleBone Black to kernel version 3.13”

Developing the CryptoCape at SparkFun Electronics

I’m about to start my second week at SparkFun Electronics as a hacker-in-residence and I’ve made some great progress. I have an initial draft design of the CryptoCape, which will be scrutinized this week by the awesome SparkFun engineers. Also, I’m working on a BeagleBone Black Cape tutorial which should help anyone looking to get started with Capes and setting up the EEPROM. On Wednesday, my last day, I’ll be giving a lunch-and-learn entitled “Crypto for Makers.” There’ll be a short primer on cryptography and then I’ll dive into project ideas involving crypto. I’m planning on ending with a short talk on submarine life, just for fun.

Ok, so this picture wasn't taken at SparkFun.  But I'm using the AtMega328p on the Cape.  Also, working at SparkFun is equivalent to taking a Master's course in Eagle CAD, so expect some nice revisions to the Hashlet!
Ok, so this picture wasn’t taken at SparkFun. But I’m using the AtMega328p on the Cape. Also, working at SparkFun is equivalent to taking a Master’s course in Eagle CAD, so expect some nice revisions to the Hashlet!

If you are in the Northern Colorado area, I’ll be hosting a talk at Loveland CreatorSpace on Tuesday, January 21st where I will describe the hacker-in-residence experience and go into some more details about the CryptoCape and building for the BeagleBone Black.  Space is limited, so RSVP on Meetup.

At Cryptotronix, I’ve made my first international sale! I’ve expanded shipping to Canada and Europe. Check out the Cryptotronix store on Tindie for more details.

Cryptotronix: My new open hardware / software company

I’ve started a company: Cryptotronix, LLC. I figured it was the most responsible thing I could do before my daughter is born in about two months… For those that have been following with my BeagleBone posts, I’m focusing on the CryptoCape and making other circuit boards containing crypto chips. The first board, which I’m calling the “Hashlet,” performs SHA-256 and can store keys on the device for use in keyed-hashes. It’s specifically made for the BeagleBone Black (although one could also use a Raspberry Pi).

The Hashlet.  The chip is an ATSHA204 over I2C.  The mini-cape (capelet) sits nicely on the P9 header and has convenient I2C test points.
The Hashlet. The chip is an ATSHA204 over I2C. The mini-cape (capelet) sits nicely on the P9 header and has convenient I2C test points.

Tinkering with these devices has been a lot of fun and I am committed to seeing the CryptoCape come to fruition.  However, it’s very easy to get security and cryptography wrong (and not even know it!). Therefore, the key (ha!) is to be as open as possible, especially in the early design stages. I’m making open-hardware and where applicable, writing GPL’d software to go with the device, which should allow plenty of room for feedback.

I’m trying to keep a zen “Beginner’s Mind” about this and focus on making accessible, embedded crypto boards with the hope that others will use them as building blocks for awesome open-projects.

Received my Tor t-shirt!

I received my Tor t-shirt the other day!  One can receive a t-shirt by meeting one of the following criteria (from the Tor Project website):

Very cool back of the Tor t-shirt.
Very cool back of the Tor t-shirt.
  1. A large enough ($65+) donation to the Tor Project.
  2. Operate a fast Tor relay that’s been running for the past two months: you are eligible if you allow exits to port 80 and you average 100 KBytes/s traffic, or if you’re not an exit but you average 500 KBytes/s traffic.
  3. Help out in other waysMaintain a translation. Write a good support program and get a lot of people to use it. Do research on Tor and anonymity, solve some of our bugs, or establish yourself as a Tor advocate.

I run two non-exit relays, one of which is on a remote server and qualified for #2 above.  The other is my BeagleBone Black relay, which doesn’t quite meet the traffic requirement but makes up for it in coolness.  😉

In the case that the coolness factor didn’t win them over, I also mentioned my Internet privacy class at my local hackerspace, Loveland CreatorSpace.

BeagleBone Black OpenVPN Performance

UPDATE (later that day…)

I re-ran the test, this time using the BBB as the server and the OpenVPN client was running in an Ubuntu VM on my Mac.  The two devices were connected directly via Ethernet.  As expected, the numbers are much better when they don’t travel across the world.

Too bad I couldn't get the hardware acceleration working... that might have prevented 100% CPU usage.
Too bad I couldn’t get the hardware acceleration working… that might have prevented 100% CPU usage.

And the bandwidth results:

Over OpenVPN:

iperf -c 10.1.0.1 -t 20
------------------------------------------------------------
Client connecting to 10.1.0.1, TCP port 5001
TCP window size: 21.8 KByte (default)
------------------------------------------------------------
[  3] local 10.1.0.2 port 58840 connected with 10.1.0.1 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-20.1 sec  79.2 MBytes  33.1 Mbits/sec

Over raw TCP. Interestingly, this was slower. However, I only ran the test once.

iperf -c 192.168.2.10 -t 20
------------------------------------------------------------
Client connecting to 192.168.2.10, TCP port 5001
TCP window size: 22.9 KByte (default)
------------------------------------------------------------
[  3] local 10.0.2.15 port 59179 connected with 192.168.2.10 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-20.1 sec  68.4 MBytes  28.6 Mbits/sec

Original Post follows

A visitor asked about OpenVPN performance on the BeagleBone Black (BBB).  It wasn’t too bad to set up OpenVPN on a server; I followed this tutorial. The test setup is as follows:

  • OpenVPN client: BBB, located in the middle of the United States
  • OpenVPN server: My Virtual Private Server, located in Europe

For various reasons I didn’t want to run the server on my local computer. I mention this because the measured bandwidth is not very impressive. However, the inquirer seemed more interested in CPU performance, so I think this test setup should be fine.

After I connect the client and server via the VPN, I ran iperf to gather the statistics. On the client, I used this clever script to capture CPU performance and prep the data for gnuplot. Gnuplot is one of those programs that I use once in blue-moon, so I’m posting the commands, mainly so I remember them next time 😉

set title "BeagleBone Black OpenVPN AES-128-CBC Performance"
set ylabel "Idle CPU (percent)"
set xlabel "Time (seconds)"
set terminal postscript eps
set output 'out.eps'
plot "openvpn.txt" using 1:2 title 'OpenVPN' with lines, "no_vpn.txt" using 1:2 title "No VPN" with lines

Anyway, here are the results. Continue reading “BeagleBone Black OpenVPN Performance”

BeagleBone Black Network Benchmarking

A visitor asked about BBB throughput stats.  I was surprised that I couldn’t find any information after some quick searching.  I ran a few tests with iperf and the results are below. My test setup is configured as follows:

  • BBB on 5V power adapter
  • BBB Ethernet connected to iMac Ethernet directly
  • BBB is running Debian Wheezy

I installed iperf on the BBB with apt and did a brew install iperf on my Mac.  On the Mac (acting as my server), one just runs ipef like this: iperf -s.

If somebody else with a BBB wants to benchmark the network performance, please share the link!

I also intend to do some SSL benchmarking, but that’s a little tricky. I think for that test, I’ll just connect over SSL and then download a file and measure the throughput.

Anybody else have ideas for better test setups or other networking tests?

debian@arm:~$ iperf -c 192.168.2.1 -t 20 -p 5001
------------------------------------------------------------
Client connecting to 192.168.2.1, TCP port 5001
TCP window size: 21.0 KByte (default)
------------------------------------------------------------
[  3] local 192.168.2.10 port 49075 connected with 192.168.2.1 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-20.0 sec   225 MBytes  94.2 Mbits/sec

Continue reading “BeagleBone Black Network Benchmarking”