After months of work, the CryptoCape is now available at SparkFun Electronics. This cape adds a bunch of security features to the BeagleBone Black. There are seven independent ICs on that board that are connected over I2C. Each IC has a range of features as such, there’s a lot one can do with this hardware. For those who like to read, check out the hookup guide for examples and a walk-through. If you want to listen and watch an off-the-cuff screencast of me performing at demo, check out these screencasts.
I’m very grateful to SparkFun for supporting this idea. I approached them with this idea and applied for their Hacker-in-Residence program. Back then, SparkFun was still calling “capes” “shields”. Now they have a slick BeagleBone Proto Cape in addition to mine, so I’d like to think I helped them get more into the BeagleBone 🙂
I’ve been having a lot of fun with this cape. Of course, I like the security ICs and written a fewdrivers for them. Even if you are not into security, the onboard ATmega is really fun. It can be flashed from the BeagleBone so you can combine Arduino projects with the Beagle!
I have a few boards on Tindie, that I hand assemble, but this is the first device that’s being professionally manufactured. This is the first, of hopefully more, open source hardware security devices from Cryptotronix. I have a few projects spinning now, but if you support open source hardware, and want to add some hardware security, feel free to contact me.
I’ll be talking more about the CryptoCape, how I got into this, and some project ideas at HOPE X in NYC this summer.
For those with a darker color hat, my DEF CON 22 talk was recently accepted. Once the abstract is posted on the speaker page I’ll announce that here. <evil grin>
The current shipping kernel version of the BeagleBone Black is 3.8. However, it is fairly easy to upgrade to 3.13 with the help of Robert Nelson’s scripts. Why upgrade to 3.13? Well, mainly because the support for the OMAP hardware random number generator, OMAP crypto accelerators, and TPM support are available. The TI crypto hardware (hwrng and AES, MD5, and SHA accelerators) are enabled by default in the BeagleBoard images. To enable I2C TPM support, we need to configure the kernel. The CryptoCape, which will be soon available at SparkFun Electronics, will have the Atmel 1.2 TPM.
There are three parts to this post. The first is how to flash Debian to the eMMC. This is not technically a prerequisite, but I keep looking this information up all over the web and I finally decided to write it down. This is how I setup all of my BBBs. The second section is how to use the scripts to quickly upgrade to the 3.13. The last section shows how to customize the kernel and add TPM support. Continue reading “Upgrade the BeagleBone Black to kernel version 3.13”→
Last weekend I received a LCD Touchscreen Cape for the BeagleBone Black (BBB). I attached it to a BBB running the latest Angstrom image and it came up nicely. I have yet to try it with Debian / Ubuntu, but it seems like people have done this. While it was responsive to my fingers, a stylus would work much better.
I’m planning on using it for a display for Tor Arm (which is nice, because I won’t need X!) If my workshop is accepted, I think it would be cool to show of the BBB Tor relay in real-time. Having crypto acceleration working would be nice too. I talked to more knowledgeable kernel hacker than I and I think I have a strategy to rebuild the module and install the kernel. Now I just need the time to try it…
For completeness, here are the latest entries in my log. It’s obviously not a workhorse, but it’s hanging in there. That and I’m getting closer to the t-shirt.
According to the BeagleBone Black (BBB) system reference manual, the TI processor supports cryptographic acceleration of AES, SHA (1 I assume), MD5 and has a hardware RNG. The performance with hardware acceleration is much better than just using the CPU. To date, I do not know how to take advantage of the hardware in a user-space application, like OpenSSL. In this post, I’ll document what I tried and hopefully I’ll either solve it later (look for a pingback below) or somebody will help post a solution!
I’m running a tor relay on my BBB, which establishes TLS connections that use AES and SHA according to the spec. My relay runs at about 70% CPU usage and I’m hoping I can lower that with hardware acceleration.