Signet High-Capacity Thumbdrive Supports 2FA, Password & Secure Data Storage (Crowdfunding)

Orange Pi Development Boards

Signet HC Crowdfunding Started

The latest version of the Signet thumbdrive is the Signet HC. The HC has a number of enhanced features and a lower price point, making it an attractive alternative to other high-security flash drives.  The drive is high capacity storage, with secure storage technology, 2 Factor Authentication (2FA) token and encryption.  It also has a password manager and enhanced database features.  The company has started its crowdfunding campaign and there are several device quantity options and peripherals.

Features of the Signet HC

The Nth Dimension has announced the Signet HC recently, bringing to the forefront of its latest device, the all-in-one aspects of the drive’s capabilities. The  Signet HC is certainly positioned to be one of the top featured, encrypted password protected, and 2FA storage devices of its size. The data on the drive is encrypted, and password protected and can be accessed through cross-platform client application available on Windows, macOS, GNU/Linux, and Android.  There is no need for a software download because the client software is stored right on the device.

Signet HC

Other Extended Features

There is physical security for malware protection, Signet HC implements FIDO U2F and FIDO2 two-factor authentication protocols used by many websites. Again, once a compatible transaction or login occurs the device will flash, indicating a physical interaction to complete the authentication. A press of the button on the device and the 2FA is completed. There are advanced mass storage security features including

    • Read Only volumes
    • Encrypted Volumes
    • One-time-use volumes
    • Physically-secured volumes
    • Unencrypted volumes

Personal and Password Management is a development from the original Signet drive. Access is through a secure database and can be viewed in the client and utilized directly for logins at websites. Flexible data storage, encryption key storage, and processing and multi-profile support round out the features of the drive.

Signet HC Specifications

    • Microcontroller: STM32F733 Cortex M7 @ 216 MHz
    • USB interface: 2.0 High-speed
    • Dimensions: 52 mm x 19 mm x 8.5 mm (longer than original Signet, but thinner)
    • Mass storage capacity: 32 GB
    • Mass storage medium: eMMC chip
    • Circuit design license: CERN OHL v1.2
    • Enclosure: Injection molded ABS plastic with a snap-together design
    • Database Capacity: 384 KB – enough space for thousands of entries
    • Database Storage Type: On-chip flash memory
    • GPIO: Three GPIO pins, or one UART port and one GPIO
    • Firmware code size: 128 KB
    • Maximum unencrypted transfer speed: 35 MB/s
    • Maximum encrypted transfer speed: 15 MB/s
    • Physical interface: illuminated tactile switch

The Manufacturing Expertise

The device is made up of a Printed Circuit Board Assembly (PCBA), button and enclosure. The delicate and complex manufacture of the PCBA is being handled by PCBWay, a strong practitioner in the circuit board industry.  They will handle all the manufacturing of the boards and any quantities over the initial order of 100 will be fulfilled by them.

Background on Tiny Security Keys

Two other reports on tiny boards with compatible features were released previously, the Somu tiny open source security key with FIDO2 and the Yubikery NEO with a password manager.

More Information

Access the crowdfunding page for more in-depth information on the Signet HC, and/or to pledge $80 for the 32GB USB drive. The Github page is accessible, but currently only contains resources for the first Signet USB security key.

Support CNX Software - Donate via PayPal or become a Patron on Patreon

8
Leave a Reply

avatar
1 Comment threads
7 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
Neils NesseClément PéronclementRogan Dawes Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Clément Péron
Guest
Clément Péron

Hmmm designing a security usb key with a standard processor that can be glitched. I will not trust it personally :/

Neils Nesse
Guest
Neils Nesse

I’m not sure any processor is provably glitch proof. I have seen some features in the STM32F7 line that offer some resistance to glitch attacks too. There are two reasons why glitching isn’t too important anyway. A user is not likely to be leaving the device unlocked unattended in a place where a glitch attack could be attempted unoticed. If the device is lost/stolen and an attacker manages to glitch their way into the internal memory then they are still going to need to brute force the encryption to get any usable data.

clement
Guest
clement

You have ST31/ST33 processors who have counter measures again hardware attacks.

Neils Nesse
Guest
Neils Nesse

These sorts of processors are intended for chip and pin type systems as far as I can tell. For those applications making sure the processors memory can’t be exposed is more critical because encryption can’t be effective because key space is too small. With Signet HC the data is protected by a (hopefully) strong password and encryption. The point of the device is not to be physically impenetrable but to provide a strong challenge to anyone who gets a hold of the device and to withhold sensitive data from any untrusted/compromised host operating systems.

Incorporating something like a ST31/ST33 is possible but would add to the size of the device since a MCU with high-speed USB would still have to be included. It would also be problematic from an open hardware and supply chain standpoint. These processors aren’t stocked anywhere and there aren’t publicly available reference manuals for them. I don’t know if they are under NDA or you simply need to agree to buy large numbers of them to get the details.

Clément Péron
Guest
Clément Péron

How do you trust that the Signet HC you received has an official HW/FW and not a backdoored one? It has not been modified when you replug it?

Yes unfortunately these chips are under NDA…

Neils Nesse
Guest
Neils Nesse

The question of proving that the device has not been backdoored is a difficult one. I heard of an example of a cryptocurrency wallet that used one of these ultra-secure chips. Just like Signet HC it needed a ordinary microcontroller for peripherals. It was later demonstrated that the use of the high security chip was not able to ensure the integrity of the whole system. I suspect this will always be the case unless the entire system can be encapsulated in the high-security chip.

For products like Signet HC I think it comes down to providing clear auditing instructions so that a large scale attack would still be noticed by someone and for users to buy as directly as possible from the manufacturer.

I have some specific concerns about high-security chips designed for very specialized use cases. If much of the implementation is in hardware it could make it more secure, but it could also make it easy for the hardware to be backdoored by design to reveal secrets.

Rogan Dawes
Guest
Rogan Dawes

And a 32GB Flash drive accessed over USB 2.0?

Clément Péron
Guest
Clément Péron

USB keys don’t claim to be secure…