Back in 2014, Inverse Path launched USB Armory computer dongle running headless Linux from a MicroSD card and designed for security applications. The company got bought by F-Secure Foundry in 2017, and the latter has now launched another crowdfunding campaign for an upgraded version
USB Armory Mk II keeps a similar USB dongle form factor but replaces the NXP i.MX53 Cortex-A8 processor with a more efficiency NXP i.MX 6ULZ Arm Cortex-A7 processor, the USB type-A port with a modern USB-C port, adds 16GB eMMC flash, Bluetooth 5 LE connectivity, and new security features.
USB Armory Mk II specifications:
- SoC – NXP i.MX6ULZ Arm Cortex-A7 @ 900 MHz
- System Memory – 512 MB DDR3 RAM
- Storage – 16 GB eMMC flash + external microSD
- Connectivity – Bluetooth 5 LE + mesh module (U-blox ANNA-B112) with Arm Cortex-M4 MCU (nRF52832)
- USB – 2x USB type-C ports: 1x DRP (Dual Role Power) receptacle + 1x UFP (Upstream Facing Port) plug
- HW Security Chip – Microchip ATECC608A + NXP A71CH security elements
- Expansion – 8x GPIO via debug board (UART, SPI, I²C)
- Misc – 2x LEDs, slide switch for boot mode selection between eMMC and microSD
- Dimensions – 66 mm x 19 mm x 8 mm (without enclosure, including USB-C connector)
The board will be shipped with a case as illustrated below.
The USB computer dongle can run various Linux distributions such as Debian and Ubuntu, but also Android and FreeBSD booting from either the eMMC flash or a MicroSD card. USB device emulation enables CDC Ethernet, mass storage, HID, etc…
Some potential security applications made possible by USB Armory Mk II include advanced mass storage device with automatic encryption, virus scanning, host authentication, and data self-destruct…, OpenSSH client and agent for untrusted hosts such as Internet kiosks, VPN router for end-to-end VPN tunnelling, Tor bridge, password manager with integrated web server, portable penetration testing platform, and so on.
The table above shows the difference between the new Mk II dongle and the original USB Armory dongle, and while the hardware features are straightforward to understand, some of the security features may require a short explanation:
- HABv4 is the latest version of High Assurance Boot v4, an optional feature in i.MX processors that enables the on-chip internal Boot ROM to authenticate of the initial bootloader with a digital signature. HABv4.2.6 is apparently secure while the older HABv4.0.4 used in the first dongle was not.
- Data Co-Processor (DCP) module found in i.MX6ULZ provides support for general encryption and hashing functions typically used for security functions. The DCP module driver exposes its algorithms through the Crypto API interface in Linux.
- Secure Non-Volatile Storage (SNVS) found again in i.MX6ULZ is asecure non-volatile storage that includes a secure RTC, a security state machine, master key control, and violation/tamper detection and reporting. It is accessed via a device-specific random 256-bit OTPMK key, readable by the DCP only, that is fused in each SoC in the factory.
- The eMMC Replay Protected Memory Blocks (RPMB) feature replay-protected authenticated access to flash memory using a shared secret between the host and the eMMC.
USB Armory Mk II has just launched on Crowd Supply, and already surpassed its $20,000 funding target in a few hours. Pledges start at $149with free shipping to the US and $15 to the rest of the world. Delivery is scheduled for late December 2019, meaning if everything goes according to plans backers should receive their perks in January 2020.