Google is open-sourcing its security keys
Search giant makes security keys accessible to all with OpenSK
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Security keysprovide consumers and businesses alike with a more secure and easier way to log in to online sites and services without using passwords.
However, not everyone has access to this technology which is whyGooglehas launched a new open source project called OpenSK to enable hobbyists and hardware vendors to build their own security keys.
The company’s new OpenSK initiative utilizes Rust-based firmware to turn chip dongles from Nordic Semiconductor into security keys that support both the FIDO U2F andFIDO2standards.
Googlehas also publicly released the necessary templates for users to 3D print their ownOpenSK Key Enclosureto protect their security keys.
DIY security keys
In ablog postannouncing the new initiative, Google’s security and anti-abuse research lead Elie Bursztein and software engineer Jean-Michel Picod explained why the company chose Nordic’s chips for its open source security keys, saying:
“In addition to being affordable, we chose Nordic as initial reference hardware because it supports all major transport protocols mentioned by FIDO2: NFC, Bluetooth Low Energy, USB, and a dedicated hardware crypto core.”
Director of product management at Nordic Semiconductor, Kjetil Holstad hopes that OpenSK will lead to mainstream adoption of security keys, saying:
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
“We’re excited to collaborate with Google and the open source community on the new OpenSK research platform. We hope that our industry leading nRF52840’s native support for secure cryptographic acceleration combined with new features and testing in OpenSK will help the industry gain mainstream adoption of security keys.”
Google also hopes to expand OpenSK to support other chips in the future though the project is currently in the experimental research phase.
ViaEngadget
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
