The Snowden and subsequent revelations have called into question the integrity of some of the implementations of basic cryptographic functions and of the cryptographic devices used to secure applications and communications on the Internet. There are serious questions about algorithms and about implementations of those algorithms in software and particularly in hardware. The algorithmic issues are in the domain of the heavy math cryptography folk. But we must also deal with the implementation issues.
To fill this need the CrypTech project is developing an open-source hardware cryptographic engine design that meets the needs of high assurance Internet infrastructure systems that use cryptography. The open-source hardware cryptographic engine must be of general use to the broad Internet community, covering needs such as securing email, web, DNSsec, PKIs, etc.
The goal of the CrypTech project is to create an open-source hardware cryptographic engine that can be built by anyone from public hardware specifications and open-source firmware and operated without fees of any kind. The team working on the project is a loose international collective of engineers trying to improve assurance and privacy on the Internet. It is funded diversely and is administratively quartered outside the US.
The project solicits functional requirements from a wide range of organizations. It will focus on the classic low level cryptographic functions and primitives, and not get drawn into re-implementation of application protocol layers.
We hope that a group of interested organizations will offer funding for development, and that the IACR and public sector cryptographers will provide algorithmic advice and wide and open review. If you or your organization is interested in helping this effort, please consider offering financial support to keep the work flowing.
Please see our 2015 year-end report for further information on the goals and funding for CrypTech.