Meet OpenSK, an Open-Source 2FA Security Key Platform from Google

OpenSK on a Nordic chip


In an attempt to accelerate the adoption of security keys, which better protect our digital lives, Google has released a fully open-source two-factor authentication (2FA) security key implementation called OpenSK.

Written in Rust, OpenSK supports both FIDO2 and FIDO U2F standards, and promises to allow security key manufacturers, researchers, and anyone else interested in better security for online accounts to make their own security keys with innovative features, just by flashing a firmware on a Nordic chip dongle.

Under the hood, OpenSK runs on TockOS, an embedded operating system that provides the isolation needed between the security key applet, kernel, and drivers to create defense in depth.

“By opening up OpenSK as a research platform, our hope is that it will be used by researchers, security key manufacturers, and enthusiasts to help develop innovative features and accelerate security key adoption,” said Google.

Google choose to collaborate with Nordic Semiconductor as they provide cheap hardware that supports all major transport protocols mentioned by FIDO2, including Bluetooth (LE) Low Energy, NFS, USB, as well as a dedicated hardware crypto core.

While the Nordic chip dongle doesn’t come with a case, Google is also providing the blueprints to a 3D-printable case for your security key in case you want to protect it. The printable case is compatible with a wide range of 3D printers.

Below, Google is providing a quick demo of how its OpenSK open-source security key platform works. For more details and to get started developing your own FIDO authenticator, visit the official GitHub repository.

A quick demo of how OpenSK works as a security key on a Nordic chip

Source: Google

Last updated