Skip to content

What is Fobnail Project?

Fobnail Project provide resources to create axiomatically trustworthy device and simple user interface to attest platform state. For detailed project description please check here.

  • Fobnail firmware is an open-source implementation of the iTurtle security architecture concept presented at HotSec07; in addition, it will leverage industry standards like TCG D-RTM trusted execution environment and IEFT RATS. The Fobnail project aims to provide a reference architecture for building offline integrity measurement verifiers on the USB device and attesters running in Dynamically Launched Measured Environments (DLME). It allows the Fobnail owner to verify the trustworthiness of the running system before performing any sensitive operation. Fobnail does not need an Internet connection what makes it immune to the network stack and remote infrastructure attacks. It brings the power of solid system integrity validation to the individual in a privacy-preserving solution.
  • The Fobnail Token is a tiny open-source hardware reference design of USB device that provides a means for a user/administrator/enterprise to determine the integrity of a system. To make this determination, Fobnail Token leverage Fobnail firmware, which act as an attestor capable of validating attestation assertions made by the system. As an independent device, Fobnail Token provides a high degree of assurance that an infected system cannot influence Fobnail Token as it inspects the attestations made by the system.

Where to go next?

Other resources