Arrow Chameleon96 Community Board

The Chameleon96 community board from Arrow includes Veridify Security's quantum-resistant key agreement protocol and digital signature algorithm reference design. These public-key methods feature small, fast, and very low-energy solutions designed to accelerate authentication and help secure the Internet of Things.

About the Chameleon96 Community Board

The Arrow Chameleon96 community board features an Intel Cyclone V SoC FPGA-based system that is fully compliant to the Linaro 96Boards open platform specification. The board includes industry standard interfaces and expansion headers for 96Boards compatible mezzanine cards and interface kits.

Unlike other 96Boards, the Chameleon96 board includes Intel's SoC FPGA, which combines the performance of a dual core ARM Cortex-A9 processor with the flexibility of programmable logic, providing the ultimate in system customization. Programmable logic is also ideal for accelerating embedded software with custom hardware.

Chameleon96 Security Functions

The Chameleon96 board includes Veridify's quantum-resistant Ironwood Key Agreement Protocol in addition to the company's quantum-resistant WalnutDSA digital signature verification algorithm.

Diffie-Hellman-Like Authentication Protocol
The Ironwood key exchange protocol allows one device to authenticate another but with differing computational demand required by each device. This allows the majority of the computational burden to be borne by the least critical end point (a mobile device, IoT gateway, or base station, for example).

  • Diffie-Hellman-like authentication protocol
  • 128-bit security level
  • Quantum-resistant to known attacks
  • Reduced footprint, ultra-low-energy
  • Supports ultra-fast performance on low-resource connected devices

Digital Signature Verification
Veridify’s WalnutDSA algorithm provides integrity, authentication, and non-repudiation between parties such as IoT devices and end points. When one party needs to know unequivocally that a message has come from a specific sender, the sender can include a hashed digest of the message that is signed by the sender’s private key. The recipient can use the sender’s public key to verify that only the sender could have signed that message, and that the message has not been altered even by a single bit. The WalnutDSA function included with the Chameleon board provides this verification function. The algorithm is based on Group Theoretic Cryptography (GTC), and it runs faster, and with lower energy consumption, than the ECC-based DSA solution “ECDSA.”

  • Digital signature verification protocol
  • 128-bit security level
  • Quantum resistant to known attacks
  • Very fast verification
  • Test vectors to facilitate rapid testing
  • Signature generation SDK available

Secure Boot
In the context of Intel's Cyclone V with hard processor system (HPS), secure boot describes Veridify's approach to securely loading firmware into the HPS as well as loading the FPGA image. A trusted boot loader performs a verification of the HPS firmware/RTOS and FPGA device images before allowing them to run. The image verification step requires access to the images public signing key from read-only storage, and although the Chameleon96 does not provide that on-board, any implementation using its Intel Cyclone V can provide this additional function via an Intel EPCQ write-protected flash memory or similar device.

Secure Firmware Updates/Secure Firmware Delivery
Leveraging both Ironwood and WalnutDSA, Veridify also provides a secure firmware delivery / secure firmware update solution. Device manufactures sign their firmware with a digital signature which gets verified on the device using WalnutDSA. Confidentiality of the firmware is maintained by leveraging Ironwood and encrypting the firmware to the device. Firmware can be targeted to a single device or a complete device family, allowing manufactures control over which devices get which firmware. The firmware process is managed in the cloud.

For more information on the Chameleon96 board, call + or email us.