The American giant and multinational technology company who specializes in Internet-related services and products, which include online advertising technologies, search engine, cloud computing, software, and hardware, Google has announced a fully open source project for implementing hardware security keys for USB drives. OpenSK is an open-source implementation written in Rust for supporting FIDO U2F and FIDO2 standards.
To move a step ahead of passwords, FIDO (Fast Identity Online) authentication standards were launched. FIDO protocols deploy standard public key cryptography for fool-proof authentication. All personally identified information is stored locally on the user’s device.
Until now, only Google and Yubikey offered FIDO compatible keys using their own proprietary hardware and software.
With the launch of OpenSK project, users can now create their own developer key by flashing the OpenSK firmware on a USB dongle. OpenSK project is not only supported on USB drives but all nordic chip dongles that support major transport protocols including NFC, Bluetooth Low Energy (BLE) and a dedicated crypto core.
To make your own FIDO authenticator, you can follow the instructions given in the video below:
Since this is an open-source project, therefore, Google itself is not recommending it to board hackers. According to the official blog post by Google, “this release should be considered as an experimental research project to be used for testing and research purposes.”
Google mentions that the aim behind the OpenSK project is to include more researchers, security key manufacturers, and enthusiasts to develop security keys and increase the adoption of FIDO standards.
In a world where hackers are deploying advanced techniques to steal user data, it is important to protect your online accounts.