{"id":13546043,"url":"https://github.com/google/OpenSK","last_synced_at":"2025-04-02T17:32:31.590Z","repository":{"id":36971538,"uuid":"228682115","full_name":"google/OpenSK","owner":"google","description":"OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.","archived":false,"fork":false,"pushed_at":"2025-03-14T17:54:35.000Z","size":7652,"stargazers_count":3110,"open_issues_count":32,"forks_count":300,"subscribers_count":89,"default_branch":"develop","last_synced_at":"2025-04-01T18:48:01.950Z","etag":null,"topics":["ctap2","embedded","fido2","firmware","hardware","opensk","rust","security","security-key","tock","tock-os","u2f","webauthn"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/contributing.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-17T18:55:43.000Z","updated_at":"2025-04-01T04:21:13.000Z","dependencies_parsed_at":"2023-11-24T16:23:28.706Z","dependency_job_id":"5ce911bb-d6ee-4cf8-96e4-ca397c5963ca","html_url":"https://github.com/google/OpenSK","commit_stats":{"total_commits":581,"total_committers":16,"mean_commits":36.3125,"dds":0.7401032702237522,"last_synced_commit":"1b70583243a45392ca6638e891b3bbb965fd9be5"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2FOpenSK","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2FOpenSK/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2FOpenSK/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2FOpenSK/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/OpenSK/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246697264,"owners_count":20819459,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ctap2","embedded","fido2","firmware","hardware","opensk","rust","security","security-key","tock","tock-os","u2f","webauthn"],"created_at":"2024-08-01T12:00:30.511Z","updated_at":"2025-04-02T17:32:31.584Z","avatar_url":"https://github.com/google.png","language":"Rust","readme":"# \u003cimg alt=\"OpenSK logo\" src=\"docs/img/OpenSK.svg\" width=\"200px\"\u003e\n\n![markdownlint](https://github.com/google/OpenSK/workflows/markdownlint/badge.svg?branch=develop)\n![pylint](https://github.com/google/OpenSK/workflows/pylint/badge.svg?branch=develop)\n![Cargo check](https://github.com/google/OpenSK/workflows/Cargo%20check/badge.svg?branch=develop)\n![Cargo format](https://github.com/google/OpenSK/workflows/Cargo%20format/badge.svg?branch=develop)\n[![Coverage Status](https://coveralls.io/repos/github/google/OpenSK/badge.svg?branch=develop)](https://coveralls.io/github/google/OpenSK?branch=develop)\n\n*News:*\n\n- 2023-08-24: [PQC paper reference](#Research)\n\n## OpenSK\n\nThis repository contains a Rust implementation of a\n[FIDO2](https://fidoalliance.org/fido2/) security key.\nSecurity keys are external devices that can be used for signing in on websites.\nYou can see OpenSK in action in this\n[video on YouTube](https://www.youtube.com/watch?v=klEozvpw0xg)!\n\nWe intend to bring a full open source experience to security keys, from\napplication to operating system. You can even 3D print your own open source\nenclosure!\n\n\u003cimg src=\"docs/img/enclosure.jpg\" alt=\"OpenSK Enclosure\" width=\"200\"/\u003e\n\nYou can run OpenSK as a [Tock OS](https://tockos.org) application, or use the\nlibrary to bring OpenSK to your own hardware.\n\nYou are viewing the branch for developers. New features are developed here.\nGo to the default branch for a more stable version of OpenSK.\n\n### FIDO2\n\nOpenSK's version that implemented CTAP 2.0 was certified by the FIDO Alliance.\n\nThe develop branch tracks the latest release version of the\n[CTAP specification](https://fidoalliance.org/specs/fido-v2.2-rd-20230321/fido-client-to-authenticator-protocol-v2.2-rd-20230321.html).\nThis branch is not FIDO certified.\nOpenSK supports U2F, and non-discoverable credentials created with either\nprotocol are compatible with the other.\n\n### :warning: Disclaimer\n\nThis is not an officially supported Google product.\n\nThis project is **proof-of-concept and a research platform**. It is **NOT**\nmeant for a daily usage. This branch is under development, and therefore less\nrigorously tested than the numbered branches.\n\nWe're still in the process of integrating the\n[ARM\u0026reg; CryptoCell-310](https://developer.arm.com/ip-products/security-ip/cryptocell-300-family)\nembedded in the\n[Nordic nRF52840 chip](https://infocenter.nordicsemi.com/index.jsp?topic=%2Fps_nrf52840%2Fcryptocell.html)\nto enable hardware-accelerated cryptography.\nIn the meantime, we use [RustCrypto](https://github.com/RustCrypto).\n\n## Hardware\n\nYou will need one the following supported boards:\n\n*   [Nordic nRF52840-DK](https://www.nordicsemi.com/Software-and-Tools/Development-Kits/nRF52840-DK)\n    development kit. This board is more convenient for development and debug\n    scenarios as the JTAG probe is already on the board.\n*   [Nordic nRF52840 Dongle](https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF52840-Dongle)\n    to have a more practical form factor.\n*   [Makerdiary nRF52840-MDK USB dongle](https://wiki.makerdiary.com/nrf52840-mdk/).\n*   [Feitian OpenSK dongle](https://feitiantech.github.io/OpenSK_USB/).\n\n## Installation\n\nTo install OpenSK,\n1.  follow the [general setup steps](docs/install.md),\n1.  then continue with the instructions for your specific hardware:\n\t* [Nordic nRF52840-DK](docs/boards/nrf52840dk.md)\n\t* [Nordic nRF52840 Dongle](docs/boards/nrf52840_dongle.md)\n\t* [Makerdiary nRF52840-MDK USB dongle](docs/boards/nrf52840_mdk.md)\n\t* [Feitian OpenSK dongle](docs/boards/nrf52840_feitian.md)\n\nTo test whether the installation was successful, visit a\n[demo website](https://webauthn.io/) and try to register and login.\nPlease check our [Troubleshooting and Debugging](docs/debugging.md) section if you\nhave problems with the installation process or during development. To find out what\nelse you can do with your OpenSK, see [Customization](docs/customization.md).\n\n## Research\n\nWe implemented post-quantum cryptography on OpenSK. The code is released under\nthe [hybrid-pqc tag](https://github.com/google/OpenSK/releases/tag/hybrid-pqc).\nOur [paper](https://eprint.iacr.org/2022/1225) was published in the ACNS\nSecure Cryptographic Implementation workshop 2023 and won the best paper award.\n\n\u003cdetails\u003e\n\u003csummary\u003eBibtex reference\u003c/summary\u003e\n\n```\n@InProceedings{Ghinea2023hybrid,\n    author= {Diana Ghinea and Fabian Kaczmarczyck and Jennifer Pullman and Julien Cretin and Rafael Misoczki and Stefan Kölbl and Luca Invernizzi and Elie Bursztein and Jean-Michel Picod},\n    title=  {{Hybrid Post-Quantum Signatures in Hardware Security Keys}},\n    booktitle=  {{4th ACNS Workshop on Secure Cryptographic Implementation, Kyoto, Japan}},\n    month=  {June},\n    year=   {2023},\n}\n```\n\n\u003c/details\u003e\n\n## Contributing\n\nSee [Contributing.md](docs/contributing.md).\n\n## Reporting a Vulnerability\n\nSee [SECURITY.md](SECURITY.md).\n","funding_links":[],"categories":["Web and Cloud Security","Rust","Password-less auth","Hardware Authenticators","Firmware Tools, Libraries, and Frameworks","Library"],"sub_categories":["Authorization \u0026 Authentication Frameworks","Security key"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2FOpenSK","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoogle%2FOpenSK","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2FOpenSK/lists"}