How much trust can you squeeze into a microSD card? If you’re Google ATAP, the search giant’s outlandish research arm, it turns out the answer is “a huge amount.” Today at I/O the ATAP team revealed Project Vault, a full security computer packed into a microSD form-factor, and which if plugged into a phone, PC, or even an Internet-of-Things device could allow for entirely encrypted communications without the host device ever seeing what’s being discussed or worked on. Best of all, Google is releasing the whole thing as an open-source project.
“There’s an inherent tension between the desire to create capability and the ability to secure the very code that drives those capabilities,” Google ATAP lead Regina Dugan explained.
“My home has windows and doors, a porous boundary which is necessary for people and things to come and go. but those windows and doors make it harder for me to protect everything in the house. so I use a vault,” she said of the motivation behind Project Vault. “It can’t store all of the content of my house but it can store my most precious possessions.”
Project Vault the card does effectively the same thing. As well as an ARM processor there’s 4GB of isolated, sealed storage inside, together with NFC and an antenna which ATAP uses to identify the correct user is nearby.
Together, they can store files securely – Vault cleverly recreates the file structure a device would expect to find when it’s slotted in, only allowing access to specific data and marking all the other blocks as bad, which effectively makes it platform-agnostic – but also offer a suite of cryptographic services.
That includes hashing, signing, bulk and streaming encryption, and a hardware random number generator. ATAP has even found space for immutable logging, a gigabyte record of any attempts to access the card so that a hacking attempt could later be pinpointed.
The project is being led by someone with a notorious passion for privacy and security. Peiter “Mudge” Zatko is formerly of DARPA, just like Dugan herself, and joined ATAP in 2013. According to him, it’s about time that users had the same sort of security options that carriers and device manufacturers have made sure they engineer into the phones and other gadgets we carry.
“It turns out, you already have security elements in your phones and computers: SIM cards. They protect the things important to the carriers. Trusted Platform Modules. They’re the things that protect things important to the OEM and the content providers,” he pointed out. “Where’s the thing that protects the things that are important to you, that you have control over? So we made one.”
In Mudge’s demo, two smartphones running an instant messaging app were able to communicate via text message without the server in-between, or indeed the devices themselves, getting any inkling of what was being discussed. It needn’t be just text, though: in addition to encrypting any data stored on the card, Project Vault can secure streaming messaging, voice, and video communications, all in real-time.
It’ll be fully open-source, too, because ATAP is more than aware that it might struggle to gain the trust of the people who need to believe in Vault’s value.
“We’re doing this to be fully transparent because we want developers to be able to see how it works, understand it, and trust it,” Mudge explained.
Today, Google is deploying around 500 prototypes internally, as well as revealing the research hardware, dev-kit, and its accompanying software. It’s unclear when you might be able to buy a Project Vault card yourself, however.
“It shouldn’t matter how many doors or windows your house has,” Mudge concluded, “as long as it has a vault in it.”
MORE Project Vault