5. taskit Vaultsec

In the Stamp series taskit has implemented a further cryptographic chip, that supports secure, unreadable storing of keys for SHA-256 hashes and ECC public/private key cryptographic algorithms.

  • SHA-256 Hash Algorithm

  • FIPS186-3 Elliptic Curve Algorithm

  • Storage for up to 16 Keys

  • Anti-clone for Accessoires and Base Boards

  • Secure Boot Validation

  • Network and Computer Access Control

  • Software Anti-piracy

  • Password Handling

  • Authenticated or Encrypted Network Communications

A public/private key pair can be generated by the cryptographic chip, where the private key is stored unreadable on the chip and is not known even to the user himself. The public key can be distributed and used for client/server authentication or for cloning prevention, when combined with the same chip on a base board.

The ECC public/private key pair can be used to negotiate an AES session key securely for using the microcontroller's AES engine resulting in a performant communication encryption and decryption. Likewise an AES key can be encrypted by the public key and stored in the filesystem. It can then be used to en- and decrypt files and applications fast.

The ECC public/private key pair can also be used directly to en- and decrypt low volume communication, files and applications.

The SHA algorithm enables to create unique checksums of your applications or configuration files ensuring their integrity.

The taskit Vaultsec solution is supported by a Linux driver. More information about this feature is available via our support.