 Hello everyone, how does your home means hello everyone in Chinese because this talk will be perhaps Potentially for young Chinese Yes, so today my talk is my hardware flying stone tiny 01 revision shen chen shen chen is a third city in China Which is famous for computer and the electronics and It is for It is called gnuq token gnuq token is a token to store our my private key for Gunu PG so This is the FST 01 shen chen version and it is ready now This part is FST 01 shen chen and this is a metal case To begin with I'd like to thank you to Luis Philip Murillo for for this opportunity of Shencheng he kindly invited to Shencheng DIY group Few years ago six years ago or so and That opportunity made this project and then many my friend gnuq related somehow and lastly my My brother in Hong Kong Kindly offer Bed and breakfast for me. Yeah, Hong Kong is next to shen chen as you know mean is somehow long-time hacker on a gunu project and Linux and Debbie and gunu PG and I come up an idea for 01 and all for my Self-ins in introduction These days I'm doing a three project one is a noisy No easy is a random number generator and it's It is very important for random number generator Nobody nobody should control on the number random number generation so that the random number sequence cannot be controlled by Some single engineer or a single company it is considered very bad so it zero means nobody and One means Independent individual or only you so my project gnuq is For one and only for your private key that So one represent My group project and all means gnuq project It means that Everyone deserves computing freedom So that is my a kind of my catch copy of my work 01 and all yes and this is the first version of FST 01 which I designed in 2011 and it was manufactured in 2012 I use chi-card for pcb this design at that time and I keep using chi-card but it also Offer me problems. So let's go The why I designed gnuq token the I At first I made a firmware But I don't have a good hardware as a reference Design so I have to design myself The reference design of gnuq so it is Its purpose is to control our crypto compute computation for only one user So it is very important to minimize the attack surface so the goal is For hardware design the goal is it it should be Reproducible by anyone. It is so important It means that our independence against some more manufacturer so And all technical document document should be available and with with no NDA Never this is very important for gnuq token and the Other freedom is also important. We I don't want to be I Don't want to be depend dependent on some proprietary tool So I use chi-card for pcb design and I use gnu gnu tool change for firmware for Firmware building the firmware and I use open ocd to access my hardware and Those practice makes it possible to avoid possible backdoors And then I may after some it it was 2011 the first design was 2011 and then I had to design another This is a my use case of gnuq token. I use Single token with multiple computers and I have to use I I have to had to update my design in 2016 because of format change of chi-card Yes You know the for reproducibility format change considers not that good and but anyway, I Understand it is required. It was required, but and some cheap LDO was discontinued. So anyway at that time I need to update my design and And it found that SPI flash in original version of FSTZ-1 was not used by Anybody so I removed that the SPI flash from the board It was designed in 2016 and it was manufactured in 2017 And then last year I Have another opportunity for for New design that is FSTZ-1 shen-chen Because of again format change of chi-card so Perhaps some some users of chi-card Encounter this issue. So anyway, it is a good opportunity for me to To update my design because because of major major reason is two one is a MCU protection of the I Use STM32 F103 for FSTZ-1 but these days it is on the service menu for In the advertisement of the reverse engineering company, I mean that We they it say that we can we can do lead out the flash contents of the MCU if requested so I don't know how much does How much does it cost or? If it is applicable to to the particular chip of the FSTZ-1, but It is already And the advertisement is available. So I should change the MCU Yes, that was a major one of the major reason and And and another reason is that these days chips are very chips Computer chip can be very small and the on the other hand the original design in the original design I use the big USB connector so people can Marisha's Marisha's engineer can put small small chip inside this This connector to be to to compose Chip in the middle attack so So I need to change the form factor more smaller That was a two reason and this is a result and the my challenge is Use of Chinese part the new part gd32 103 TV it is basically pink on particle version and the and Newer and faster and cheaper and I also use Small USB form form factor called wristband It is common a Kind of defect standard in China. So I use I take those two Chinese technology and I also use Chinese test creep and the big bone green as JTAG debugger So this is an interesting chip by giga device and GD stands for giga device Not go dot engine. Yes the game engine But it is it a it uses licensed arm Cortex M3 core, but the peripheral is independent Reimplementation of the ST micro so and the good thing is that it has no weight cycle to to the Flash access actually it is static gram based architecture and the static gram law is Loaded by flash flash content at the boot time And so the access to Slam is no Webcycle it is very good feature for for It means that this side channel information For for example power and all it makes Difficult it makes power analysis and the timing analysis difficult because of no No weight cycle. This is very good feature for cryptography Yes, and the This is a USB form factor called wristband and it is a kind of defect standard It it's smaller and it composes of two parts Metal shell and the board Originally it is for small USB memory. Yes and This is the part metal shell and plastic connector And this is a original Wristband for USB memory. This is so it is called wristband This is a Chinese character, which means wristband and These days we have a plastic cover for this form factor and We have many kinds of the plastic cover include perhaps this Violate infringes copyright, you know, you may know that that that's a Spider-man perhaps and we also have Batman or a Doraemon or any in China. Yes, in fact and we also have a metal case like this and FST 01 Shenzhen version with metal case it considers Have a very good feature against Tampal resistance it is it has a feature of Tampal resistance because it is one way procedure to put Shell into the case and this is the photo FST 01 Shenzhen version in action This is the metal case and have a hole for LED And this is the test environment Using the test creep special test creep Chinese made in China and This is a big bone green. I use big bone green as a JTAG debugger because We can learn we I learned debia on this computer so that the SWD flash process can be controlled by all fleece of two year even if in the factory an Engineer use Computer with windows the flash Writing process is controlled by debian so It it has less attack vector Then using windows directly So this is a close shot and And I'd like to share some some of my experience The my My purpose is for Open hardware is reproducibility For computing freedom So there are many things to For reproducibility we have a component availability problem like the LDO is discontinued. So then I have to lead update my design or tools data format matters to as I explain as I encounter two times and That's okay. That's and and the tool chain also matters They are like a good old tool chain. It is very important for reproducibility and the And for reproducibility if it is intended for many or mass production We should have a test plan and it is better for us to Publish our test plan together with our Open hardware design That that is my proposal. I'd like to propose a practice this practice Publishing a test test plan for hardware design So that so that people can Reproduce the design and check if it is the same hardware. Yes and the thirdly China is very important for hardware design and It's good to learn Chinese culture for better communication if you consider manufacturing in China and Especially the very important thing is a holiday season now We will this week. We will have a Chinese new year Happy Chinese new year and on in October in October we have a national day in China so we should know such a schedule and It would be good to learn about how Tao Bao or Alibaba work It's very good to to find a Chinese unique product there And the relationship Personal relationship is I think very important in Chinese culture So I occasionally visit Shenzhen to just say hello yes and and It is very important to confirm the exact part exact material exact schedule so to to Keep good relationship and In China specifying the manufacturer and the manufacturer product number is Not enough yes because of Say copycat culture the It is somehow difficult to identify original manufacturer Because there are there is some sort of shared the culture in the in the industry say the mold type Shared among the company. Yes, so It's cool. It's okay If the component is not a Chinese one and available worldwide in Deji key mouth or etc But when it is a Chinese unit part you should Check by with your own eyes. Yes, it is my recommendation Yes Yes, so remember that the the copycat culture, but I like it The implementation is good for improvement and it is a source of innovation So I'd like to say thank you for this culture, but you should know that Yes So Shenzhen is a big city a computer and electronics many young engineers but as a Guno PG developer, I have some concern that because QR code payment is ubiquitous there and there are so many surveillance cameras and the policemen Yes, so you are privacy guy. It would be difficult for you to visit Shenzhen It's wrong. Yeah, I won and to summarize in 2011 I started Basically mainly it was because it's cheap, but it Things has been changed evolved a lot and now in China They have a good PC VA service and there are many unique Chip and the components and I take advantage of those things in Shenzhen to achieve good product That's my presentation basically, but here I have some discussion and Here are my questions three questions, how do you maintain your hardware design your repo? In my case, I put my garba the output because I Don't I am not sure the version change of the tool kaike ad Guaranteed the same up to put or not So I I I also put the output in the in the repo But I'm not sure if it is good practice or not Usually for software we avoid Putting our output into the repository, but For hardware design currently for me it is inevitable. So I'd like to Listen your opinion about that and How do you ensure the output is same as? The authors and the you yours so here that is my concern Are you using some automation like a CICD feature? That is my question and how do you care about the reproduced ability of your hardware design? that is my discussion and lastly my children's question If it is so reproducible why people buy from you Papa Good question. I don't know But I can say that There is a tribe called hackers Thank you. That is my Questions Or a comment or answer to my question Risk Yeah, yeah, thank you Should I Should I let me repeat the question and comment his comment People support People want to support developer and the people care about the distribution problem if there is a Mind of middle so it makes sense to buy from the developer directly That was his comment if I understand correctly, right? Thank you Mm-hmm Yes, the his comment is that In my time there there is a possibility to infect the Mauritius software inside that chip so it it makes sense to if if Person can believe the developer it is better to buy directly from the developer Because there is a another back another Another possibility of the attack changing the firmware between the developer and Developer and the consumer. Yes, that that is that light The question is how a user can test if the hardware is exactly the one developer built the My answer would be yes We I have a test a kind of test suit in GNUK distribution So a user can learn that test food Against the he's when when he received the hardware But still it would be possible Suppose there is a Mauritius guy between in the in the channel It in the distribution channel and he he can also learn my test food so It it cannot guarantee there is a Mauritius code inside so once I Proposed some some hardware feature so that the MCU can can can put can emit the Share one hash or share to hash of the flash ROM content, but I don't know I Don't know that I I I have no idea and Semiconductor company want to support such a feature in the MCU so country I cannot guarantee or a user cannot Examine the For software distribution you can check by the shower a share hash or Using the GPG or for for this digital signature, but For hardware I we don't have yet That So the question is how they I How my technology can protect the private key against several attacks Yes, the the answer is that I only I I depends on the MCU protection feature By the semiconductor company against it is against JTAG direct access So JTAG direct access is prohibited using that That using that mechanism so people Mauritius suppose Mauritius guy get the hardware. He cannot use JTAG debugger to access flash content but So but he he can possible so when when with JTAG debugger all that all he can do is Clear the flash content he cannot lead other private key Yes, thank you. So lastly I say happy hacking. Thank you