 Yeah, hello everyone. Very excited to be here. I will be talking today about the future of OpenHardware in a verifiable decentralized world. And to give you an overview of what I will be covering in this talk, I will first of all give a brief intro and context about the whole scope. About me, about Riot, the institution I'm representing, about the OSHWA, the OpenHardware Association, and about the OpenHardware Month, which is happening this month. The main part of my talk will be dealing with what OpenSource hardware is, what can we understand about OpenSource hardware, what is verifiable hardware. I will give a few examples also to make it tangible. I will talk very briefly about hardware security modules and trusted execution environments and solutions for the future that are based on OpenSilicon. So, to give a bit of context, my name is Matthias Tarsiewicz. I'm the director of the Riot Institute. I'm also a board member of the OSHWA of the OpenSource hardware association. And please get in contact with me in case I'm talking too fast or the slides are confusing or something. Basically, I want to also refer to a talk I've been giving this week, which was called the past, present, the future of opt-out with open and libre hardware. At HCPP 19, the hackers Congress, Parliament, and Nepalese, which is dealing also with OpenHardware. So it was a little bit of a longer talk, about one hour, so this might be more of a contextualization if you're interested. This should be online already, I guess. But briefly to introduce Riot, we are an independent institute. We're working with crypto economics, future crypto economics, to be more precise. We're working with privacy technologies and OpenHardware. And we're doing this since 2009, and formally as this organization since 2012. And we have a background also working with diverse OpenHardware projects. This is maybe a more well-known project. This is the Apparatus open source cinema camera, which is a full camera based around OpenHardware. So every part of this camera except the lens, of course, are OpenHardware. So you can see my presentation at 32C3, which I have been given at the Carl's Communication Congress, which is explaining the project. It's an older project, but this project is still going on. It's also interesting to see how kind of long life spans is open, how the projects have. So I can strongly suggest, if you want to see a quite large OpenHardware project to see this talk or get more information on the apparatus.org website. You might also remember this thing. This was actually a magazine we have been giving out at the last DEF CON. So it's kind of a newspaper. It's kind of a book obfuscated in a newspaper. And we have been distributing this at the last DEF CON. And this month we have the open source hardware month, the OpenHardware month from the Oshawa. And in this context, Riot and we will be giving out this kind of bags with also the Future Crypto Economics magazine, but also with Openism Conversations in OpenHardware, which is a book and a conversation series where we try to figure out and find out how projects are, which kind of different open source strategies projects have and why are the open sourcing really hardware, how are they approaching it and how far can you go in doing so. So maybe to contextualize also the OpenHardware month, what will happen in this month? It's already running the month and there's a lot of other events coming up. This talk is also part of OpenHardware month and there's worldwide events, most different hacker spaces from industry from a lot of different actors. There's workshops, there's a lot of formats and there's a lot of communication and documentation going on. So there will be a lot of projects made visible online under the hashtag OHM 2019 on Twitter. You can also still post some pop-up events under OHM.Oshawa.org and maybe to briefly explain what this OHM is. It's in 501c3, so it's an association, it's an NGO, and its main purpose is to organize conferences and community events, to educate the general public about open source hardware, to organize the open source hardware movement around shared values and principles, to collect, compile and publish data under open source hardware movement and to provide a painless way for creators to indicate that their products meet a standard for open source compliance and what that standard means or what the context means is very visible on this website. I can strongly recommend to take a look at it so you also get an idea of what kind of projects are out there. It's a very good directory in my opinion to see what kind of certifications are already out there who underwent this certification process. I also want to direct your attention to this thing. It's the OpenHardware Summit which has a 10-year anniversary and it will happen in March next year in New York, so you can already get tickets or become a sponsor if you're interested. We are excited about this one because this will be a very large event. But now to the main part of my talk, so I will briefly introduce what open source hardware is. So there's a kind of longer description that you can find from opensource.com. I copied this from opensource.com and briefly to get us into the topic open hardware, open source hardware refers to the design specifications of a physical object which are licensed in such a way that said objects can be started, modified, created and distributed by anyone. That means in opposition to open source software, in hardware we have a lot of documentation, we have a lot of blueprints, logic designs, a lot of descriptions about the object we are trying to open source and these all are ideally made available to everyone. There's a very good sum up of this whole movement and about how the Oshawa came to be. This is a book which is called Building Open Source Hardware, which also explains all the pitfalls that come with open source hardware and the differences also from a logistic point of view. This has been edited by Alicia Gibb and features also a lot of writers and a lot of different projects from the open source hardware context. But to explain better what it is, what is actually open hardware. So as Michael Weinberg here was writing in this book, hardware is already born open, but we have to understand also that hardware is very different than open source software because in a way we have to understand that software is based on copyright and software protection, the GPL and CC licenses are based around, are considered artistic work while hardware falls on the patent law because it's considered a useful article or things that do stuff. So that means there's a lot of patents out there in the hardware world. So how kind of open hardware projects are usually protected then in a way is through trademarks as is evidently very visible with the Arduino project, which is a trademark, although there are a lot of knockoffs of the Arduino, everyone knows the name so that the trademark is secured in a way. There's a lot of specific open hardware licenses. I listed here three of them. There's the temporal license, there's the sun open hardware license where the second version is currently being in draft. It's very interesting, really if you are interested in looking this up. It's a lot of discussion also on what are the limitations of licenses and GPL v3 is also a very common license, not super common, but would be the ideal license in my opinion for open hardware. So these are the two most common known open hardware projects. So this is the Arduino, you all know it possibly. It's coming from the maker movement. It's considered to be one of these tools for the maker movement and of course open like a rep rep printers or 3D printers are also considered open hardware, not all of them, but the Ultimaker one is an open hardware piece. So in my opinion we can see two effects of open hardware which are in my opinion really viable and which are different to closed sourced hardware. So it's very educational, that means it's educational because you can study the designs, you can study the specifications, you can look at the actual hardware, you can understand what's actually going on. That also means you can potentially write your own firmware with the hardware that you're looking at and verifiability which is the point I'm stressing much more because in a much more connected world that we have today and also in regards to cryptography and blockchain verifiability is key in my opinion. So also if we look at this kind of idea of zero trust verifiability is very important in order to make sure that we don't have to trust we can always verify and this is very complicated with modern hardware. It's actually not even possible in most cases. So I want to a little bit explain this idea of verifiable hardware and we had a very interesting panel discussion today in the sun. It was a little bit hot but we had a very interesting approach we discussed how vintage hardware could possibly solve this kind of security nightmare and this verification debacle that we have these days. Long story short we're using a lot of non-verifiable hardware these days. So if you look at your phones, if you look at all these kind of components that you have around your computers what not, all are not really verifiable. That means if I really want to know okay what's going on is there some computation that happened that I want to make sure that isn't compromised? It's really really hard to do so. So I want in this context also refer to an interesting certification program from the Free Software Foundation who identified and basically listed a lot of devices that can be used in modern day hardware and desktop computers that are not having binary blobs. That means you can actually verify them by making sure that the firmware hasn't been compromised. Also maybe to contextualize a little bit the Linux kind of has a lot of proprietary drivers. So there's also the Linux Libre fork of Linux which tries to de-blob in a way the whole Linux kernel. So usually if you remove all the commits from Linux Torvalds you are almost good to go with the almost Libre kernel. This is a very interesting piece of hardware. I also own this and I can strongly suggest any crypto anarchist, the cypherpunk to own this device. It's an old I think but X200 and the interesting piece of it is actually that you can use this because it's verifiable. It runs Libre boot so you can make sure that there's no bios backdoors inside. You can basically run, it has no Intel management engine on it so you can basically make sure that in a way you create your keys and if you use it in a kind of an offline manner you can even make sure that your keys aren't compromised. But it comes with a few kind of pitfalls in my opinion. So we have two problems still also with this kind of Libre hardware and with this old vintage hardware if we want to use this in kind of high security applications. We have SSDs which are a problem because they again embed another ARM processor which could be potentially compromised and there could be other backdoors in the CPUs that we don't know about which in the context of the just shown device this would be eliminated because it's an old vintage device. It's actually I would say like 10 years old or something. So there's a few attempts to solve this problem also from the open hardware movement and SSDs are the best kind of place where to put your implant in case you want to actually make sure to survey someone. So this is the open SSD project. It's a very interesting project because it also educates people on how SSD controllers function and there's another newer approach to SSD and to other kind of verifiability parts of hardware which is the chips alliance. It's a common hardware for interfaces, processors and systems. Two interesting projects you should definitely take a look at. So I want to also point here at the common hardware we're using in day-to-day crypto activities. So in this context I want to also refer to a small exhibition archive which is like traveling here around the DEF CON. It's called materialities of modern cryptography and it's actually a selection. It's a hardware archive that we are collecting since approximately 10 years which features like different prototypes, different non-release prototypes, materialities but also like this kind of modified, this modified dices that you see in the right top which are all kind of explaining different security concepts and how we are in a way because we don't trust hardware falling back to this kind of age before microcomputing. So I'm strongly suggesting you take a look at this. Also this is part of the open hardware dialogue so we're trying to figure out how can we explain and educate more about hardware. So what's coming back to this kind of day-to-day crypto hardware. So of course a lot of people know crypto hardware wallets. A lot of people use hardware wallets. These are three quite common hardware wallets out there with a very different concept behind them from a hardware perspective. So we have on the left side the Trezor which is an open source hardware which means it's verifiable but here you also see that it's very interesting because while we have the specifications and everything available, parts or the components of the open hardware are not verifiable at all because you have to trust the producer, the manufacturer that the components are not compromised. So we can verify the Trezor the most. We can verify a hardware wallet out there but that doesn't mean it's secure necessarily. So you have to make sure that you secure yourself. In the middle we see the Bitbox. It's kind of a different concept. It's partly open which means it runs open source software but uses a hardware security module. So you have to trust the manufacturer of the hardware security module that this is not compromised. And then we have the ledger on the right-hand side which is completely closed source. So here, just an example, if you're kind of the verifying type you would actually be able to create your own Trezor hardware and then load the firmware on it and run the firmware. Here's an example of a hardware-based project that there was a talk yesterday, I guess. The Statos key card which is a Java card-based hardware solution which is basically an open platform to develop your own workflows. It might have been also an interesting aspect but it's also closed. It's Java card, it's Oracle. So another element you came across possibly is hardware number generators. There's a lot of them but I made a few screenshots here of nice ones. This is the Tifa. It might have been a really beautiful crafted device. And here's the Altus Matron, a more liberal device. So these are common devices to generate entropy and randomness in order for you to create safe keys. Of course, there's also hardware tokens and there's a lot of them because they exist since a long time. I just made a few screenshots of a few of them and these are very common devices to identify yourself and to do all sorts of security protocols and workflows. And there is even more open elements than the ones that I was showing. Here's, for example, the Somu, Tomu and Formu series which started as kind of an open-source project. It's also certified by the Oshwa. And this is also an interesting hardware. This is the Nitro key. It's kind of a multi-purpose cryptography hardware. You might have come across this because Purism delivers this with the Purism laptops in order to verify that your supply chain hasn't been compromised so they're sending you this device on the left-hand side in a different parcel so you can actually check, okay, is my bias compromised or not. So all the things I've shown you are not really verifiable or are at least only verifiable to some point and we're using them on a daily basis. So what can we do about that? I want to briefly also go into the modules that I was referring to that are parts of all these kind of devices or partly parts of these devices I was showing which are hardware security modules to briefly explain what they are. So they are physical computing device, safeguarding and managing digital keys. So we need them for strong authentication crypto processing. They're usually in hardware wallets such as the Legend, Bitbox, but they're also in the Java card, Status key card. We see them in the Nitro key in mobile phones and IoT devices. And then on the other hand we have trusted execution environments which are isolated execution environments where you can do secure processing, where you can do untempered processing. We have a few of them listed here. There's the AMD secure execution environment, ARM trust zone, Apple secure enclave, Intel SGX and others. Just to give you an example of the Apple secure enclave, usually nobody knows what's going on so there has been a lot of reverse engineering going on until people know what's happening, what's actually existing. You cannot really access it without being Apple without signing a ton of NDAs. So all of them are sometimes not documented. You don't know what's going on. They're not really verifiable for you so you trust the third part in the whole security concept. And some of them, if not all, will be hacked in the future. I mean, most of them are already. We saw Spectrum, Megaton, we saw a lot of existing exploits out there. We saw a lot of attempts to break all these devices and they will be hacked. So I want to show one example where this could be actually in the future changing. And while we're not still there, I still want to make the point that open silicon can in this context solve this security nightmare that we're facing with all these hardware pieces and it could also make our hardware verifiable. So here is a very interesting project I wanted to point at. It's the RISC-5. It's an open source hardware instruction set architecture. And on the left, on the right-hand side, you see the Freedom E310 SoC, which is the first RISC-5 chip was produced by C5. And there are more of them out now. So basically what's interesting about these things is there are already existing replacements in the development that would replace HSMs, TEs, and so on. So I wanted to, in this context, point to two interesting products which are heavily worked upon. So one is the Sanctum, the minimal hardware extensions for strong software isolation. There's a very nice paper from Kostan et al from 2016 in case you're interested. And it offers simpler security analysis than SGX, which means also from an auditing perspective, it gets easier because there's lower complexity. And this approach of lower complexity in hardware is a very interesting approach, in my opinion. I think we'll be getting that in a few years. And this specific solution targets the Rocket RISC-5 core, and you can already test this online. But maybe a more easy starting point to get working with RISC-5 is the Keystone project, the open framework for architecting trusted execution environments, which is very interesting because, in my opinion, this is already very far. There's a lot of documentation out there, and you can get this going in your workflow very, very fast. So in my opinion, RISC-5 is a very interesting movement or a really interesting step in the future where we will see that open silicon can potentially solve our security nightmare as we are facing with current day hardware. But also, there's other approaches. So there's, for example, the vintage approach. This is maybe not so common approach, but there's already community out there which is looking at vintage hardware and completely controllable or verifiable hardware because it is old and you cannot so easy temper with it. There's also a very interesting context and project I have been referring to in my talk at HCPP, so I would strongly recommend you also listen to this talk where potentially vintage hardware can also help this arm nuclear warhead in the long run because there you have a really, really complicated trust setup. But in conclusion, and this is actually already the end of my talk, current hardware is hard or almost impossible to verify. This is a problem. We trust third parties on the example of the HSMs on the TEs and modern day CPUs, so they are not zero trust. So we need, in my opinion, more open hardware to verify and to be able to verify and for education. So in order, if there's digital winter coming, we need to be able to know how to repurpose devices. We need to understand and to educate other people. We need to know how these functions. In my opinion, on the example of the verifiable delay functions, the VDF Alliance project, this is a very good example because this is a project where you need open hardware, in my opinion, because it's, in my opinion, the best practice example. If you realize the verifiable delay functions with open hardware, it ensures fair access to the fastest implementation. So you can also look at open hardware as a kind of approach to create equilibria. So in my opinion, RISC-V can change the game, but only also if we make sure that there are enough cores with open licenses available. So there's a lot of existing implementations of the RISC-V cores which are with closed software, with closed licenses. So I'm strongly suggesting we look at, and we make sure that there are enough really open licenses available for these cores such as the GNU license. So you can follow further on all the other open hardware talks at the open hardware month site at OHM Oshawa org. And you can also get in contact with this guy further at the right at his site. Or you can visit us today at 4. We have a small get together together with train security at the elsewhere exhibition in the third floor. Thank you very much. Thank you.