

Ask HN: any SDKs for embedded secure processors? - costan

I'm currently using JavaCard smart-card chips to prototype my research project (MIT PhD). My performance isn't that good because I can't access the processor directly.<p>Does anyone here know of a SDK that I can get my hands on (I'm an MIT PhD) that would allow me to run code directly on the hardware? (I'm hoping to use a mixture of C and direct assembly.) Due to the nature of my research, I need a secure platform, like the smart-card chips.<p>I'm asking this on HN because I've ran out of places to try. Big companies like Atmel don't want to work with me because I do research, or maybe I wasn't very good at pitching my project.<p>If you want more information about my project -- I'm researching the design of a secure chip resembling the TPM in that it works in conjunction with an untrusted computer. My design is better than the TPM in that it supports arbitrary computation on the chip, and doesn't require a secure binding to the computer. My design is better than existing smart-cards (e.g. JavaCard, MultOS) because it can run untrusted code, and the code doesn't have to be embedded in the chip when it's issued.<p>My first paper on the topic: http://people.csail.mit.edu/devadas/pubs/cardis08tem.pdf<p>OSS code (MIT license): http://rubyforge.org/projects/tem<p>Thank you so much for reading!
======
wmf
Have you looked at these? I warn you, they are expensive.

[http://www-03.ibm.com/security/cryptocards/pcicc/overview.sh...](http://www-03.ibm.com/security/cryptocards/pcicc/overview.shtml)
[http://iss.thalesgroup.com/en/Products/Hardware%20Security%2...](http://iss.thalesgroup.com/en/Products/Hardware%20Security%20Modules/nShield.aspx)
<http://www.cputech.com/acalis/>

~~~
costan
Thank you for the recommendations! I didn't know about the Cputech product.

Your intuition was right, they are too expensive for me. So, I should clarify:
I am happy with using current-generation smart-card chips, but I would like to
use them directly. The folks who wrote the JavaCard VM must have used some
SDK... I want that SDK, so I can write my own OS.

Thanks!

------
cperciva
I assume you've already talked to the faculty at MIT and they haven't been
able to provide any useful contacts for you; have you also tried talking to
the security group at the University of Cambridge? They've done a lot of work
on breaking smart cards, so they're likely to know some of the right people.

