USB armory Mk II w/ Enclosure by F-Secure

F-Secure USB Armory USB Armory Mk II is a full-featured, security-minded computer, based on an NXP Semiconductors i.MX6ULZ Microcontroller, in a tiny USB form-factor. Designed with information security applications in mind, the USB Armory Mk II incorporates features such as High Assurance Boot (HABv4), Arm® TrustZone®, and external cryptographic co-processors. Security Features: High Assurance Boot (HABv4) The HAB feature enables on-chip internal Boot ROM authentication of the initial bootloader (i.e., Secure Boot) with a digital signature, establishing the first trust anchor for code authentication. True Random Number Generator (TRNG) The RNGB driver is included and operational in modern Linux kernels. Once loaded, it enables the component within the Linux hwrandom framework. Data Co-Processor (DCP) From the i.MX6ULZ datasheet:

This module provides support for general encryption and hashing functions typically used for security functions.

The DCP module driver is included and operational in modern Linux kernels. Once loaded, it exposes its algorithms through the Crypto API interface. Secure Non-Volatile Storage (SNVS) From the i.MX6ULZ datasheet:

Secure Non-Volatile Storage, including Secure Real Time Clock, Security State Machine, Master Key Control, and Violation/Tamper Detection and reporting.

A device-specific random 256-bit OTPMK key is fused in each SoC at manufacturing time. This key is unreadable and can only be used by the DCP for AES encryption/decryption of user data, through the Secure Non-Volatile Storage (SNVS) companion block. ARM® TrustZone® The i.MX6 SoC family features an ARM® TrustZone® implementation in its CPU core and internal peripherals. From the ARM® website:

At the heart of the TrustZone® approach is the concept of secure and non-secure worlds that are hardware separated, with non-secure software blocked from accessing secure resources directly. Within the processor, software either resides in the secure world or the non-secure world; a switch between these two worlds is accomplished via software referred to as the secure monitor.

This concept of secure (trusted) and non-secure (non-trusted) worlds extends beyond the processor to encompass memory, software, bus transactions, interrupts, and peripherals within an SoC. External cryptographic co-processors (ATECC & A71CH) The Microchip ATECC608A and NXP AT71CH feature hardware acceleration for elliptic-curve cryptography, as well as hardware-based key storage. The ATECC608A also features symmetric AES-128-GCM encryption. Both components provide high-endurance monotonic counters, useful for external verification of firmware downgrade/rollback attacks. Both components communicate on the I²C bus and feature authenticated and encrypted sessions for host communication. eMMC Replay Protected Memory Blocks (RPMB) The eMMC RPMB features replay-protected authenticated access to flash memory partition areas, using a shared secret between the host and the eMMC.