Project Vault

Project Vault, designed by Google’s ATAP (Advanced Technology and Projects) group, is a secure computer entirely packed onto a microSD card that can be plugged into any system whether it’s a desktop or a mobile phone.
The vault is technically a computer though it is not for regular computing. Rather it is a new and secure way to communicate and authenticate without entering passwords.
Today we often choose passwords that we find clever or easy to remember, but Google wants to make the password more personal than we think.
The tiny little chip can authenticate you even before an app or a website asks for your password. In short, Vault will make your primary authentication (which we currently do use passwords) a secondary one, without you having to do anything.
With Project Vault, Google will turn your devices into your passwords. It is capable to encrypt, or scramble, your app is chat messages and provide extra levels of authentication, so your device makes very sure that you are you.
While giving a demo, ATAP team showed how two users can securely chat with each other using Vault-equipped smartphones. Once the chip is installed, the chat application just opens the virtualized two-file system with the read/write I/O.
Vault encrypts the chat messages and then sends it as ciphertext through its encrypted channel, and never sends through the phone so that no one can snoop on you. The phone automatically decrypts the messages, but will never actually be able to see any keys or algorithms on either end.
The company says you will also be able to encrypt video with Vault.

Project Vault has:

  • An ARM-based processor
  • An antenna
  • A near-field communication (NFC) for communicating with nearby devices
  • 4 gigabytes of “isolated, sealed” internal storage
  • Its ultra-secure operating system focused on privacy and data security
  • A suite of cryptographic services
Vault runs a custom-built Real-Time Operating System (RTOS) with a suite of cryptographic services, including hashing, batch encryption, signing and a hardware random number generator, in order to keep your data and messages with friends secure.
Vault works with any operating system — including Google’s Android, Windows, Linux and Apple’s OS X — since essentially it is just a generic storage device to the host computer or phone.
I called the move smarter because here all the work is done by the host without the users having to deal with the configuration of the device, making it as user-friendly as possible.
Project Vault is still “very much in the experimental stage” and in process of being ready for users, but the source code for the system is available on GitHub under an open-source license so that developers can start delving into it.
      Cristian Iosub