Open Software Meets Open Hardware: Announcing the Integration of wolfBoot and the TROPIC01 Secure Element

We are excited to announce our new partnership with wolfSSL and the integration of our TROPIC01 secure element with wolfSSL’s wolfBoot Secure Bootloader. wolfSSL is a leader in open-source software security solutions for security critical applications including IoT, avionics, and automotive.

wolfBoot is a portable secure bootloader solution that provides firmware authentication and firmware update mechanisms. This solution complements Tropic Square’s open architecture hardware secure element. Together, these solutions provide a robust secure boot implementation with a hardware Root-of-Turst based on open-source solutions.

Unlike most hardware secure elements, the TROPIC01 solution is built on an open-architecture. The TROPIC01 implementation is auditable, allowing engineers to review the design to verify the security implementations and ensure there are no hidden features of backdoors.

The Tropic Square team has integrated wolfBoot with the TROPIC01 secure element, using the secure element as hardware Root-of-Trust for the secure boot process. The TROPIC01 chip provides:

• Storage of ECC public keys for verification operation
• Enabling secure provisioning of ECC (verification) keys
• Enabling secure provisioning of AES (decryption) keys
• Storing “associated” data (key values and other secrets)

What makes this integration particularly significant is that it extends the open nature of the wolfBoot solution down to the hardware level. This transparency allows users and security researchers to audit the security of the design and implementation of the solution. Security by Obscurity is not sustainable. TROPIC01 brings Kerchoff's principle to secure element chips. This approach follows Kerckhoff’s principle that a cryptosystem should be secure even if everything about it, except the secret key, is known to the attacker:  As a result, users no longer have to blindly trust that the secure element is free from vulnerabilities or back doors as they can verify the vendor’s claims.

The solution is available here

About wolfSSL:

wolfSSL delivers high-performance, lightweight security solutions focused on speed, size, portability, and standards compliance. Our SSL/TLS products and wolfCrypt cryptography library power secure designs across industries like government, automotive, and avionics. Our wolfBoot secure bootloader ensures the integrity of firmware updates, adding another layer of protection. For government clients, wolfSSL excels with FIPS140-3 certification, making us the trusted choice for securing sensitive systems and winning contracts. In avionics, we support RTCA DO-178C Level A certification, and in automotive, our solutions comply with MISRA-C standards. We fully support the latest TLS 1.3 and DTLS 1.3 protocols. Our simplified API and OpenSSL compatibility layer are backed by the robust wolfCrypt library. Asan open-source company, we offer transparency, allowing customers to look under the hood. Additionally, our Post-Quantum Cryptography (PQC) solutions align with CNSA 2.0 standards to protect against quantum threats. With a response time under 36 hours for vulnerability fixes and 24/7 commercial support, wolfSSL provides the most rigorously tested cryptography on the market.

About Tropic Square:

Tropic Square, a SatoshiLabs company, develops open-architecture secure elements for applications ranging from IoT and crypto wallets to any modern application that prioritizes security.

By placing transparency at the core of our design philosophy, we invite industry experts and members of the open-source community to test, validate, and strengthen our security implementation.