Tillitis TKey

$ 70.00

The TKey is a new kind of USB security key inspired by measured boot and DICE.

Each TKey device contains a Unique Device Secret (UDS), which together with the application measurement, and an optional user-provided seed, is used to derive key material unique to each application. This guarantees that if the integrity of the application loaded onto the device has been tampered with, the correct keys needed for an authentication will not be generated. This allows for open-ended, flexible usage. Given the right application, the TKey can support use cases such as SSH login, Ed25519 signing, Root of Trust, FIDO2, TOTP, Passkey, and more.

TKey is and always will be open source hardware and software. Schematics, PCB design and FPGA design source as well as all software source code can be found on GitHub.

Please note: This is the end user version of the TKey.

The end user version of the TKey has the FPGA bitstream locked down in memory, meaning that the FPGA bitstream can't be changed by the user.

A user can verify that the unique identity and firmware in the TKey has not been changed from time of production to the moment of reception by running TKey verification. Read more about TKey verification here.

To run TKey user needs to download apps. New protocols are added continuously and apps can be download here. Read all details at tillitis.se.



  • Case: 3D printed
  • PCB material: FR4
  • CPU: RISC-V PicoRV32 core in a Lattice iCE40 UP5K FPGA
  • Connector: USB-C
  • Input voltage: 5V
  • Max current consumption: 100mA
  • Operating temperature: 0C-40C
  • Compliance: CE, FCC, WEEE