SpaceComputer

Most of the security the tech you use every day relies on one thing remaining a secret: a signing key. Often referred to as a private key, secret key, or signing key, they are what a computer system uses verify it is who it says it is. A few examples you might be familiar with: 🔑 Browser security (TLS/HTTPS) 🔑 Signed software updates 🔑 Digital signatures These work because one key stayed secret and only the real system or system's owner could use it. So here is a fair question to ask about any platform you're working with: where was that signing key created, and who had access to it before it reached you? We wrote up what a signing key is, and why generating them in space changes trust systems. https://t.co/dt8uJZOeGR

By end of the decade everyone will need to be prepared for migration to post quantum cryptography standards The economy is ever more dependent on secure digital systems and more parts of the stack are migrating to space The elegance encapsulated in Space Fabric’s hardware design choices is truly a work of art. If you want to absorb in 5 min a year worth of r&d work by the epic SpaceComputer | Orbital Root of Trust team take a read!

If locksmith copies your house key. And they promise they destroyed the duplicate. And you have no way to verify. Do you trust them? That's a vulnerability so many secure compute modules like TEEs face. Now imagine that level of trust in a satellite you can never double check after launch...especially if you don't have verification set up. If satellite signing keys are generated on Earth by the manufacturer, sometimes years before launch, there's a gap in time for a pre-launch attack. So when designing our security mechanisms, we engineered around this vulnerability. Every SpaceComputer signing key will be generated after launch, on the satellite's first boot in orbit. No human or manufacturer on Earth ever holds the keys. For customers evaluating orbital compute platforms, which is preferred: trusting a vendor's claim and contract, or verification from the hardware itself?

There is a lot of hype around data centers in space, but that may be putting the cart before the horse. Before we start talking about orbital mega-structures, we need the foundations: satellite-to-satellite networking, reliable routing, low-latency communication, and the infrastructure layer that lets space-based systems actually coordinate. The exciting part might not just be “data centers in space.” It might be the new internet that makes them possible.

By 2027, several orbital compute platforms will be in production. Most will depend on a single compute chip vendor never being compromised. Once a satellite is in orbit, there isn't an easy fix to swap out a compromised chip. The four hardware components that show up in our conversations around orbital security are: → Secure Elements (SEs) → Trusted Execution Environments (TEEs) → Trusted Platform Modules (TPMs) → Hardware Security Modules (HSMs) Each hardware component has a different purpose. Whether a system can be independently verified depends on its hardware architecture and the manufacturing supply chain (aka who builds these pieces). SpaceComputer's satellites will use: → Two secure elements from different vendors → All signing keys generated after orbital deployment → TPM is on the on-board relay, and provides security and a future PQC integration point. The term "hardware root of trust" means exactly what it says. The trust is in the hardware. If the hardware is compromised, the rest of the stack has nothing to fall back on. That is why every architectural choice is considered for if the system can be trusted or not. Our paper, Space Fabric has the details: https://t.co/GAEyPnYDDc