Richard Schaeffer, CEO, Tocreo Labs. Achieving a cost efficient secure DoD mobility architecture using commercial smart phone devices has been a daunting task.  The Tocreo Cryptographic Module directly addresses this challenge by coupling a secure yet fully isolated secure environment outside the smartphone via the NFC interface.  This novel secure architecture is the first of its kind and significantly more capable than a simple memory card. The crypto module can now cryptographically unlock / lock applications on a mobile device or can be used to insure the commercial mobile device boots up in the security state that matches the users access levels.  The final form factor fits inside an ID card (i.e. CAC or PIV), powered parasitically via a commercial smartphone NFC interface, and directly communicates to most smartphones and tablets when brought within 1 inch to the mobile device. A more capable token with display, processing, trusted memory allows for layered and “light weight” hardware trust anchors in mobile devices and network. The Crypto Module is being applied to several critical DoD missions executing a suite of security functions like;
a. Cryptographically authenticating the user and mobile devices
b. Generates ephoral derived keys and credentials
c. Cryptographically unlocks key for mobile applications, trusted workspaces on smartphones, and to trusted web portals
d. Acts as a secure bootloader for a commercial smartphone to configure a smartphone into a trusted state.
e. Continously monitor and verify a commercial mobile device’s memory, applications, & peripherals to thwart compromising data by malware.
f. Acts as a TYPE 1 key loading device for tactical and enterprise devices.
g. Dynamic Physical Access Control displaying current date or access attributes on CM display after authenticating into facility
h. Emerge as the single SPRnet and NPRnet ID credential for physical, network, and mobile access.
i. Provide physical access to facilities by on card display which verifies date of access, user privelges, role based access, an other user attributes.

Indudstry Vertical/Embedded Crypto Track