[Cryptography] A review per day of TRNGs: OneRNG
Jerry Leichter
leichter at lrw.com
Wed Oct 22 12:46:17 EDT 2014
On Oct 22, 2014, at 10:01 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> As for downsides.... Also, the possibility of having it reprogrammed by an attacker who intercepts it in the mail remains an issue, since most users will not likely re-flash their device. I am not sure if the flash can be dumped securely over USB, or if an attacker can mod the program to deliver the original firmware, hiding the malware.
Sounds like a great application for "sparkly nail polish" security. Paint over the access points - the outside screws, the chips and on to the board, over a piece of tap sealing the USB - with one of those nail polishes with sparkly bits in it. Take photos of each spot and deliver separately from the device itself, preferably through multiple channels (e.g., send in a separate envelope, and put signed copies on line). The exact speckle pattern is random and as far as I know impossible to duplicate. It's also easy to check "by eye".
-- Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141022/e351a512/attachment.bin>
More information about the cryptography
mailing list