[Cryptography] USB 3.0 authentication
Jerry Leichter
leichter at lrw.com
Fri Apr 15 22:31:23 EDT 2016
>> There have been recent press reports about a new spec release by the
>> USB 3.0 standards group for a mechanism to certify USB 3.0 devices
>> and cables have them cryptographically authenticate.
>
> ... The PD compliant cables include a chip in the
> connectors that can describe the cable's capabilities to the USB
> ports. Power sources send protocol messages that describe what
> voltages and currents they can offer; power sinks pick among them.
> The power sources are required to check the cable and not offer
> options that would overload the cable.
>
> I think that's the authentication that you're talking about. I am up
> to page 111 and haven't seen any crypto authentication yet; it looks
> like a pretty standard 1-wire protocol with 4b5b coding for framing,
> CRC for error checking, and such. It operates in the clear as far
> as I have seen -- but I encourage you to check the parts I haven't
> yet read...
All I've seen are press releases, which are of course lacking in any real detail. Here's one: http://www.businesswire.com/news/home/20160412005983/en/USB-3.0-Promoter-Group-Defines-Authentication-Protocol
In passing, it says:
• Products that use the authentication protocol retain control over the security policies to be implemented and enforced
• Relies on 128-bit security for all cryptographic methods
• Specification references existing internationally-accepted cryptographic methods for certificate format, digital signing, hash and random number generation
> PS: USB has gotten pretty flexible; their new small USB C-connector is
> usable at both ends of a cable, and allows the power source/sink and
> and the data master/slave relationships to be swapped, independently,
> by the devices at both ends. It does data at up to 10 Gbits/sec and
> power at up to 100w. The connector is also self-symmetric so you can
> plug it in upside down or rightside up. And there are ways to negotiate
> into other "modes" so you can run other protocols down the same cable,
> the first of which is DisplayPort. They're getting smarter...
Yes ... and no. One of the great things about USB was that "U" - Universal. To some degree, we're losing that. Yes, a USB 3.1 port might support DisplayPort - or it might not. In the future, there might be any number of such protocols that it might support - or might not. There are already proposals for a complex set of symbols near the port to tell you what protocols it supports. A far cry from the last couple of years when a USB connector pretty much universally supported USB 2.0 - no more and no less (except for the backwards compatible 1.1 and 1.0 modes, of course).
Having the flexibility is great; having the variation and confusion, not so much.
Note that the USB guys started the confusion right out of the gate, with USB 3.0 (good to 5Mb/sec) quickly followed by USB 3.1 (10Mb/sec) and a whole bunch of misunderstandings about what level of support the C connector implied.
-- Jerry
More information about the cryptography
mailing list