<div dir="ltr">Why not just use a piece of paper? Except if you'd like it to do calculations for you. In which case you should keep to "something that stores data and does certain calculations".<div><br>Definitely NOT get *nix! That's asking for trouble.</div>
<div><br></div><div>If you take anything morepowerfull than an Arduino there'll likely be exploits.</div><div><br></div><div>I strongly recommand rolling your own.</div><div><br>Battery + PIC + display (<a href="https://www.sparkfun.com/products/9363">example</a>) + keyboard (<a href="http://www.ebay.com/itm/OEM-Blackberry-Bold-Q10-Qwerty-Keypad-Keyboard-Membrane-Flex-Cable-Replacement-/221329592432?pt=US_Cell_Phone_Replacement_Parts_Tools&hash=item3388459070">example</a>) = 30-40 USD</div>
<div><br></div><div>Only the PIC needs to be disposed of. I'd mount it in a socket, and then replacing it costs <2USD (depends on the PIC ofc). You could use the PIC's volatile memory to store data, that way you can destroy your keys easily in a pickle (just yank the PIC out of it's socket). It'd be insanely hard to retrieve the data after that indeed.</div>
<div><br></div><div>The display and keyboard I picked are both cellphone components. The display mounted to a PCB for easy reuse. The keyboard has a flex cable, which might be a bother. I'm sure you have an old cellphone around, else you can check any thrift store and reuse a phone they didn't think they'd ever get rid off anymore. (those I did visit usually have a bunch in the back. I even found one that trashed them as "electronics waste", and I could take a bundle for free!)</div>
<div><br></div><div><br></div><div>If you want to buy a kindle that's fine too. Ebay has a ton of "kindle keyboard" kindles for about 45 USD. But remember you are not getting nearly the security you could have gotten. And it's only a tease easier, and a lot less fun. Maybe the most important thing is that it's totally uncool compared to a hacked together little device.</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">2013/12/5 Bill Stewart <span dir="ltr"><<a href="mailto:bill.stewart@pobox.com" target="_blank">bill.stewart@pobox.com</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
At 08:19 AM 12/4/2013, you wrote:<div class="im"><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
On Wed, Dec 4, 2013 at 11:02 AM, Theodore Ts'o <<mailto:<a href="mailto:tytso@mit.edu" target="_blank">tytso@mit.edu</a>><a href="mailto:tytso@mit.edu" target="_blank">tytso@<u></u>mit.edu</a>> wrote:<br>
On Wed, Dec 04, 2013 at 10:40:25AM -0500, Phillip Hallam-Baker wrote:<br>
(BTW, my quick pricing of a Rasberry Pi with a display is not cheaper<br>
than an Arduino, but your milage may vary.)<br>
The Pi has HDMI out so it can hook into an existing display so depending on the application it is a wash. It also has the random number generator and the operating system boots from SD card which I find more comforting than loading up a black box via USB.<br>
</blockquote>
<br></div>
HDMI means you can plug the Pi into a newer television or monitor, if you're not paranoid about those, and you can plug in a vanilla USB keyboard.<br>
There isn't persistent memory on the board; the OS is installed on a removable SD flash card, so if you need to shred anything it's the $5 flash.<br>
<br>
As much as I like the Arduino for controlling blinky-lights and thermostats, it's not the platform you want to use for number-crunching.<br>
It's an 8-bit CPU running at 20 MHz, so generating ECC keys will take unacceptably long. Spend the extra $10 for the Pi, which is at least a 700 MHz 32-bit chip. And don't go buying that NSArrduino clone board, which has a chip marked "ATmega328" that's actually an ARM emulation with a radio transmitter.<br>
<br>
Both CPUs are under $5, and if you're willing to use a serial display, you could get one of the few PDIP ARM chips so you can plug the chip into a socket and have nothing with memory in it remaining on the board.<br>
<br>
But it's probably safe enough and a lot less labor to just get a cheap phone or Kindle that already has all the parts.<div class="HOEnZb"><div class="h5"><br>
<br>
______________________________<u></u>_________________<br>
The cryptography mailing list<br>
<a href="mailto:cryptography@metzdowd.com" target="_blank">cryptography@metzdowd.com</a><br>
<a href="http://www.metzdowd.com/mailman/listinfo/cryptography" target="_blank">http://www.metzdowd.com/<u></u>mailman/listinfo/cryptography</a><br>
</div></div></blockquote></div><br></div>