OK, shall we savage another security solution?
Leichter, Jerry
leichter_jerrold at emc.com
Wed Sep 19 16:02:06 EDT 2007
| >Anyone know anything about the Yoggie Pico (www.yoggie.com)? It
| >claims to do much more than the Ironkey, though the language is a bit
| >less "marketing-speak". On the other hand, once I got through the
| >marketing stuff to the technical discussions at Ironkey, I ended up
| >with much more in the way of warm fuzzies than I do with Yoggie.
|
| Here's another secure USB flash drive:
| <http://www.kingston.com/flash/DTSPdemo/eval.asp> with minimal
| marketing-speak.
This is a representative of yet another class of "secure" USB devices:
- The Kingston encrypts data stored on it. (Note that you
have to enter the decryption key from the system
keyboard when you plug the thing in. If your threat
scenarios include usage in a compromised system, this
is not the device for you.
- The Ironkey does the same thing - though they don't emphasize
that aspect of things; such devices are pretty common.
(There are a bunch of companies that have USB memory
sticks with fingerprint sensors. Who knows how easy
they are to spoof - likely not very). Ironkey's claim
to fame is that it also acts as a key store that can be
used with on-device programs like a browser and to
connect to a Tor network. In this configuration -
assuming it's implemented correctly - you can have a
secure connection to a remote site even if you plug the
USB into a compromised machine. (Of course, this
doesn't solve the whole problem: You have to use the
machine for I/O. The network traffic is secured between
the remote endpoint and the program in the key, but the
path from the key to the keyboard and screen is
unsecured. A sophisticated attack could sniff or modify
the keyboard stream and replace the on-screen data.
We're probably talking about a highly targetted attack
here to get any useful information that way. Certainly
possible, but a lot harder than simply sniffing the
password used to unlock the on-device memory and/or
copying all the contents once they've been unlocked.)
- The Yoggie is kind of a fancy firewall in a USB stick. I
don't think there's any user-writable memory in it -
certainly not for files, probably not even for
secure storage of passwords.
Historically, NSA has apparently never liked software implementations of
cryptography - they wanted protected hardware. Such hardware has been
prohibitively expensive until quite recently. These devices show that
the price of such hardware is no longer a problem: We can build very
secure, very small pieces of hardware for not a lot of money. What to
*do* with those hardware capabilities is another question. It's not
easy to fit them safely into systems - and what problems can they solve
in those systems. Kingston and many other similar devices are a great
solution to a problem very real problem: When my 2GB memory stick falls
out of my pocket, have I just given away 2GB of highly sensitive data
to anyone who finds the thing? They are *not* any kind of solution to
the "how can I access my data safely on a possibly-compromised system"?
The Ironkey guys have attacked a broader problem, and while they haven't
completely solved it - it's not clear any solution exists! - they've
provided a capability that is potentially useful. (They aren't unique -
people have built a bunch of devices that are basically outboard
Linux boxes that rely on a guest box to provide network connectivity,
a keyboard, and a screen. But they have a commercially available low-
cost product.)
If you think about this in general terms, we're at the point where we
can avoid having to trust the CPU, memory, disks, programs, OS, etc.,
in the borrowed box, except to the degree that they give us access to
the screen and keyboard. (The problem of securing connections that
go through a hostile intermediary we know how to solve.) The keyboard
problem is intractable, though it would certainly be a step forward
if at least security information didn't go through there. This could
be done either by having a small data entry mechanism on the secure
device itself, or by using some kind of challenge/response (an LCD
on the device supplies a random value - not readable in any way by
the connected machine - that you combine with your password before
typing it in.) Maybe HDMI will actually have some use in providing
a secure path to the screen? (Unlikely, unfortunately.)
-- Jerry
|
| Regards,
| Aram
|
| ---------------------------------------------------------------------
| The Cryptography Mailing List
| Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
|
|
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list