[Cryptography] Kindle as crypto hardware
Phillip Hallam-Baker
hallam at gmail.com
Wed Dec 4 11:19:26 EST 2013
On Wed, Dec 4, 2013 at 11:02 AM, Theodore Ts'o <tytso at mit.edu> wrote:
> On Wed, Dec 04, 2013 at 10:40:25AM -0500, Phillip Hallam-Baker wrote:
>
> (BTW, my quick pricing of a Rasberry Pi with a display is not cheaper
> than an Arduino, but your milage may vary.)
The Pi has HDMI out so it can hook into an existing display so depending on
the application it is a wash. It also has the random number generator and
the operating system boots from SD card which I find more comforting than
loading up a black box via USB.
> One other nice thing about using your own kit version is that it's
> simpler to do certified distruction of only the components that might
> contain keying information, and be able to reuse the rest. It's also
> probably easier to create a tamper-proof enclusure with an Arduino
> style device compared to using a Kindle.
>
Yes, there are some applications for which this is essential. Generating EC
curves for example.
But as I showed in a previous post, there are techniques that we can use
that allow us to audit the operation of a device without performing a full
code audit.
Basically we use that NSA DUAL_EC_DRNG with a backdoor for the purpose it
was probably originally designed which is to enable the devices to be
audited by making their behavior deterministic.
So I don't dispute that we will want to use Arduino or Pi class hardware
for some purposes. But there are other options available as well.
--
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131204/c57746d5/attachment.html>
More information about the cryptography
mailing list