[Cryptography] Kindle as crypto hardware
Kent Borg
kentborg at borg.org
Thu Dec 5 08:57:32 EST 2013
On 12/04/2013 07:05 PM, Devin Reade wrote:
> I was researching various hardware for a similar purpose recently and
> came across the Pandora:
> <http://en.wikipedia.org/wiki/Pandora_%28console%29>
> <http://www.open-pandora.org/>
>
> One thing that I like about it is the lack of a cell connection.
> It still has wifi, which may be good or bad, depending on your
> perspective.
I was thinking the question was about a personal gizmo for keeping keys
and passwords. But Pandora looks pretty nice as a way to do larger key
management ceremonies. In addition to 512MG internal flash (enough for a
trim OS and programs) there are dual SD slots, so you could even do
secret splitting fun stuff.
> A quick perusal doesn't show a hardware RNG,
There is touch screen, and also a real USB port, you could keep a wired
mouse in your evidence bag and you get at least that level of entropy.
Or plug some other entropy generating device into the USB port. It has
an internal mic and a mic/headphone jack...put a vintage transistor
radio between stations and cat the mic to /dev/random...
> At over 400 euros, though, it may not satisfy your "cheap enough"
> criteria, though, depending on where your pain point is.
If one is getting so elaborate as using evidence bags and locking in
safes, the price of this hardware doesn't look so high.
A note on evidence bags: make sure your device can't be operated through
the bag! Put a Kindle in a plastic bag with big clear panels? Bad idea.
Use an opaque paper bag that you wrap tight before sealing (if there is
a product that works that way). Be extra paranoid and put that in a
plastic evidence bag, they can be vacuum packed. Make your foe defeat
two different technologies in close proximity, just in case their
techniques for one will be evident on the other?
The clamshell design of the Pandora, if held tight in a small bag, would
be extra security. The Pandora battery is removable, taking it out
before sealing it up tight would further disable it while sealed up.
Depending on what you are up to, worry about EMI and cameras and
acoustics and slight-of-hand and other attacks in your ceremony room.
-kb
P.S. Is putting electronics in an evidence bag in your Chinese hotel
room a good way to get it stolen? (And to plant a "barium enema", and
maybe even get arrested for good measure?)
More information about the cryptography
mailing list