[Cryptography] Dumb idea: open-source hardware USB key for crypto
ianG
iang at iang.org
Mon Jan 13 03:41:27 EST 2014
On 13/01/14 10:58 AM, Joshua Marpet wrote:
> Ok, I guess I'm being a bit paranoid. Sorry!!!
>
> I asked him that once. His answer was, "I attack, I don't defend." Argh.
That is what good defenders do, they think like attackers. And that is
what good attackers do, they think like defenders.
Just some words to challenge the idea forward ;-)
> I would guesstimate that a system that could be revoked instantly and
> widely, so any key could be instantly killed, would help. but that
> would involve a centralized keyserv, checked everytime used. Which
> would make offline use difficult at best.
Revocation was a terrible failure in PKI. As we saw, and predicted (and
yes, the critics predicted revocation would not work), the CAs and their
keys had to be revoked at the uber-CA level in software updates.
However, revocation can be done properly if done as part of holistic
system design. Payment systems are often designed like this. Without
specifying more of the details and requirements it is not easy to say
more, but typically, it plays its part.
> I really like the USB stick idea. I think to protect data, a
> microswitch is a legitimate thought, but I think Acid and plastique are
> probably going too far. (Although they'd be fun to play with) :)
if one is fabricating ones own chip, then one could probably achieve the
same effect by layering a heater circuit over the top of the key store.
And then having the microswitch dump the remaining battery life into it,
or using a capacitor or somesuch.
> There's some other problems as well. For example, Travis and Sergey
> Bratus, I believe, worked together to get Linux running on hard drives.
> Not the platters, the firmware and IC's of the drive itself. Active
> antiforensics, and potentially active key grabbing. MAybe the same
> could be done for the electronics of the stick. Would be unpleasant.
>
> To be honest, I'm stumped.
The thing is, these are exotic attacks. Remember, for most people, just
having the stick will defend against their weakest point, their desktop
or laptop or phone.
> Maybe decide the features and must have list first, then design system
> around that? My $.02 (while exhausted and recovering from illness,
> forgive me.)
If you like, for yourself. Avoid consensus on this, the list will drag
on for ages and nobody will agree. Any idle question will distract
everyone. "What about bluetooth?" "We can't use EC!"
Slap your own ideas down and build it. The builders will win this
battle, not the talkers, nor the committees.
iang
More information about the cryptography
mailing list