[Cryptography] The Crypto Pi

John Ioannidis ji at tla.org
Mon Jan 12 18:28:31 EST 2015

On Thu, Jan 1, 2015 at 2:09 AM, Ralf Senderek <crypto at senderek.ie> wrote:

> The Crypto Pi
There does not appear to be anything Pi-specific about this. Am I missing


This year has had some devastating news about the state of the internet
> infrastructure in store and came with some
> disillusion about the vulnerability of tools we use day by day. And BTW it
> had turned out, that Johnny still can't encrypt.
> To change that, I've put some effort into developing the crypto pi.
> While running on a minimalist Linux OS with only the necessary
> tools installed, the crypto pi is different both from internet servers and
> insecure endpoints, and helps Johnny to establish secure
> communication that is always encrypted, without burdening him with
> complex tasks that would only make him avoid using secure communication.
> The crypto pi is in its early stages of its infant life and although
> it's working and looking great, it has not got the most important
> ingredient for a happy life (yet), peer-review.
> So I'd like to ask all of you, who think a well-designed, isolated
> crypto box under the sole control of its user, capable of doing message
> encryption reliably, may improve the situation we're facing today,
> to give a hand and scrutinize the design and implementation of the
> crypto pi. Let's make the crypto pi a success in 2015, together.
> The concept of secure communication using the crypto pi relies on
> several assumptions, not everyone will agree to:
>   1) Johnny will be able to communicate securely with people he knows,
>      if he had been able to exchange an initial secret information
>      (on a piece of paper, via telephone, or some other way)
>   2) Johnny's endpoint device is not trustworthy, as it runs all kinds
>      of complex programs that are prone to attack the secrets on
>      his device without notice in unforeseeable ways.
>   3) Apart from feeding the crypto pi with the initial secret and an email
>      address of the recipient (by filling out a form) Johnny has nothing
>      to do with key management, but will be able to verify that message
>      encryption has been performed.
>   4) All secrets are stored on the crypto pi and messages leave the
>      crypto pi AES-encrypted with a strong randomly generated key.
>      The crypto pi does not use public key cryptography, there is no PKI
>      nor CAs involved.
>   5) Johnny uses one single secret that he alone knows to establish an
>      encrypted tunnel to the crypto pi over which he interacts with the
>      web server on the crypto pi to read and write messages.
>   6) The local network in which the crypto pi works is not trustworthy,
>      so all information that originates from the crypto pi is encrypted
>      and only encrypted information that enters the crypto pi will be
>      processed inside.
>   7) Although desirable, ensuring anonymity is not a pre-requisite of
>      the crypto pi's design (at the moment).
>   8) All source code is licensed under GPL.
> Fortunately, the crypto pi has a home (crypto-pi.com) where you can get
> more detailed information about its fundamental concepts and
> implementation. Make sure, your criticism and constructive suggestions will
> be used to
> improve this project.
> Best wishes for 2015
>     Ralf Senderek
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150112/1acbcb53/attachment.html>

More information about the cryptography mailing list