[Cryptography] Show Crypto: prototype USB HSM
Ron Garret
ron at flownet.com
Tue Apr 12 22:26:54 EDT 2016
On Apr 12, 2016, at 5:39 PM, Tony Arcieri <bascule at gmail.com> wrote:
> On Tue, Apr 12, 2016 at 8:28 AM, Ron Garret <ron at flownet.com> wrote:
> Some hardware tokens have an input device built in (usually a push button, sometimes a fingerprint sensor) which needs to be activated before the token will operate, but these are still subject to phishing attacks
>
> Not to rain on your parade, but if you're talking about authentication contexts, U2F solves the phishability problem by deriving domain-separated keys per origin, so it's not possible for an attacker to leverage it for phishing purposes.
This HSM is much more general-purpose than a U2F token. It could be used as a standalone bitcoin wallet a la Trezor. It can be used to decrypt messages and display them on the built-in display so that even an adversary with root accesss to your laptop couldn’t read the cleartext. The firmware doesn’t support this yet, but it’s a mere matter of programming :-)
But even U2F tokens can be phished for some value of “phished”. It’s true that you can’t extract the keys, but if an attacker owns your machine and you have a U2F token installed, the attacker can log into any site you can log into. Even if the token has a button you need to push to activate it, it’s probably not hard to fool most users into pushing the button to authorize an authentication for an attacker.
With a display, the token can say, “You are about to authorize…” and describe exactly what it is that it is being asked to do so that you know what you’re authorizing in a way that an attacker cannot control even with a completely compromised client.
rg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160412/0bddc4fe/attachment.html>
More information about the cryptography
mailing list