[Cryptography] USB hardware token for $2??

[Ron Garret]

On Dec 22, 2016, at 7:02 AM, Phillip Hallam-Baker <phill at hallambaker.com> wrote:

> I saw this:
> 
> http://www.ebay.com/itm/1PC-Digispark-Kickstarter-Attiny85-Mini-USB-Micro-Development-Board-for-Arduino-/282162475109?hash=item41b231b065:g:RIQAAOSw0HVWBMbq
> 
> It has an 8 bit CPU with 512bytes of RAM and 2K of ROM. There is a fuseable link for fixing the firmware.
> 
> So... 
> 
> Any chance one of these could be used as a low cost HSM? Specifically, the use I would have for it would be to provide a second factor for sensitive key management operations. I would not store the whole key on the device, just a share of the key. 

What would make it “secure” then?  If all you want is a place for storing shares of secrets, why not just use a thumb drive?

To my mind, the defining feature of an HSM is that the keys are generated by an on-board HWRNG and never leave the device (except perhaps in passphrase-encrypted form).  All the crypto operations performed using the keys are also performed on-board.  You also need some on-board I/O.  If you don’t have that, then you need to secure whatever is on the other end of the communications channel that you use to communicate with the HSM, and if you can do that then you don’t need an HSM.

You can do crypto on a Teensy3 ($20 retail) or a Raspberry Pi Zero ($5 retail).  You can even turn them into an HSM by adding some on-board I/O.  But once you do that what you end up with will look an awful lot like this:

https://sc4.us/hsm/

rg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161222/ec7d2cec/attachment.html>