[Cryptography] USB hardware token for $2??

Carl Wallace carl at redhoundsoftware.com
Thu Dec 22 19:41:41 EST 2016 


On 12/22/16, 6:38 PM, "cryptography on behalf of Kent Borg"
<cryptography-bounces+carl=redhoundsoftware.com at metzdowd.com on behalf of
kentborg at borg.org> wrote:

>On 12/22/2016 03:58 PM, Ron Garret wrote:
>> https://sc4.us/hsm/
>
>That device is still gnawing at me! It seems so useful, or at least like
>it should be so useful. But it has me suffering over endpoint security.
>It could secure sensitive information for me. The display looks so
>valuable to get information out, but what about getting information in?
>How does it know I am me?
>
>A perennial question resurfaces: what is the smallest little computer
>device with a slightly, kinda reasonably usable keyboard?
>
>For a password safe, for portable purposes, I have an Android phone that
>I have never allowed to see a SIM and be a phone, nor even be on the
>internet. But oh, horrors, it is terrible for entering encryption keys!
>Not too bad for a password (the two are different: passwords can be
>short, encryption keys/passphrases need to be crazy long! They are very
>different...)
>
>I can type a practiced, pretty-mostly nasty-long passphrase on a real
>keyboard, repeatedly during the course of the day, with little effort.
>But how secure is that? I use decent hygiene on that device, but it is
>not sterile. I would like something I *can* keep sterile, small enough
>to have on me, but with far more usable passphrase entry than a cheap
>Android phone I keep incommunicado.
>
>Suggestions?

Generate a key pair on your device,
display public key as a QR code,
take a picture of that with another device to share the key elsewhere,
encrypt data for the device using the key and encode as QR or series of
QRs to transfer data to the device,
enter data via camera on your non-phone android,
keep QR with your encrypted passphrase on you for convenient entry,
if you want it to know who you are, sign or MAC you QRs and verify with a
key you loaded similarly.


>
>-kb
>_______________________________________________
>The cryptography mailing list
>cryptography at metzdowd.com
>http://www.metzdowd.com/mailman/listinfo/cryptography

More information about the cryptography mailing list