[Cryptography] How can you enter a 256-bit key in 12 decimal digits?
Tony Arcieri
bascule at gmail.com
Tue Jan 5 12:48:55 EST 2016
On Mon, Jan 4, 2016 at 5:57 PM, Ray Dillinger <bear at sonic.net> wrote:
>
>
> On 01/03/2016 04:33 PM, Tony Arcieri wrote:
> > It's possible there's some sort of high-entropy on-device secret. There
> are
> > also ways of generating these secrets in such a way that attempts to
> > physically tamper with the device will destroy the secret generator, e.g.
> > https://en.wikipedia.org/wiki/Physical_unclonable_function
> >
>
> the point is though that if they steal the device, then they
> steal the high-entropy on-device secret along with it. They
> only have to hook up their serial port to the wires that
> the buttons connect to, and try the 10^12 combinations. They
> never have to try to work out the high-entropy secret.
You left off the rest of my message:
> A high-entropy secret generated in this matter can be mixed with the PIN
to derive an encryption key. **This allows you to implement hardware
lockouts on PIN entry** at a very low level in hardware.
Attempting a brute force attack on the PIN can trigger exponential backoff
on how frequently PIN entry attempts can be made and/or brick the device.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160105/6c3ab7cd/attachment.html>
More information about the cryptography
mailing list