[Cryptography] On the deployment of client-side certs
Ron Garret
ron at flownet.com
Tue Nov 15 21:34:19 EST 2016
On Nov 15, 2016, at 2:18 PM, Ray Dillinger <bear at sonic.net> wrote:
>
>
> On 11/15/2016 01:13 AM, Natanael wrote:
>> I keep seeing hardware tokens being NOT mentioned.
>>
>> Is it really that hard to convince people to carry a U2F / OpenPGP token
>> with USB/NFC/BLE capabilities in their keychain? It shouldn't be.
>
> This is actually a quite good idea. The mental model of a keyed
> lock, with a physical key, works reasonably well for at least some
> plausible implementations of client-side authentication.
>
> If you want your device to do secure transactions with the bank, you
> have to 'unlock' the bank secure channel by sticking the bank key into
> it. If you want your device to do secure transactions with Amazon, you
> have to 'unlock' the Amazon secure channel by sticking the Amazon key
> into it. And so on. The USB port is also the keyhole.
>
> I think most people could compass the idea that you have a single device
> (your e-keychain) which is all of these keys but only one of them at a
> time, and that you have to turn a knob on it (or whatever) to make it
> produce the "right" key. I think they could also handle 2FA that way;
> the key opens the secure channel, then the bank, or amazon,
> or whatever, asks for your password to make sure it's you using the key.
>
> I think that amount of key management, with a physical device, is within
> reach of most people. Under the hood, the device contains a
> set of certificates and can do cryptographic operations to prove
> possession of each of them, negotiate session keys, etc. But we want to
> make sure it's "each" rather than "any." When Alice has her 'bank key'
> in the keyhole, we don't want Bob to be able to spoof a form and get her
> to unlock a secure channel between Bob-impersonating-Alice and Amazon.
I would like to take this opportunity to draw you attention to this, which is almost exactly what you just described (modulo some software):
https://sc4.us/hsm/index.html
It’s a user-flashable STM32F4 with a display and user inputs, which are crucial for preventing phishing attacks. It currently functions as a FIDO-U2F token, but since it’s user programmable you can make it do pretty much whatever you want.
Unfortunately, I am currently out of stock but will be shipping again in January. If you want one you can go ahead and place and order and your card will not be charged until your order ships.
rg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161115/f13a784e/attachment.sig>
More information about the cryptography
mailing list