[148354] in cryptography@c2.net mail archive
Re: [Cryptography] Kindle as crypto hardware
daemon@ATHENA.MIT.EDU (Phillip Hallam-Baker)
Wed Dec 4 15:41:13 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <529F8709.4060802@stpeter.im>
Date: Wed, 4 Dec 2013 14:58:50 -0500
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Peter Saint-Andre <stpeter@stpeter.im>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============1362569512036554624==
Content-Type: multipart/alternative; boundary=047d7bb03c468d4d5704ecbad7cc
--047d7bb03c468d4d5704ecbad7cc
Content-Type: text/plain; charset=ISO-8859-1
On Wed, Dec 4, 2013 at 2:48 PM, Peter Saint-Andre <stpeter@stpeter.im>wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Phil, a few questions about your feature-set...
>
> On 12/3/13 9:39 PM, Phillip Hallam-Baker wrote:
> > What I really want from a crypto key management device is that it
> > be
> >
> > * Small and light
>
> This implies that you want it to be mobile. What problems does that
> solve for you?
Has to fit in a tamper-proof evidence bag, should be small enough to store
in a safe.
Light is really a proxy for 'easy to destroy verifiably and completely'. My
preferred method involves a transparent jig and a belt sander.
Anything with a hard drive is an utter pain.
> > * Have processor and display capabilities * Be possible to control
> > the operating system build completely * Be cheap enough to be a
> > burner machine
>
> I agree on the last two.
>
> I still think the ideal key management device is something like what
> Perry sketched out on this list several months ago: a cheap, small
> device (like a Raspberry Pi) that I can place in my house and interact
> with directly via wired or near-field communication (the display could
> be on any other device I own). I don't see the need to take it with
> me, and in fact I'd prefer that it be at home so that I know it's as
> physically secure as other things I own.
>
I think the Pi is good for some purposes. But it does not come with a
display or input device.
--
Website: http://hallambaker.com/
--047d7bb03c468d4d5704ecbad7cc
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Wed, Dec 4, 2013 at 2:48 PM, Peter Saint-Andre <span dir=3D"ltr"=
><<a href=3D"mailto:stpeter@stpeter.im" target=3D"_blank">stpeter@stpete=
r.im</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hi Phil, a few questions about your feature-set...<br>
<div class=3D"im"><br>
On 12/3/13 9:39 PM, Phillip Hallam-Baker wrote:<br>
> What I really want from a crypto key management device is that it<br>
> be<br>
><br>
> * Small and light<br>
<br>
</div>This implies that you want it to be mobile. What problems does that<b=
r>
solve for you?</blockquote><div><br></div><div>Has to fit in a tamper-proof=
evidence bag, should be small enough to store in a safe.</div><div><br></d=
iv><div>Light is really a proxy for 'easy to destroy verifiably and com=
pletely'. My preferred method involves a transparent jig and a belt san=
der.</div>
<div><br></div><div>Anything with a hard drive is an utter pain.=A0</div><d=
iv>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;bo=
rder-left:1px #ccc solid;padding-left:1ex"><div class=3D"im">
> * Have processor and display capabilities * Be possible to control<br>
> the operating system build completely * Be cheap enough to be a<br>
> burner machine<br>
<br>
</div>I agree on the last two.<br>
<br>
I still think the ideal key management device is something like what<br>
Perry sketched out on this list several months ago: a cheap, small<br>
device (like a Raspberry Pi) that I can place in my house and interact<br>
with directly via wired or near-field communication (the display could<br>
be on any other device I own). I don't see the need to take it with<br>
me, and in fact I'd prefer that it be at home so that I know it's a=
s<br>
physically secure as other things I own.<br></blockquote><div><br></div><di=
v>I think the Pi is good for some purposes. But it does not come with a dis=
play or input device.=A0</div></div><br clear=3D"all"><div><br></div>-- <br=
>
Website: <a href=3D"http://hallambaker.com/">http://hallambaker.com/</a><br=
>
</div></div>
--047d7bb03c468d4d5704ecbad7cc--
--===============1362569512036554624==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1362569512036554624==--