[149015] in cryptography@c2.net mail archive
Re: [Cryptography] Dumb idea: open-source hardware USB key for
daemon@ATHENA.MIT.EDU (Joshua Marpet)
Mon Jan 13 13:16:39 2014
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <52D39B00.8040100@iang.org>
Date: Mon, 13 Jan 2014 02:58:43 -0500
From: Joshua Marpet <joshua.marpet@guardedrisk.com>
To: ianG <iang@iang.org>
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
Bill Cox <waywardgeek@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============5029084523332847578==
Content-Type: multipart/alternative; boundary=089e0141a092d3780804efd571f0
--089e0141a092d3780804efd571f0
Content-Type: text/plain; charset=ISO-8859-1
Ok, I guess I'm being a bit paranoid. Sorry!!!
I asked him that once. His answer was, "I attack, I don't defend." Argh.
I would guesstimate that a system that could be revoked instantly and
widely, so any key could be instantly killed, would help. but that would
involve a centralized keyserv, checked everytime used. Which would make
offline use difficult at best.
I really like the USB stick idea. I think to protect data, a microswitch
is a legitimate thought, but I think Acid and plastique are probably going
too far. (Although they'd be fun to play with) :)
There's some other problems as well. For example, Travis and Sergey
Bratus, I believe, worked together to get Linux running on hard drives.
Not the platters, the firmware and IC's of the drive itself. Active
antiforensics, and potentially active key grabbing. MAybe the same could
be done for the electronics of the stick. Would be unpleasant.
To be honest, I'm stumped.
Maybe decide the features and must have list first, then design system
around that? My $.02 (while exhausted and recovering from illness,
forgive me.)
On Mon, Jan 13, 2014 at 2:51 AM, ianG <iang@iang.org> wrote:
> On 13/01/14 02:16 AM, Joshua Marpet wrote:
>
>> I'm friends with Travis Goodspeed, and if you don't know who he is, he's
>> the crazed lunatic (said fondly) who decaps chips for fun, to read out,
>> for example, the entire RSA SecurID chip on a keyfob, or a cryptographic
>> system of all shapes and sizes. FYI, he can re-enable an expired
>> SecurID fob. So epoxying chips is good as a detective measure (as in, I
>> see something was done!) It's not so good as a preventative measure.
>>
>> He's the one who taught me to use syringe needles as probes to find JTAG
>> ports on IC's, since they're stiff, come to a point, and are easy to
>> manipulate. (Works great, by the way)
>>
>
>
>
> Sounds like lots of fun! For the most part, I would say that all devices
> can be defeated in the lab by persistent attack, and the primary protection
> is: Don't lose your stick!
>
> In the first instance we need to get things going.
>
> Much later on, it might be fun to start attacking the various ideas and
> see which can resist, which can boost their resistance, etc.
>
> What does Travis recommend for preventing attacks? Microswitches? Acid
> bottles? Plastique?
>
>
>
> iang
>
>
> On Sun, Jan 12, 2014 at 3:01 AM, ianG <iang@iang.org
>> <mailto:iang@iang.org>> wrote:
>>
>> On 11/01/14 01:53 AM, Bill Cox wrote:
>>
>> I've been noodling the idea of a USB stick designed in a way that
>> we
>> can trust the crypto that goes on there. It's a hard problem, but
>> there seems to be some guidelines that could help:
>> ...
>>
>> Responding to all, it seems that the only constant here is USB, and
>> nobody's particularly wedded to that.
>>
>> So, we don't know what the best solution is.
>>
>>
>>
>> Could we make such a beast?
>>
>>
>>
>> Let a thousand flowers bloom. Get your ideas out and try it. One
>> thing is clear: not having anything is generally less secure than
>> having something...
>>
>> iang
>>
>>
--
*Joshua A. Marpet*
Managing Principal
*GuardedRisk*
*Before the Breach **and **After The Incident!*
1-855-23G-RISK (855-234-7475)
Cell: (908) 916-7764
Joshua.Marpet@guardedrisk.com
http://www.GuardedRisk.com
--089e0141a092d3780804efd571f0
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Ok, I guess I'm being a bit paranoid. =A0Sorry!!!<div>=
<br></div><div>I asked him that once. =A0His answer was, "I attack, I =
don't defend." =A0Argh.</div><div><br></div><div>I would guesstima=
te that a system that could be revoked instantly and widely, so any key cou=
ld be instantly killed, would help. =A0but that would involve a centralized=
keyserv, checked everytime used. =A0Which would make offline use difficult=
at best.</div>
<div><br></div><div>I really like the USB stick idea. =A0I think to protect=
data, a microswitch is a legitimate thought, but I think Acid and plastiqu=
e are probably going too far. =A0(Although they'd be fun to play with) =
=A0:)</div>
<div><br></div><div>There's some other problems as well. =A0For example=
, Travis and Sergey Bratus, I believe, worked together to get Linux running=
on hard drives. =A0Not the platters, the firmware and IC's of the driv=
e itself. =A0Active antiforensics, and potentially active key grabbing. =A0=
MAybe the same could be done for the electronics of the stick. =A0Would be =
unpleasant. =A0</div>
<div><br></div><div>To be honest, I'm stumped. =A0</div><div><br></div>=
<div>Maybe decide the features and must have list first, then design system=
around that? =A0My $.02 =A0(while exhausted and recovering from illness, f=
orgive me.)</div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Mon,=
Jan 13, 2014 at 2:51 AM, ianG <span dir=3D"ltr"><<a href=3D"mailto:iang=
@iang.org" target=3D"_blank">iang@iang.org</a>></span> wrote:<br><blockq=
uote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc =
solid;padding-left:1ex">
<div class=3D"im">On 13/01/14 02:16 AM, Joshua Marpet wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
I'm friends with Travis Goodspeed, and if you don't know who he is,=
he's<br>
the crazed lunatic (said fondly) who decaps chips for fun, to read out,<br>
for example, the entire RSA SecurID chip on a keyfob, or a cryptographic<br=
>
system of all shapes and sizes. =A0FYI, he can re-enable an expired<br>
SecurID fob. =A0So epoxying chips is good as a detective measure (as in, I<=
br>
see something was done!) =A0It's not so good as a preventative measure.=
<br>
<br>
He's the one who taught me to use syringe needles as probes to find JTA=
G<br>
ports on IC's, since they're stiff, come to a point, and are easy t=
o<br>
manipulate. =A0(Works great, by the way)<br>
</blockquote>
<br>
<br>
<br></div>
Sounds like lots of fun! =A0For the most part, I would say that all devices=
can be defeated in the lab by persistent attack, and the primary protectio=
n is: =A0Don't lose your stick!<br>
<br>
In the first instance we need to get things going.<br>
<br>
Much later on, it might be fun to start attacking the various ideas and see=
which can resist, which can boost their resistance, etc.<br>
<br>
What does Travis recommend for preventing attacks? =A0Microswitches? Acid b=
ottles? =A0Plastique?<span class=3D"HOEnZb"><font color=3D"#888888"><br>
<br>
<br>
<br>
iang<br>
<br>
<br>
</font></span><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;=
border-left:1px #ccc solid;padding-left:1ex"><div class=3D"im">
On Sun, Jan 12, 2014 at 3:01 AM, ianG <<a href=3D"mailto:iang@iang.org" =
target=3D"_blank">iang@iang.org</a><br></div><div class=3D"im">
<mailto:<a href=3D"mailto:iang@iang.org" target=3D"_blank">iang@iang.org=
</a>>> wrote:<br>
<br>
=A0 =A0 On 11/01/14 01:53 AM, Bill Cox wrote:<br>
<br>
=A0 =A0 =A0 =A0 I've been noodling the idea of a USB stick designed in =
a way that we<br>
=A0 =A0 =A0 =A0 can trust the crypto that goes on there. =A0It's a hard=
problem, but<br>
=A0 =A0 =A0 =A0 there seems to be some guidelines that could help:<br>
...<br>
<br></div><div class=3D"im">
=A0 =A0 Responding to all, it seems that the only constant here is USB, and=
<br>
=A0 =A0 nobody's particularly wedded to that.<br>
<br>
=A0 =A0 So, we don't know what the best solution is.<br>
<br>
<br>
<br>
=A0 =A0 =A0 =A0 =A0 Could we make such a beast?<br>
<br>
<br>
<br>
=A0 =A0 Let a thousand flowers bloom. =A0Get your ideas out and try it. =A0=
One<br>
=A0 =A0 thing is clear: =A0not having anything is generally less secure tha=
n<br>
=A0 =A0 having something...<br>
<br>
=A0 =A0 iang<br>
<br>
</div></blockquote>
</blockquote></div><br><br clear=3D"all"><div><br></div>-- <br><div dir=3D"=
ltr"><p style=3D"margin:0px"><b><span style=3D"font-size:10pt;font-family:&=
#39;MS Reference Sans Serif',sans-serif"><font color=3D"#000000">Joshua=
A. Marpet</font></span></b></p>
<p style=3D"margin:0px"><font face=3D"MS Reference Sans Serif, sans-serif" =
color=3D"#000000">Managing Principal</font></p><p style=3D"margin:0px"><fon=
t face=3D"MS Reference Sans Serif, sans-serif" color=3D"#000000"><b>Guarded=
Risk</b></font></p>
<p style=3D"margin:0px;color:rgb(80,0,80)"><span style=3D"font-size:5pt;fon=
t-family:'MS Reference Sans Serif',sans-serif;color:navy"><u></u>=
=A0</span></p><p style=3D"margin:0px"><font color=3D"#ff0000"><span style=
=3D"font-family:'MS Reference Sans Serif',sans-serif"><font><b><i>B=
efore the Breach=A0</i></b></font></span><b style=3D"font-size:small;font-f=
amily:'MS Reference Sans Serif',sans-serif"><i>and=A0</i></b><b sty=
le=3D"font-size:small;font-family:'MS Reference Sans Serif',sans-se=
rif"><i>After The Incident!</i></b></font></p>
<p style=3D"margin:0px;color:rgb(80,0,80)"><span style=3D"font-family:'=
MS Reference Sans Serif',sans-serif;color:navy"><font><b><i><br></i></b=
></font></span></p><p style=3D"margin:0px"><span style=3D"color:rgb(0,0,0);=
font-size:10pt;font-family:'MS Reference Sans Serif',sans-serif">1-=
855-23</span><span style=3D"font-size:10pt;font-family:'MS Reference Sa=
ns Serif',sans-serif"><font color=3D"#ff0000">G-RISK</font></span><span=
style=3D"color:rgb(0,0,0);font-size:10pt;font-family:'MS Reference San=
s Serif',sans-serif"> (855-234-7475)</span></p>
<p style=3D"margin:0px"><span style=3D"font-size:10pt;font-family:'MS R=
eference Sans Serif',sans-serif"><font color=3D"#000000"><br></font></s=
pan></p><p style=3D"margin:0px"><span style=3D"font-size:10pt;font-family:&=
#39;MS Reference Sans Serif',sans-serif"><font color=3D"#000000">Cell: =
(908) 916-7764=A0</font></span></p>
<p style=3D"margin:0px;color:rgb(80,0,80)"><a href=3D"mailto:Joshua.Marpet@=
guardedrisk.com" target=3D"_blank">Joshua.Marpet@guardedrisk.com</a></p><p =
style=3D"margin:0px;color:rgb(80,0,80)"><a href=3D"http://www.GuardedRisk.c=
om" target=3D"_blank">http://www.GuardedRisk.com</a></p>
<p style=3D"margin:0px;color:rgb(80,0,80)"><span style=3D"font-size:9pt;col=
or:rgb(31,73,125)"><u></u>=A0<u></u></span></p><p style=3D"margin:0px;color=
:rgb(80,0,80);text-align:justify"><br></p></div>
</div>
--089e0141a092d3780804efd571f0--
--===============5029084523332847578==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============5029084523332847578==--
