Re: RS232 Crypto Dongle (idea for widely accessible crypto technology)
Much better for this application is the PCMCIA standard, which has plenty of room for circuitry.
I had this in mind too. But there's a problem -- if we have to depend on commercial manufacturers to build these things, how will we know if we can really trust them? I'm not impugning the manufacturers themselves, as it's entirely possible that the FBI and/or NSA wouldn't even let them build and sell a device like this if it's "too" secure. That's the paradox of freely-available crypto software like PGP. The software, including source, is open for inspection by all. But because it runs on general purpose computer hardware, it's vulnerable to all of the usual computer security attacks (viruses, modifications to secretly record or transmit keys, keystroke monitors, etc). Going to small, dedicated pieces of hardware removes these vulnerabilities, but then we're right back where we started -- with an opaque piece of commercial hardware whose secure operation we can't verify. Unless, of course, we can get the technology to build PCMCIA cards ourselves out of readily available parts... Phil
Some points about the security of "crypto dongles" and other personal security devices. Phil Karn writes:
Much better for this application is the PCMCIA standard, which has plenty of room for circuitry.
I had this in mind too. But there's a problem -- if we have to depend on commercial manufacturers to build these things, how will we know if we can really trust them? I'm not impugning the manufacturers themselves, as it's entirely possible that the FBI and/or NSA wouldn't even let them build and sell a device like this if it's "too" secure.
The crucial chips could be built under "open inspection" conditions, much like having source code for inspection prior to compilation on one's own--presumably trustworthy--machines. Several such vendors could be used, with independent auditors observing the processing steps throughout. (Merely the threat of a surprise inspection is probably enough to head off obvious attempts to insert hardware trapdoors and the like.) This seems like a solvable problem. The issue of whether the NSA will let such devices be built is interesting. There was the story of the "PhasorPhone," or somesuch, from some years back, with the story that the inventor, in Seattle, filed a patent application and got back a statement that the device was now classified and could not be talked about (let alone marketed). However, I've heard of no such cases recently. Other countries have excellent wafer fab facilities and could of course build the chips and the complete units. Whether Americans could buy them.... Tamper-Responding Modules (TRMs) Robert Brooks mentions using e-beam probers to read the bits out, and various etches, etc. TRMs came up several weeks ago on this list, and are mentioned in the Glossary posted a few days ago. Even if the TRMs can eventually be gotten into, probably at high cost, they will in most cases leave signs of having been opened, analyzed, probed, etc. (that's the "responding" part of TRM). The nuclear weapons people at Sandia and elsewhere (Russia, one now hopes) have been dealing with the problem for several decades. Some of their work has filtered out to the public literature. Smartcards often have basic TRM methods applied to them. If there's interest, I can summarize. --Tim -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^756839 | PGP Public Key: by arrangement.
I had this in mind too. But there's a problem -- if we have to depend on commercial manufacturers to build these things, how will we know if we can really trust them? ... Unless, of course, we can get the technology to build PCMCIA cards ourselves out of readily available parts...
There's an implied assumption in the above that "we" and "commercial manufacturers" are not the same people, and that if "we" could build the cards "ourselves", then "we" could trust them. But any of "us" builds PCMCIA cards and offers them to "us" for sale, they will have to satisfy "us" that "we" truly understand its level of security. Enough pronouns? The point is that we can't trust ourselves any more than faceless manufacturers. It's more likely the manufacturers won't make some bonehead mistake that renders the system easy to break. And, as dramatized in "Sneakers", even the best people can be pressured by the government if they or their loved ones are vulnerable. John Draper was proposing to manufacture rs232 random number generators -- would you buy a used random number from this man? If you could see its design, you might. If not, probably not. There's a tradition that security software has to be made available in source form because the customers insist on it. Let's continue this trend and make sure it applies to hardware, too. John
participants (3)
-
gnu@cygnus.com -
karn@qualcomm.com -
tcmay@netcom.com