On 3/28/15, Markus Ottela <oottela@cs.helsinki.fi> wrote:
A microcontroller as TCB doing OTP with HWRNG-generated keys. Sounds a lot like the OTP-version of Tinfoil Chat ( github.com/maqp/tfc ). It doesn't take a spy or terrorist to create something like this: TFC was a hobby of a CS-student.
HSMs for the masses!
Distribution of key material isn't the big problem, keeping the keys secure from end-point exploitation is...
usually keeping keys secure is part of key management, of which distribution also a part. "key management is the problem" perhaps sums it up :P
... as TAO, ANT-implants, COMMONDEER, VALIDATOR, QUANTUM w/ UNITEDRAKE/SALVAGERABBIT etc. make it hard. But even these could be addressed in TFC - enforcing the need for close access operations, close proximity malware injection or retro reflectors and other HW implants is the only way to avoid untasked targeting from becoming the mass surveillance of next generation; It's the sweet spot of security, as the attack can not be automated, and the cost increases linearly with the number of targets.
eve out of business, then force mallory to burglary! i would like to note, that claims of "this shit so hard they gonna come at you sideways nextdoor and high power before black baggin'" is not the best way to market the security benefits. a fair goal. how far to get there? [ this is your threat model, after all! https://edwardsnowden.com/category/revealed-documents/ ] best regards, P.S. Cisco is now shipping to drop houses for redirects to sensitive customers. not that it would help, but amusing none the less!