On Sun, 29 Mar 2015 00:46:08 +0200 Markus Ottela <oottela@cs.helsinki.fi> wrote:
A microcontroller as TCB doing OTP with HWRNG-generated keys. Sounds a lot like the OTP-version of Tinfoil Chat ( github.com/maqp/tfc ).
Thanks! Checking it out.
It doesn't take a spy or terrorist to create something like this: TFC was a hobby of a CS-student.
Yeah, that was one of my not-explicitly-stated points. Since such a device is almost 'trivial' to build, rendering a lot of fancy cryptoanalisis (and hacking) useless seems easy. So we arrive at the surprising and unheard-of conclusion that governments are a very big scam...
Distribution of key material isn't the big problem, keeping the keys secure from end-point exploitation is as TAO, ANT-implants, COMMONDEER, VALIDATOR, QUANTUM w/ UNITEDRAKE/SALVAGERABBIT etc. make it hard.
I'm not sure what exactly those things do, but they seem to be attacks against 'cosumer grade' hardware and software. Not likely to work against a $2 microcontroller with no radio and no network connection.
But even these could be addressed in TFC - enforcing the need for close access operations, close proximity malware injection or retro reflectors and other HW implants is the only way to avoid untasked targeting from becoming the mass surveillance of next generation; It's the sweet spot of security, as the attack can not be automated, and the cost increases linearly with the number of targets.
On 28.03.2015 03:02, Juan wrote:
Seems to me that it's rather easy for terrorists to create simple hardware for at least secure text messaging (or more).
The recipe goes something like this :
1) a microcontroller. 2) a keyboard 3) an 'old' lcd text display 4) eeprom memory - sd card 5) a bunch of discrete components for a noise generator.
The idea is to mix all those ingredients plus code to get a system that can
1) generate random data to be used as key in 'one time pad' encryption 2) input text messages (and encrypt them of course) 3) decrypt text messages to the screen
(if the microcontroller can act as an usb host it maybe possible to get data from devices like cameras and encrypt it)
The thing is, distribution of the key material should be trivial for any 'terrist' worth his salt. So the only drawback of the allegedly secure one time pad isn't really an issue.
I'm guessing that any real 'spies' out there have been using something like this for a while.