Now that I think of it, SW implementations with the CEV version that cascades symmetric ciphers are very very slow if SoCs such as RPi are used. OTP and one time MAC is naturally very fast but I'm not sure how large key storages can be added for micro controllers: users should probably use OTF-encrypted HDDs to protect key data and avoid wear levelling issues of flash memory. Anyway, I pushed out 0.5.4. of TFC out yesterday. Lot's of fixes for stability and usability, signed installer that checks SHA512 hashes of other files. Probably the most important feature is hiding 'when' and 'how much' communication takes place. This is done by sending a constant stream of noise messages and commands from the transmitter unit the receivers transparently discard. This exhausts OTP keyfiles very quickly so I'd recommend using the CEV version. -maqp On 31.03.2015 05:49, Juan wrote:
On Sun, 29 Mar 2015 00:46:08 +0200 Markus Ottela <oottela@cs.helsinki.fi> wrote:
A microcontroller as TCB doing OTP with HWRNG-generated keys. Sounds a lot like the OTP-version of Tinfoil Chat ( github.com/maqp/tfc ).
Splitting the application in two rx/tx physically isolated devices is clever...Although using two laptops or two raspberries seems a bit overkill?
Now I'm wondering how easy it would be to hack a microcontroller through its serial link. Of course "a microcontroller" is horribly vague. For instance, what about a microcontroller that can't execute code from ram?
J.