Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On 14 April 2016 at 00:16, Jerry Leichterwrote: >>> Yes, make it significantly smaller than the current form factor. >> >> Ah. OK, well, that is certainly doable, though how small you can make it is >> ultimately limited by the size of the display. How small do you want it, >> and how much are you willing to pay? > I wonder if one could get rid of the display per se and add some kind of MEMS > steerable laser to it. The output would be projected onto some nearby > surface. This could be physically much smaller. > > People have built "virtual keyboards" using this idea- here's a random one: > http://www.amazon.com/AGS-Wireless-Projection-Bluetooth-Smartphone/dp/B00MR26TUO/ref=sr_1_1?ie=UTF8=1460589277=8-1=laser+projector+keyboard Oh no they haven't - that's simply projecting a static image, its not steerable. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 14, 2016, at 2:36 AM, stefwrote: > On Tue, Apr 12, 2016 at 08:12:52PM -0700, Tony Arcieri wrote: >> On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret wrote: >> Well, that's true, but it's also hundreds of times bigger than a token in >> the Yubikey "nano" form factor, which is actually convenient to keep >> permanently in the USB slot of a laptop. Your physical design seems pretty >> unwieldy for laptops (see also Yubico's keychain designs). >> >> Yubikey "nano" factor tokens like the NEO-n have also supported more >> general purposes than a U2F token (e.g. CCID interface, OpenPGP applets, >> see also PIV) >> >> I swear I'm not a paid shill for Yubico, but I'm a fan of small >> display-free hardware tokens. While a token like what you've built might >> provide Maximum Security under pessimistic threat models, its large size >> makes it look rather inconvenient to me. > > coincidentally i'm hacking on a similar device for quite some time. and while > one of my design goals was to have my keys always on me, even in the sauna. As long as you don’t actually want to *use* it in the sauna you could take the SC4-HSM with you, but you’d probably want to put it in a ziploc bag. > there's another hard requirement, which is kinda conflicting with having a > device so small to always keep it in the usb plugged. this requirement is to > have the unlocking of the key material depend only on the usb device not on > the usb host. If you were to implement a pass phrase to lock the SC4-HSM (the current firmware doesn’t support this but it’s easy to add this feature), that pass phrase would not depend on the host. You’d use it (via a KDF) to encrypt/decrypt the secret keys stored on the device. > if i have to enter my password to unlock the keys on the pc, any > finfisher/hackingteam malware can duplicate my password and use it itself. That’s true. But your attacker would *also* need to get *physical* access for the password to do them any good. Also, if you were being super-duper paranoid, you could always dedicate a host device for this purpose and keep it air-gapped. > so the i need some kind of passphrase entry on the device. and with this > requirement the UX actually favors bigger designs, with displays. The display is actually not the limiting factor on size as much as the input device is. I don’t know of any way to add a high-bit-width input device to a device this size. The SC4-HSM has two push-buttons, and if you really wanted to you *could* use those to enter a PIN of some kind, but it would be a UI/UX nightmare so I wouldn’t advocate it. > i also understand that a small device in a usb slot is nice, but it also > encourages continuous contact between the keystore and an untrusted device. i > rather unplug my keystore when it's not needed. I’m not sure I understand this. It’s easy to unplug any USB device when it’s not in use. What would be the alternative? > as a shameless plug, my designs are already in production, and will available > in small quantities this summer. Cool! What is it called? How can I get one? rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Tue, Apr 12, 2016 at 08:12:52PM -0700, Tony Arcieri wrote: > On Tue, Apr 12, 2016 at 7:26 PM, Ron Garretwrote: > Well, that's true, but it's also hundreds of times bigger than a token in > the Yubikey "nano" form factor, which is actually convenient to keep > permanently in the USB slot of a laptop. Your physical design seems pretty > unwieldy for laptops (see also Yubico's keychain designs). > > Yubikey "nano" factor tokens like the NEO-n have also supported more > general purposes than a U2F token (e.g. CCID interface, OpenPGP applets, > see also PIV) > > I swear I'm not a paid shill for Yubico, but I'm a fan of small > display-free hardware tokens. While a token like what you've built might > provide Maximum Security under pessimistic threat models, its large size > makes it look rather inconvenient to me. coincidentally i'm hacking on a similar device for quite some time. and while one of my design goals was to have my keys always on me, even in the sauna. there's another hard requirement, which is kinda conflicting with having a device so small to always keep it in the usb plugged. this requirement is to have the unlocking of the key material depend only on the usb device not on the usb host. if i have to enter my password to unlock the keys on the pc, any finfisher/hackingteam malware can duplicate my password and use it itself. so the i need some kind of passphrase entry on the device. and with this requirement the UX actually favors bigger designs, with displays. my two approaches are 1/ using chording a la guitar hero, you learn your passphrase using muscle memory and play the hex digits of it on 4 buttons. this device is about 3x7cm big. 2/ i have the board in the exact format of a nokia 3310, and can switch the original board with my and use the nokias display and keyboard with 16 keys for entry of passphrases. however latter design is not suitable for saunas. the smaller design however could be enclosed like this: http://cryptomuseum.com/crypto/philips/aroflex2/img/301412/005/full.jpg http://cryptomuseum.com/crypto/philips/aroflex2/img/301411/003/full.jpg http://cryptomuseum.com/crypto/philips/aroflex2/img/301412/000/full.jpg http://cryptomuseum.com/crypto/philips/aroflex2/img/301412/009/full.jpg i also understand that a small device in a usb slot is nice, but it also encourages continuous contact between the keystore and an untrusted device. i rather unplug my keystore when it's not needed. as a shameless plug, my designs are already in production, and will available in small quantities this summer. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 13, 2016, at 4:16 PM, Jerry Leichterwrote: >>> Yes, make it significantly smaller than the current form factor. >> >> Ah. OK, well, that is certainly doable, though how small you can make it is >> ultimately limited by the size of the display. How small do you want it, >> and how much are you willing to pay? > I wonder if one could get rid of the display per se and add some kind of MEMS > steerable laser to it. The output would be projected onto some nearby > surface. This could be physically much smaller. Hm, that is an interesting idea. But I think it’s a little more than I want to bite off for version 1. > In another message, you suggested using a passphrase to unlock the thing, so > even decapping wouldn't reveal the secrets. That requires a secure input > device. Only if you have an adversary that pwns your client machine *and* then obtains physical control of the device. For either of these attacks in isolation, a non-secure input suffices. > Going all the way to a virtual keyboard might do the trick. The keyboard > doesn't have to be very good, just functional for this one purpose. > > Of course, this would add significantly to cost, though the one I listed > above only costs $40. What size you could end up with isn't clear. I’m not trying to protect against every conceivable attack, I’m just trying to design an 80/20 solution (actually I think what I have is closer to a 99/1 solution, but it’s early yet). One must always keep Munroe’s law in mind: https://xkcd.com/538/ rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 13, 2016, at 2:22 PM, Bill Frantzwrote: > On 4/13/16 at 10:14 AM, r...@flownet.com (Ron Garret) wrote: > >> Here’s a photo of an earlier version of the HSM using a seven-segment >> display instead of the current 128x32 pixel OLED, next to the current >> version for size comparison: > > I normally carry a USB flash drive in my pocket. With the connector > retracted, it is a bit less than 3 US nickels (2.25 inches, 58mm) long. I > would have no problem with either of the pictured devices. The prototype SC4-HSM case is 57x21x9 mm. The USB connector extends out 14mm beyond the edge of the case. It’s bigger than some portable USB devices, smaller than others. It’s almost exactly the same size as e.g. the MobileMate SD+ card reader: http://www.amazon.com/Sandisk-Mobilemate-Plus-Memory-Reader/dp/B002PX99D4/ref=pd_sim_147_5 The case is 3-D printed plastic so a production version could probably shave a couple of mm off of that. There is also quite a bit of extra length on the board to support the debug connector that will be be taken of in the final design. I abandoned the smaller design because the seven-segment display turned out to be inadequate for security. 4x7 segments gives you 28 bits of output at most (and realistically only 16 bits under non-geek UI constraints), and that’s not enough. rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Wed, Apr 13, 2016 at 10:14 AM, Ron Garretwrote: > Is that small enough for you? > Yes, that's significantly better. Sorry if I was overly negative before. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 13, 2016, at 8:27 AM, John Ioannidiswrote: > On Tue, Apr 12, 2016 at 11:28 AM, Ron Garret wrote: >> One of the biggest challenges in crypto is protecting your keys against an >> attacker who pwns your machine. The fundamental problem is that such an >> attacker can do anything you can do, including access hardware tokens that >> are connected to the machine. Some hardware tokens have an input device >> built in (usually a push button, sometimes a fingerprint sensor) which needs >> to be activated before the token will operate, but these are still subject >> to phishing attacks. In order to really be secure, a hardware token must >> have not just an input device, but a display as well so that information >> about the operation being authorized can be shown to the user in a way that >> is guaranteed to be out of the control of an attacker who pwns the host >> machine. >> > > You are addressing crypto professionals here. Don't you think we > already know this? I didn’t want to assume that *everyone* on this list was a professional cryptographer. And it certainly does not appear to be common knowledge that a USB token needs to have built-in I/O in order to be secure against ownership of the client device. In fact, it seems to be a rather controversial claim. But if you thought my original post was inappropriate I apologize. >> I did a market survey and could not find a device that met these >> requirements. The closest thing I could find was the Trezor bitcoin wallet, >> but at $99 it seemed a bit pricey so I decided to roll my own. The result >> is the SC4-HSM, a USB dongle with an STM32F405 processor (32-bit ARM cortex >> M4 with a built-in hardware RNG, 1MB flash, 192k RAM) and a 128-32 pixel >> monochrome Adafruit display. It also has two user pushbuttons and two LEDs >> (though I’m going to be changing that to a single tri-color LED). It >> currently runs TweetNaCl, but there’s a lot of headroom for more complex >> crypto. It’s also possible to swap the F405 for an F415, which has built-in >> crypto operations (AES, 3DES, various SHA hashes). Both processors have >> hardware support for freezing a firmware load so that it cannot be >> overwritten, and so the contents of the flash cannot be read out even with >> physical access to the device. The target market for these chips is medical >> devices and process controllers, and one of the requirements is to keep the >> firmware out of the hands of Chinese industrial espionage agents. >> > > If the secret you are protecting is valuable enough, there are lots of > ways to uncover it. Read up about decapping chips with nitric acid, > micromanipulators, and other such fun stuff. If you want to get a bit > fancier, read up on FIBs. If your secret is worth more than $100, you > should really spend at least that much protecting it. You can make the SC4-HSM secure against decapping by encrypting the keys with a pass-phrase. > The part about freezing the firmware is valid, but even then, you have > to balance that against the need to do firmware upgrades for when bugs > are discovered. In that case you’d need to obtain a new HSM. But the SC4-HSM is ridiculously cheap, only about $20 in parts in single quantities, so replacing it is a viable solution. > The most valuable part of medical devices is not the code. It's the > process of getting them approved for medical use. That may well be, but I don’t understand why you think it’s relevant. Preventing firmware from being copied is a feature of sufficient value that hardware manufacturers are building it into their chips, and that’s all that matters for this application. > >> Photos of the prototype are attached. I’m about to do a small production >> run (O(10) units) which will cost about $50 each. If anyone here is >> interested in obtaining one of these please contact me privately. >> >> I’m also actively recruiting a consultant to help with firmware development >> and auditing. > > You just got some free consulting. Here is some more: do not hire > anyone who would not bring these points up right away. Thank you for your feedback. rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Wed, Apr 13, 2016 at 9:40 AM, Ron Garretwrote: > Tony: I really don’t mind negative feedback when it’s constructive. In > fact, I very much appreciate it. But I’m really having a hard time > discerning a constructive purpose in your critique. What exactly do you > think that I should be doing differently? Change the design? > Yes, make it significantly smaller than the current form factor. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 13, 2016, at 8:56 AM, Tony Arcieriwrote: > On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau > wrote: > Who wants to be optimistic with respect to threat models in the current IT > landscape? > > I prefer to be realistic about threats, especially when UX tradeoffs are > involved Everyone needs to choose their own risk posture, and different applications have different needs. There are certainly people out there for whom Yubikeys are adequate, and for whom the SC4-HSM won’t make sense. But I believe that there are applications and not-entirely-unreasonable risk postures for which a Yubikey might not be adequate. If nothing else, having a programmable USB dongle with a display makes kind of a cool toy to noodle around with. Tony: I really don’t mind negative feedback when it’s constructive. In fact, I very much appreciate it. But I’m really having a hard time discerning a constructive purpose in your critique. What exactly do you think that I should be doing differently? Change the design? Give up and join you in being an evangelist for Yubikeys? Something else? I really don’t get it. rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau < thierry.mor...@connotech.com> wrote: > Who wants to be optimistic with respect to threat models in the current IT > landscape? I prefer to be realistic about threats, especially when UX tradeoffs are involved -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On 13/04/16 03:12 AM, Tony Arcieri wrote: On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret> wrote: This HSM is much more general-purpose than a U2F token. Well, that's true, but it's also hundreds of times bigger than a token in the Yubikey "nano" form factor, which is actually convenient to keep permanently in the USB slot of a laptop. Your physical design seems pretty unwieldy for laptops (see also Yubico's keychain designs). Yubikey "nano" factor tokens like the NEO-n have also supported more general purposes than a U2F token (e.g. CCID interface, OpenPGP applets, see also PIV) I swear I'm not a paid shill for Yubico, but I'm a fan of small display-free hardware tokens. While a token like what you've built might provide Maximum Security under pessimistic threat models, its large size = Who wants to be optimistic with respect to threat models in the current IT landscape? Do you? (I much liked what I glimpsed from the original post.) - Thierry Moreau makes it look rather inconvenient to me. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Tue, Apr 12, 2016 at 7:26 PM, Ron Garretwrote: > This HSM is much more general-purpose than a U2F token. > Well, that's true, but it's also hundreds of times bigger than a token in the Yubikey "nano" form factor, which is actually convenient to keep permanently in the USB slot of a laptop. Your physical design seems pretty unwieldy for laptops (see also Yubico's keychain designs). Yubikey "nano" factor tokens like the NEO-n have also supported more general purposes than a U2F token (e.g. CCID interface, OpenPGP applets, see also PIV) I swear I'm not a paid shill for Yubico, but I'm a fan of small display-free hardware tokens. While a token like what you've built might provide Maximum Security under pessimistic threat models, its large size makes it look rather inconvenient to me. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Apr 12, 2016, at 5:39 PM, Tony Arcieriwrote: > On Tue, Apr 12, 2016 at 8:28 AM, Ron Garret wrote: > Some hardware tokens have an input device built in (usually a push button, > sometimes a fingerprint sensor) which needs to be activated before the token > will operate, but these are still subject to phishing attacks > > Not to rain on your parade, but if you're talking about authentication > contexts, U2F solves the phishability problem by deriving domain-separated > keys per origin, so it's not possible for an attacker to leverage it for > phishing purposes. This HSM is much more general-purpose than a U2F token. It could be used as a standalone bitcoin wallet a la Trezor. It can be used to decrypt messages and display them on the built-in display so that even an adversary with root accesss to your laptop couldn’t read the cleartext. The firmware doesn’t support this yet, but it’s a mere matter of programming :-) But even U2F tokens can be phished for some value of “phished”. It’s true that you can’t extract the keys, but if an attacker owns your machine and you have a U2F token installed, the attacker can log into any site you can log into. Even if the token has a button you need to push to activate it, it’s probably not hard to fool most users into pushing the button to authorize an authentication for an attacker. With a display, the token can say, “You are about to authorize…” and describe exactly what it is that it is being asked to do so that you know what you’re authorizing in a way that an attacker cannot control even with a completely compromised client. rg ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM
On Tue, Apr 12, 2016 at 8:28 AM, Ron Garretwrote: > Some hardware tokens have an input device built in (usually a push button, > sometimes a fingerprint sensor) which needs to be activated before the > token will operate, but these are still subject to phishing attacks Not to rain on your parade, but if you're talking about authentication contexts, U2F solves the phishability problem by deriving domain-separated keys per origin, so it's not possible for an attacker to leverage it for phishing purposes. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography