Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-05-10 Thread Ben Laurie
On 14 April 2016 at 00:16, Jerry Leichter wrote: >>> Yes, make it significantly smaller than the current form factor. >> >> Ah. OK, well, that is certainly doable, though how small you can make it is >> ultimately limited by the size of the display. How small do you want it,

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-14 Thread Ron Garret
On Apr 14, 2016, at 2:36 AM, stef wrote: > On Tue, Apr 12, 2016 at 08:12:52PM -0700, Tony Arcieri wrote: >> On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret wrote: >> Well, that's true, but it's also hundreds of times bigger than a token in >> the Yubikey "nano"

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-14 Thread stef
On Tue, Apr 12, 2016 at 08:12:52PM -0700, Tony Arcieri wrote: > On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret wrote: > Well, that's true, but it's also hundreds of times bigger than a token in > the Yubikey "nano" form factor, which is actually convenient to keep > permanently in

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Ron Garret
On Apr 13, 2016, at 4:16 PM, Jerry Leichter wrote: >>> Yes, make it significantly smaller than the current form factor. >> >> Ah. OK, well, that is certainly doable, though how small you can make it is >> ultimately limited by the size of the display. How small do you want

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Ron Garret
On Apr 13, 2016, at 2:22 PM, Bill Frantz wrote: > On 4/13/16 at 10:14 AM, r...@flownet.com (Ron Garret) wrote: > >> Here’s a photo of an earlier version of the HSM using a seven-segment >> display instead of the current 128x32 pixel OLED, next to the current >> version

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Tony Arcieri
On Wed, Apr 13, 2016 at 10:14 AM, Ron Garret wrote: > Is that small enough for you? > Yes, that's significantly better. Sorry if I was overly negative before. -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Ron Garret
On Apr 13, 2016, at 8:27 AM, John Ioannidis wrote: > On Tue, Apr 12, 2016 at 11:28 AM, Ron Garret wrote: >> One of the biggest challenges in crypto is protecting your keys against an >> attacker who pwns your machine. The fundamental problem is that such an

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Tony Arcieri
On Wed, Apr 13, 2016 at 9:40 AM, Ron Garret wrote: > Tony: I really don’t mind negative feedback when it’s constructive. In > fact, I very much appreciate it. But I’m really having a hard time > discerning a constructive purpose in your critique. What exactly do you > think

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Ron Garret
On Apr 13, 2016, at 8:56 AM, Tony Arcieri wrote: > On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau > wrote: > Who wants to be optimistic with respect to threat models in the current IT > landscape? > > I prefer to be realistic about threats,

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Tony Arcieri
On Wed, Apr 13, 2016 at 2:06 AM, Thierry Moreau < thierry.mor...@connotech.com> wrote: > Who wants to be optimistic with respect to threat models in the current IT > landscape? I prefer to be realistic about threats, especially when UX tradeoffs are involved -- Tony Arcieri

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-13 Thread Thierry Moreau
On 13/04/16 03:12 AM, Tony Arcieri wrote: On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret > wrote: This HSM is much more general-purpose than a U2F token. Well, that's true, but it's also hundreds of times bigger than a token in the Yubikey "nano"

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-12 Thread Tony Arcieri
On Tue, Apr 12, 2016 at 7:26 PM, Ron Garret wrote: > This HSM is much more general-purpose than a U2F token. > Well, that's true, but it's also hundreds of times bigger than a token in the Yubikey "nano" form factor, which is actually convenient to keep permanently in the USB

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-12 Thread Ron Garret
On Apr 12, 2016, at 5:39 PM, Tony Arcieri wrote: > On Tue, Apr 12, 2016 at 8:28 AM, Ron Garret wrote: > Some hardware tokens have an input device built in (usually a push button, > sometimes a fingerprint sensor) which needs to be activated before the

Re: [cryptography] [Cryptography] Show Crypto: prototype USB HSM

2016-04-12 Thread Tony Arcieri
On Tue, Apr 12, 2016 at 8:28 AM, Ron Garret wrote: > Some hardware tokens have an input device built in (usually a push button, > sometimes a fingerprint sensor) which needs to be activated before the > token will operate, but these are still subject to phishing attacks Not