--- begin forwarded text From: [EMAIL PROTECTED] (Peter Gutmann) To: [EMAIL PROTECTED] Subject: Re: Project: Hardening Crypto Against Big Brother's "BlackBag" Intrusions Date: Fri, 3 Sep 1999 14:15:21 (NZST) Sender: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] (Peter Gutmann) Sunder <[EMAIL PROTECTED]> wrotes: >Again, what's needed is a tamper proof device (tampering by physical access >to the device or by some means to bypass the device in the software of the >computer it's inserted in). This would require that the key do it's own on >board crypto and not rely for ANYTHING coming from the host PC, other than a >communication channel. Something like this is already under development, the idea is that it'll run on any PC104-type device or similar (you can get some neat embedded PC's in a PCMCIA-card form factor device), all crypto operations are performed in the device which you access over a network (ideally a foot or so of point-to-point cat 5 going from your PC to the crypto box, you could probably also run PPP over a serial link if you don't have a network card in your machine). It's an extension of my cryptlib toolkit, the way it works is that you have a client shim sitting on the PC which forwards all requests to the crypto box, and all processing is done on that (the API is identical to the existing one, but instead of the crypto being done in a statically-linked lib, the data is forwarded out and done in physically separate hardware). When you're done with it, you stick it in your pocket and walk away. Although your PC can still be subverted, it's a *lot* harder sucking megabytes of email from your machine each time than taking a one-off copy of your private key and password and decrypting your email as it passes over the Internet. There are probably other cool applications for it as well, for example if you want to (say) ssh to your home machine from a untrusted system you could do the crypto side of things using the crypto box rather than having to trust the system you're running ssh from. The whole thing should be ready for prime time in a couple of months, all the source will be publicly available as usual so you can build the whole thing yourself. If anyone's interested in working on this, let me know - the "crypto in a physically isolated black box" bit is pretty much done, what's needed is someone to set up an appropriately configured and stripped-down Linux or *BSD kernel to run on the hardware (I know about projects like PicoBSD, but they don't quite fit the bill, and I don't really have the time to spend ages tweaking the config to get it just right). In case anyone's still reading, there's a paper and some slides on the general architecture (although there wasn't room to go into specific details like the paragraph above) available from my home page, http://www.cs.auckland.ac.nz/~pgut001/, at the end of the stuff under "Analysis and Design of Security Systems". Peter. --- end forwarded text ----------------- Robert A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
