On Mon, May 01, 2000 at 06:50:55PM -0700, Bill Stewart wrote: > Patrick Henry The Nym wrote: > > This would be a good issue to bring up with them directly. By the way, > > I asked them once how I could be sure there is no back door into the > > system. They merely said "there is no back door." > > That's because you asked them the wrong question. You needed to ask them > "Ohhh, Nooo! I did something wrong setting up the system and I can't > get any of my data off my disk! Help me! Help me!" > phrased in some way that makes sense in the context of their user interface. > That's usually the best way to find the back door. > > "My cat licked the U.are.U while I was initializing my secure disk!" "I was reading cypherpunks and this funny post made me spit coffee all over the U.are.U!". > At 06:05 PM 04/18/2000 -0700, ericm wrote: > > > [U.R.U. has an encrypted-disk feature.] > >The problem that I have with the U.are.U system, and anything > >else like it, is that I can't see how to make it secure. > ... > >In the U.are.U system, the templates can't be stored strongly encrypted > >with a passphrase, because then you'd need to type in a passphrase to > >unlock your biometric in order to authenticate with your finger, which > >would clearly be silly. > > > >So, the template has to be stored in the clear, or encrypted with > >a key that's embedded in the U.are.U software and hidden using > >the usual software tamper-resistance techniques.... which of > >course can be cracked, allowing the attacker to replace the > >template with his own. > > If I were building a thing like that, I'd use public-key. > Have the U.are.U generate a public/private keypair, > store the private key in NVRAM/flash/etc., and only > hand the encrypted fingerprint material to the PC. That's what the smartcard reader with fingerprint scanner that I worked on did (the reader, minus biometric, will be sold by Compaq Real Soon Now). It's the best that you can do without biometric-capable smartcards. > (You might be able to use secret-key, but I'm not sure.) Depends on the authentication protocol. Our reader was doing SET so RSA was required. > This does mean making the U.are.U module tamper-resistant, > but it _is_ a consumer device, not a KGB-proof device. ... so the ordinary protection provided by being in hardware is probably ok. (making sure that there's no really obvious things like debug pins or a pin that erases flash) Another weak point is, once the unit has done the biometric match and unlocked the key, where does the key go? To the PC to be used to decrypt the filesystem? Or does the filesystem get decrypted on the device? The latter would be less insecure, at the cost of performance. Of course the maker could add a $5 3DES chip to do the crypto, but that $5 cost (in quantity) winds up adding $25 or 30 on the retail price. -- Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
