On Sun, Jul 09, 2006 at 09:17:00PM +0200, Peter Philipp wrote: > On Sun, Jul 09, 2006 at 08:22:10PM +0200, Tobias Ulmer wrote: > > Encrypting data from the keyboard is also not a real option, > > because you need a shared secret (or something like hostkeys, how do > > you know that the usb sniffer can't do MITM attacks?). The keyboard > > needs to be pretty "intelligent" to do that. > > Uhm.. I think I did say public key encryption right? Where exactly is a > shared secret needed in this?
Public encryption isn't magic. The keyboard needs a way to tell you something like this: Hey, you've pluged me into this unknown computer, it says his hostkey is 0xdeadbeed. Are you sure you want me to talk to this computer? Then you are like: Yes, the computer has this exact hostkey and no MITM attack took place, accept this computer. >From now on, everything is encrypted and ok. However, if you don't trust hub's, do you trust your keyboard? Remember, it needs to have a small processor built in that can do SSL and stuff. A keylogger shouldn't increase the costs on such a powerful thing. > > > Rewiring the keys... , you get something like a rot13 encryption, > > anybody can figure that out. > > Yeah but it works against devices that are confident that everything has > rot26 encryption. And if you can "mod" your keyboard in 10 minutes for > nothing at all, except perhaps a 2 euro plug for the cables, why not? No it doesn't. If a keycode is 1 Byte (just a assumption), you have 256 possible keys (far less in reality). It takes few minutes on a 486 to brute-force the key against a small list of common unix commands. Don't even think about a modern P4 oder AMD64. Sure it's something... but i wouldn't call it secure. > > > Anyway, the electromagnetic radiation(?) is probably so high that > > nobody bothers with usb sniffers. I know it was possible to see a good > > image of a crt in about 25m distance by just amplifying the signal back > > in '96 (I was interested in building mini-bugs and have a few books > > about the technology available to this time). > > Perhaps a keyboard that uses light instead of electrical signals is an > overall better solution? Aren't laser emitting diodes fairly cheap today > and the price of roughly 4 meters of fibre-optic cable should be acceptable > for a keyboard right? I like this idea, you can't fsck with it easily, the keyboard could be shielded... nice. And the electronics don't necesarily need to be complex and powerful (IR should do it, no need for a laser diode). > Until then, USB keyboards encrypting would be better > right? How much are you willing to spend for a secure keyboard anyhow? How > much are people spending for "wireless" keyboards? > Depends on your needs. If want to protect against a casual attacker, it may just be enough, but it's wasted time if some TLA tries to shut down your international muslim terrorist attack planing mailinglist server somewhere in russia.... good luck ;) Btw: i highly doubt that "encrypted" wireless keyboards are implemented in such a way that it's secure to use them. I don't have one and no equipment to check, but experience teaches that the industry doesn't come up with secure solutions for the consumer market (or only after millions of people have complained and demonstrated that it's insecure, see the WEP desaster) Tobias > > The only practical solution i can see is using a laptop with good > > shielding and build a grounded copper case arround it. Make sure that > > there is no HF going out on any cables, no external devices etc. > > To meassure that the stuff really works, you may need an oscilloscope... > > Not everyone likes laptops. > > > I think the best is not to rely on encryption of hardware at all and > > consider everything 'buged'. The only 'secure' thing is ram and the cpu. > > Don't have a firewire port in your computer, it allows access to any > > memory location [2]. > > That's not a guarantee. But little change by little change will isolate > insecurities until a system is secure, right? (didn't somene coin the > phrase "security is a process"?) > > > Tinfoil hat linux [3] is worth a look (There are more interresting links > > on that page) > > > > Still paranoid? ;) > > > > > [snip] > > > > Tobias > > > > [1] > > http://64.233.183.104/search?q=cache:JcI2ggxM8OEJ:www.rootsecure.net/content/downloads/pdf/ssh_timing_attack.pdf > > > > [2] > > http://64.233.183.104/search?q=cache:YZy7R1pb6bUJ:pacsec.jp/psj04/psj04-dornseif-e.ppt > > > > [3] http://tinfoilhat.shmoo.com/ > > > regards, > > -peter > > -- > Here my ticker tape .signature #### My name is Peter Philipp #### lynx -dump > "http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed > -n 131,136p #### So long and thanks for all the fish!!!
