What is the advantage of a smart card over a standard encrypted thumb drive?
On 10/17/2015 11:19 AM, Razvan Dragomirescu wrote: > Thank you Ivan, I've taken a look but as far as I understand your > project only signs the HiddenService descriptors from an OpenPGP card. > It still requires each backend instance to have its own copy of the > key (where it can be read by an attacker). My goal is to have the HS > private key exclusively inside the smartcard and only sign/decrypt > with it when needed but never reveal it. An attacker should not be > able to steal the key and host his own HS at the same address - the > address would be effectively tied to the smartcard - whoever owns the > smartcard can sign HS descriptors and decrypt traffic with it, so he > or she is the owner of the service. > > Best regards, > Razvan > > -- > Razvan Dragomirescu > Chief Technology Officer > Cayenne Graphics SRL > > On Sat, Oct 17, 2015 at 4:43 AM, Ivan Markin <[email protected] > <mailto:[email protected]>> wrote: > > Hello, > Razvan Dragomirescu: > > I am not sure if this has been discussed before or how hard it would be > to > > implement, but I'm looking for a way to integrate a smartcard > with Tor - > > essentially, I want to be able to host hidden service keys on > the card. I'm > > trying to bind the hidden service to a hardware component (the > smartcard) > > so that it can be securely hosted in a hostile environment as > well as > > impossible to clone/move without physical access to the smartcard. > > I'm not sure that this solution is 100% for your purposes. But > recently > I've added OpenPGP smartcard support to do exactly this into > OnionBlance > [1]+[2]. What it does is that it just signs a HS descriptor using > OpenPGP SC (via 'Signature' or 'Authentication' key). [It's still a > pretty dirty hack, there is no even any exception handling.] You > can use > it by installing "manager/front" service with your smartcard in it via > OnionBalace and balancing to your actual HS. There is no any bandwidth > limiting (see OnionBalance design). You can setup OB and an actual > HS on > the same machine for sure. > > > I have Tor running on the USBArmory by InversePath ( > > http://inversepath.com/usbarmory.html ) and have a microSD form > factor card > > made by Swissbit ( > > > > www.swissbit.com/products/security-products/overwiev/security-products-overview/ > > <http://www.swissbit.com/products/security-products/overwiev/security-products-overview/> > > ) up and running on it. I am a JavaCard developer myself and I have > > developed embedded Linux firmwares before but I have never > touched the Tor > > source. > > There is a nice JavaC applet by Joeri [3]. It's the same applet that > Yubikey is using. You can find well-written tutorial of producing your > OpenPGP card at Subgraph [4]. > > > > > Is there anyone that is willing to take on a side project doing > this? Would > > it be just a matter of configuring OpenSSL to use the card (I > haven't tried > > that yet)? > > I'm not sure that it is worth to implement a card support in > little-t-tor itself. As I said, all the logic is about HS descriptor > signing. Python and other langs that provide readablity will provide > security then. > I think/hope so. > > [1] https://github.com/mark-in/onionbalance > [2] https://github.com/mark-in/openpgpycard > [3] http://sourceforge.net/projects/javacardopenpgp/ > [4] https://subgraph.com/sgos/documentation/smartcards/index.en.html > > Hope it helps. > -- > Ivan Markin > /"\ > \ / ASCII Ribbon Campaign > X against HTML email & Microsoft > / \ attachments! http://arc.pasp.de/ > > > _______________________________________________ > tor-dev mailing list > [email protected] <mailto:[email protected]> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > > > > > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
