[Gnuk-users] FST-01 is going to be non-reproducible any more
Bertrand Jacquin
bertrand at jacquin.bzh
Sun Jan 10 11:19:26 UTC 2016
Hi,
I can't say I'm really a fan of Bluetooth for security concern, so if
this feature can be disable, I will be OK with that. Will is it possible
to disable the piezo ?
A few features I would like to see are:
- It would be great to make use of the internal storage chip as a read
only storage and make available the public_key as a plain text file
- NFC on Yubikey is I think a great to have, but I made no research
regarding the security concern and how far can you can data from
- Something more tiny and discrete
Cheers
On 05/01/2016 06:50, NIIBE Yutaka wrote:
> Hello,
>
> While updating the Seeed wiki page:
>
> FST-01 Wiki:
> http://www.seeedstudio.com/wiki/FST-01
>
> I realized that one of the parts (specifically, U2, LDO V-Regulator,
> CAT6217-330TDGT3) is discontinued.
>
> Still, I can see QTY=21,000 is avaiable at Rochester, though:
>
> https://www.rocelec.com/parts/results/all/?s=CAT6217-330TDGT3
>
> ... and we have alternative parts, too.
>
>
> * * *
>
> Well, 2016 would be the good timing to consider another hardware
> design.
>
> In this holiday season, I was considering use of Bluetooth for a
> crypto token, but my conclusion was: it's not good idea. I concluded
> that the use of Bluetooth should be limited to some HID feature, only.
>
> If using Bluetooth, I think that the size and complexity of other
> parts (than public key crypto for OpenPGP) will be bigger because of
> the protocol stack of Bluetooth and its encrypted communication
> channel. So, the major security risks will not be determined by Gnuk
> implementation itself.
>
> I am considering to release Gnuk 1.2.0. And to start development of
> new branch, removing RSA. Perhaps, it will be only with Curve25519
> and Ed25519.
>
> I think that Cortex-M0+ (with 1-cycle 32-bit x 32-bit -> 32-bit
> multiplier) running at 48MHz can be good token for OpenPGP (or SSH).
>
> While Cortex-M3 does 32-bit x 32-bit -> 64-bit multiplication takes
> 3-5 cycles and it is not constant-time (it skips cycles for smaller
> values). I don't think it is easy to mount this fact to build a real
> attack, but 1-cycle 32-bit x 32-bit -> 32-bit multiplier would sound
> good for constant-time lovers.
>
> I'll port Chopstx to Cortex-M0+. Then, I'll consider Gnuk25519.
>
> User interface of a token is also important. I'm considering
> something like HID device; a piezo buzzer for notification and a
> button for acknowledgment/confirmation.
--
Bertrand
More information about the gnuk-users
mailing list