[Gnuk-users] FST-01 is going to be non-reproducible any more

Tue Jan 12 02:10:25 UTC 2016


2016/01/12 9:29、NIIBE Yutaka <gniibe at fsij.org> のメッセージ:

>> On 01/11/2016 02:42 PM, NdK wrote:
>> Il 11/01/2016 02:47, Yuji -UG- Imai ha scritto:
>> 
>>> Yes, I found where gniibe mentioned about TEMPEST.
>>> It's in the japanese handbook of of FST-01. 
>>> http://no-passwd.net/fst-01-gnuk-handbook/gnuk-token-warnings.html#id1
>> Sorry, I don't understand Japanese :(
>> 
>>> I understand making cables with LC filter is enough, right?
>> Could be. Tests are needed.
> 
> There are two different things;
> 
>  * EMI and ESD protection regulations (like the one for CE marking)
>  * Possible attack like TEMPEST
> 
> Firstly, let me explain about EMI and ESD protection regulations.
> 
> The shield of the type-A plug connector of FST-01 is not connected to
> GND (It is intended to be inserted to the port directly).  If there
> are users who want to connect with extension cable, this design of
> FST-01 is wrong (not correct), and could be considered a bug.
> 
> If it is inserted by (longer) extension cable, it is recommended to
> connect the shield to GND.  How?  There are different opinions:
> 
> 
> http://electronics.stackexchange.com/questions/4515/how-to-connect-usb-connector-shield
> 
> For me... if I use an extension cable and it is short enough (say, <
> 15cm), I would just insert FST-01 with nothing (I mean, as-is).  If
> it's long (say, > 120 cm), I will modify my FST-01 making connection
> from the shield of type-A connector to GND directly.  If I will have
> another opportunity to manufacture, I will put a ferrite bead between
> the shield and GND.
> 
> Secondly, let me explain about an attack like TEMPEST.
> 
> I don't think it is likely to do some attack with electromagnetic
> interference from USB device remotely (even for the lack of shield-GND
> connection of FST-01).
> 
> A possible scenario would be "Hub in the middle".  An adversely put
> a hub between your computer and FST-01 to monitor USB signals.
> 
> If an adversary had an access to USB signals directly, the token is
> vulnerable by monitoring the communication (the passphrase will be
> stolen, decrypted data will be stolen, etc.).
> 
> Or... it is true that there are some side channel attacks against some
> RSA implementation, which can discover private keys by power analysis.
> However, I don't think such known attacks are feasible against the RSA
> implementation of Gnuk.  (Well, I think that if an adversary has an
> access to USB power line, it is equally likely he can get an access to
> USB signal lines...)
> --
> 
> _______________________________________________
> gnuk-users mailing list
> gnuk-users at lists.alioth.debian.org
> https://lists.alioth.debian.org/mailman/listinfo/gnuk-users