On Fri, 2016-05-20 at 17:13 -0700, Steve Calfee wrote:
> A clever attacker would provide a false USB key which is "almost"
> random. This would allow them to decrypt messages based on the false
> key, with nobody else knowing there was a vulnerability. An almost
> random number simplifies cracking.
>
> It is easy to exactly duplicate all the descriptors and functionality
> in a false device. It could be easily done with a PIC, Arduino, or $9
> CHIP. Who could tell a key is false or genuine? The false device could
> do the same dance with public keys (or whatever secret handshake you
> setup).
To a point.There is no reason a key would ever have to go over the wire
unencrypted. You can get at it only by man-in-the-middle or if you get
at the hardware.
We can protect against sniffing and require authentification.
> If a user cannot be sure a key is genuine, and a false key can leak
> information, I don't see the point of anyone using such a USB device.
You will have to trust your hardware if you run a computer.
The questions of whether your hardware is indeed your hardware
and whether you can trust your hardware are distinct.
The former problem we can address.
Regards
Oliver
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
