I'm sure there are problems with this, but here's my idea of preventing improper authentication. At best, I think the attacker would only be able to DoS the device, or attempt replay - which would fail without the correct time-delay. I think some kind of two-part blackbox auth with time delay was what I was trying to get at :)
** = an event
<--> = any traffic that crosses USB peripheral border, ie vulnerable data
[KP] = USB (for instance) input peripheral, with keycode entry pad
[RS] = Remote authentication site
**[KP] is intialized upon deployment like a SecurId. It is synced with the auth server based on time, and several static algorithms.
**[RS] is on the same time as [KP]
**[RS] knows [KP] time-delay algorithm, and control algorithm, assoc. w/KPID.
**
>Upon being plugged in, heres what would happen:
[KP] -- Remote auth SYN request, w/encrypted KPID sent --> [RS]
**[RS] determines what time-delay algorithm [KP] is on by KPID. (KPID encryption is static to all components - possible point of failure.)
[KP] <--------------------- ACK sent back ---------------- [RS]
[KP] <--- Traffic averages analysis between KP and RS ---> [RS]
**[KP] flashes green light to user
**[KP] <-- User enters Keycode ------- [USER]
**[KP] calculates two hashes, based on separate date/time sequence selected algorithms that are created using the current synced time, and a unique control algorithm determined during intialization.
[KP] --------- transmits first hash sequence to ---------> [RS]
**[KP] waits x cycles based on a unique time-delay algorithm [RS] knows by KPID.
[KP] --- transmits second hash sequence to [RS] ---------> [RS]
**[RS] uses earlier traffic analysis to determine an acceptable level of tolerance for receipt time, and determines consistency with time-delay algorithm for KPID.
**[RS] authenticates data
[KP] <----- Close session, pass/fail errout to KP -------- [RS]
**[KP] shuts down USB port, no further traffic until reset (several ways to do that)
[Compromised PC] <------------- Session ------------------ [RS]
What do you think?
--
___________________________________________________
Play 100s of games for FREE! http://games.mail.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
