On Thu, 2016-05-19 at 12:52 -0700, Keith Packard wrote:
> Oliver Neukum <[email protected]> writes:
>
> > I think we would need to use a form of public key cryptography
> > in the same manner used to verify authorship of emails. The host
> > would provide a nonce value that the device encrypts and returns.
> > The host would verify the signature.
>
> We're shipping the device containing the 'private key' all over the
> planet. How can you expect that to remain secure?
Good point. The logical answer would be to not ship the key. That means
that users would "format" their chaoskeys and get their private key into
the kernel by an attribute or ioctl.
Regards
Oliver
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
