On Thu, 2016-05-19 at 21:59 +0200, Oliver Neukum wrote: > On Thu, 2016-05-19 at 12:52 -0700, Keith Packard wrote: > > Oliver Neukum <oneukum@xxxxxxxx> writes: > > > > > I think we would need to use a form of public key cryptography > > > in the same manner used to verify authorship of emails. The host > > > would provide a nonce value that the device encrypts and returns. > > > The host would verify the signature. > > > > We're shipping the device containing the 'private key' all over the > > planet. How can you expect that to remain secure? > > Good point. The logical answer would be to not ship the key. That means > that users would "format" their chaoskeys and get their private key into > the kernel by an attribute or ioctl. Actually their public key. The private key should be erased on the host. If you lose your chaoskey and somebody reads out the flash you are done for. But nobody could pretend to be your chaoskey. Regards Oliver -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
