On Fri, 2016-05-20 at 17:13 -0700, Steve Calfee wrote: > A clever attacker would provide a false USB key which is "almost" > random. This would allow them to decrypt messages based on the false > key, with nobody else knowing there was a vulnerability. An almost > random number simplifies cracking. > > It is easy to exactly duplicate all the descriptors and functionality > in a false device. It could be easily done with a PIC, Arduino, or $9 > CHIP. Who could tell a key is false or genuine? The false device could > do the same dance with public keys (or whatever secret handshake you > setup). To a point.There is no reason a key would ever have to go over the wire unencrypted. You can get at it only by man-in-the-middle or if you get at the hardware. We can protect against sniffing and require authentification. > If a user cannot be sure a key is genuine, and a false key can leak > information, I don't see the point of anyone using such a USB device. You will have to trust your hardware if you run a computer. The questions of whether your hardware is indeed your hardware and whether you can trust your hardware are distinct. The former problem we can address. Regards Oliver -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
