CryptoDuino

A simple USB keystore to perform basic cryptographical operations for various use cases.

Linux disk encryption
Signing with a private key
Encrypting/decrypting with
Key erasure on external triggers e.g. switch trip, analog value fluctuation, power loss

SRAM-only Keyfile for dm-crypt

One problem of deploying embedded software in an untrusted environment is that you want your primary device to be disabled once any attempt of break-in is detected. Assuming that the primary device uses dm-crypt for full-disk encryption, you either have to keep the passphrase off-disk via an external storage (weak, does not self destruct), or roll out a millitary grade secure enclave into all of your devices.

How about something cheap and dirty?

Over here we simply store the keyfile in SRAM on the duino. We expose a

References:

dm-crypt: https://wiki.archlinux.org/index.php/dm-crypt/Device_encryption#Keyfiles
LUFA: https://github.com/Palatis/Arduino-Lufa
- Apparently the setup scripts are broken for the latest Arduino IDE so I'll be using relative pathing
enstix: https://github.com/flabbergast/enstix/tree/master/sources

Google Sites

Report abuse