[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
|
Hi Simon, I'll prepare a blog post that goes into more detail and explains everything fully. There are 256 bit AES encryption keys stored on the EEPROM (external memory chip attached to the Arduino) which are encrypted using the 256 bit AES key stored on the ring (only 144 bytes available on the ring so 4 possible keys planned for different operations (logging in, mounting encrypted system 1, system 2, etc). I essentially paired the ring to the EEPROM so that if the ring is lost or cloned you also need physical access to the Arduino to gain system entry. So the ring AES key decrypts the EEPROM AES key which is then sent over the serial connection to the host PC. This is then used to authenticate the user by decrypting a file stored on the PC with a known value. The known value is compared to the decrypted value and if the two match then authentication is allowed. Alternatively the key from the EEPROM is used as the decryption key for the LUKS encrypted file system. Using AES was simpler and so I opted for this with the time restraints on the presentation I had planned, however I am also looking at other encryption mechanisms such as public key. Still a work in the progress but that's how it is currently put together. Hope that makes a bit more sense. On 24/04/15 16:46, Simon Waters wrote:
|
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq