Question: Storage for PGP/SSH/... keys - TPM functionality

[dumblob]

I know this might be a bit over the top for Signet, but I dare to ask anyway.

Is Signet so ambitious, that it could be used also for PGP or similar? This basically boils down to the question if there are any plans to support a subset of the functionality of a Trusted Platform Module?

I would guess not, because the HW is simply not powerful enough and also doesn't have the required space. But maybe I'm wrong.

[nthdimtech]

I am going to try to do this. There would be limitations in terms of the processing speed of the device (only 48Mhz) and the transfer rate of the port (only 1Mb/s) but other than that I think Signet can take this role. After the more immediate deliverables are taken care up I will start doing some proof of concept work on this.

Thanks, Neils

On November 11, 2017 7:14:14 AM PST, dumblob notifications@github.com wrote:

I know this might be a bit over the top for Signet, but I dare to ask anyway.

Is Signet so ambitious, that it could be used also for PGP or similar? This basically boils down to the question if there are any plans to support a subset of the functionality of a Trusted Platform Module?

I would guess not, because the HW is simply not powerful enough and also doesn't have the required space. But maybe I'm wrong.

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/nthdimtech/signet-firmware/issues/11

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

[dragon788]

Doesn't necessarily need to be a TPM, but something like the Nitrokey or Gnuk's smartcard appearances would also allow for GPG use.

[dumblob]

@nthdimtech any news on this?

[nthdimtech]

I will finally take this on encryption facilities in the Signet High-Capacity effort. https://www.crowdsupply.com/nth-dimension/signet-high-capacity/.

It's an open question still whether or not all of the algorithms to do any particular task will fit in original Signet without needing to reclaim storage space. Once I've done the math I may have to break it down and create a user survey to determine what crypto features should be in the original Signet firmware releases. If there is any significant division I may even deploy a few different combinations of feature sets for different types of users

[dumblob]

Wow, congrats to the new "Signet flash disk" effort - will it also offer higher protection against environmental risks like temperature (-30 up to +80 Celsius degrees), water (IP55 or higher disregarding the USB connector itself) and salt (in ocean water, in the air humidity on a seashore, ...)? You might answer this question directly in the Crowdsupply campaign :wink:.

But will at least some basic functionality be available also for the original Cortex M4 Signet? It shall be technically possible even if tight (there might be also the option to implement some space-hungry functionality in the desktop Signet client so that Signet itself would do the absolute minimum from the security point of view).

[nthdimtech]

80c I think is already handled but I think -30c is not happening.

I think IP55 is a good goal but also still a challenge. I am still planning on 3d printing the buttons and the 3d printing tolerances are wide enough to potentially thwart any attempt to seal the button area. If the campaign is successful enough to justify the cost of injection molding the button then I think IP55 is worth a shot.

High humidity is in the same category as IP55. The PCB buttons I'm considering aren't sealed. High manufacturing tolerances are needed for the case button to use the low profile tiny sealed switches.

I'll get into detail on these things when the campaign launches. Right now things are still too much in flux to promise environmental protections

[dumblob]

Right now things are still too much in flux to promise environmental protections

Take your time.

Regarding -30 degrees, that's a pity as it's a standard temperature in Canada, Norway, Finland, Sweden, Russia... It's interesting - they all use their iPhones, Android phones etc. in these temperatures outside :open_mouth:. I was myself really surprised when I stood few hundred kilometers north from the arctic circle and saw that these devices mostly do work "acceptably well" - e.g. LCDs get slower.

[nthdimtech]

I looked at all the components and it looks like the design is good from -25c to 85c. Keep in mind these are operating temperatures. I'd bet they can handle somewhat lower storage conditions.

I suspect not many people would operate a laptop or desktop at -25c. Connecting to a phone via a cable at that temperature would still be a liability but probably still pretty unlikely. In order to lower the operating temperature to -40c requires a significant increase to the components cost. There is nearly a 2x price premium for wide temperature range eMMC memories.

[dumblob]

Thanks for the survey. -25 is still fine (I was afraid, that the number will be maybe -5 or 0 :wink:).

[nthdimtech]

Back on the subject of cryptographic functions I think I'm going to prioritize U2F support for Signet. If I can manage that I'll see how much space is left then

[dumblob]

I didn't have time to follow signet development for quite long, so bare with me.

Are there any news on U2F support?

I got suddenly a strong use case for U2F, but I'm not sure I can count on my signet :wink:.

[nthdimtech]

U2F is already supported. I use it for several accounts.

https://www.crowdsupply.com/nth-dimension/signet-high-capacity/updates/2fa-progress

It doesn't require any setup. Whenever a site requests you validate your U2F device Signet should start blinking.

[dumblob]

U2F is already supported. I use it for several accounts.

I own two Signets (not Signet HCs) and the Crowdsupply update doesn't talk about this original Signet. Does it work seamlessly too?

[nthdimtech]

Oh sorry for the confusion. I determined it wasn't feasible to support U2F on the original Signet. The additional cryptographic libraries and command protocol logic wouldn't fit in the remaining available RAM on the microcontroller. It could be done if it was a U2F only device but it would be essentially a different product.

[urcien]

Oh, what a pity. Anyway thanks for investigation. Live goes on.

It could be done if it was a U2F only device but it would be essentially a different product.

Any hints how this could be achieved? Giving people this option could actually make sense (at least in my case it does make a lot of sense).

[nthdimtech]

There is a way that is not too difficult but would still require some coding: To adapt the Solo keys source to Signet. https://github.com/solokeys/solo

I used the Solokeys source to implement the FIDO2 protocol in SignetHC and it already works on the same microcontroller as Signet. I think we ended up picking the same MCU because we had similar design constraints.

An adaptation would just have to use the STM32L432 build and change the interface code so it knows which pins to read/write to register button presses and turn on the LED's.