[OpenAFS-devel] openafs - proposed cache security improvement
Sean O'Malley
omalleys@msu.edu
Sat, 31 Mar 2007 15:46:07 -0400 (EDT)
On Sat, 31 Mar 2007, Jim Rees wrote:
> I certainly would argue against deploying user private keys on a non-secure
> device like an iPod. We've been using Cryptoflex cards for testing, but I'd
> prefer a usb solution. Unfortunately the thumb size Cryptoflex has been
> discontinued and I've been unable to find a suitable replacement.
>
> Now if we could just convince Apple to include a tamper-resistant crypto
> engine in the iPod you would be on to something.
So you want everyone to get a cryptoflex or smartcard reader?
I don't see a huge difference between software and hardware encryption
that is using a salt of a serial number along with other things.
Software it would be easier to hack but also a lot easier to change.
The one thing that would be different between what Apple can really
provide and what you want is, that you don't care if it works on another
device or not.
If you embed it in the MSU fight song, then you can also provide
checksums, and have multiple keys, or fake keys involved and possibly
salted with password. I think it would be more tamper resistant, then say
MIT's proposed solution, of everyone getting a USB thumbdrive with their
keys. (I thought they implemented this but I am not sure, I thought it was
insanely stupid at the time, but maybe their students don't lose/misplace
their keys, take showers, etc.)
What -exactly- would you want Apple to include?
--------------------------------------
Sean O'Malley, Information Technologist
Michigan State University
-------------------------------------