D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Slides and other resources from talk on NFC related security enhancements focussed on Linux

 

On Fri, Apr 24, 2015 at 05:09:37PM +0100, Ben Whorwood wrote:
> There are 256 bit AES encryption keys stored on the EEPROM (external memory
> chip attached to the Arduino) which are encrypted using the 256 bit AES key
> stored on the ring (only 144 bytes available on the ring so 4 possible keys
> planned for different operations (logging in, mounting encrypted system 1,
> system 2, etc).
> 
> I essentially paired the ring to the EEPROM so that if the ring is lost or
> cloned you also need physical access to the Arduino to gain system entry.
> 
> So the ring AES key decrypts the EEPROM AES key which is then sent over the
> serial connection to the host PC.

I know next to nothing about NFS, but couldn't someone steal the AES key
by either listening on it being sent from the ring to the Arduino or,
more likely, by having a fake listener pretending to be the Arduino?

Anyway, looks like it was a cool talk judging from the slides. Looking
forward to reading the blog!

Martijn.

Attachment: signature.asc
Description: Digital signature

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq