[Gnuk-users] [PATCH RFC] Requiring a physical presence for authentication

Jonathan McDowell noodles at earth.li
Wed Aug 9 21:49:13 UTC 2017 

One of the reasons I make use of a hardware token to handle my PGP keys
is that it prevents anyone who attacks my machine getting hold of my key
material, while still allowing me to easily make use of it. However it
doesn't stop someone attacking my machine and making use of that key
material while the token is still plugged in.

The "obvious" answer is to unplug the token when I'm not using it. That
helps, but doesn't eliminate the opportunity for someone to wait until
the token is inserted and then do a bunch of signatures using it. It's
also inconvenient.

I've recently been playing with the Maple Mini as a GnuK device. It has
a hardware button and an LED on it, and it occurred to me that I could
add a requirement that the button must be pressed in order to perform
any operation that requires PIN authentication. This is in *addition* to
the PIN requirement, rather than instead of.

The attached patches implement this; I've hacked up ac.c to turn on the
LED and wait for up to 10 seconds for a button press, and return failure
if one is not seen.

It's hacky; I think ideally chopstx should be providing a pbutton()
function or at least a way to query GPIOs rather than me open coding the
function in ac.c, but it achieves what I want and thus seems to be a
good start for potential discussion. Is this of interest to any one
else?

Finally although the Maple Mini is cheap and easy to play with it
suffers from not being the best form factor. I'd much prefer something
that I could attach to a (physical) keyring and not worry about. The
FST-01 has a couple of GPIOs brought out IIRC, which would allow for a
button + LED to be added, but it doesn't seem they're being produced any
more? The Nitrokey is still around, but I don't think the hardware is
hackable in any way so I don't think that's an option? Is there anything
else out there I'm missing?

J.

-- 
Web [   OK, if we can't have a tour, can we at least have a look   ]
site: http:// [                 around?                  ]       Made by
www.earth.li/~noodles/  [                      ]         HuggieTag 0.0.24
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chopstx-maple-mini-button.diff
Type: text/x-diff
Size: 1082 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20170809/e291107b/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnuk-auth-button.diff
Type: text/x-diff
Size: 1334 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20170809/e291107b/attachment-0001.diff>

More information about the gnuk-users mailing list