From: joel@airwebreathe.org.uk (Joel Holdsworth)
To: kernelnewbies@lists.kernelnewbies.org
Subject: Questions for a Kingston DT5000 driver
Date: Wed, 07 May 2014 00:56:00 +0100 [thread overview]
Message-ID: <53697690.6040507@airwebreathe.org.uk> (raw)
Hi Folks,
I've just joined this ML, and I'm hoping someone can give me some advice.
I've been experimenting with Kingston DT5000 hardware encrypted usb pen
drives, and I'm hoping to write a driver.
The DT5000 drives are probably most useful in corporate settings, where
sensitive need to be protected. They might also be useful for machines
that have sensitive information that must be left unattended. They also
have excellent tamper evident characteristics.
The device is a composite device containing an ejectable mass storage
device, and a read only virtual cdrom. The cdrom contains windows
software which autoruns and pops up a dialog that prompts the user to
give the password, this is then conded and sent to the device via USB
vendor control packets.
I've got quite far hacking around with the device with pyusb and usbmon,
and now I'm trying to gather information for a driver, so I have a few
questions:
First, via a series of messages the host PC uses Elliptic Curve Diffie
Helman to establish a shared secret with the DT5000. The shared secret
is then used to encrypt the password hash. I couldn't find any elliptic
curve code in the kernel. Is this correct? Perhaps there are patent
concerns? are there any plans to add it in?
For a device like this, how would the user space interface look? Would
one just make a sysfs file into which the the password plaintext is
written? Or is it more normal to enter it via some userspace application
that hashes and encrypts the password with the shared secret. Does
dm_crypt, or IPSEC stuff offer a pattern to follow here? Or are there
any very simple examples of password locking devices?
I'm trying to figure out where the crypto work should be done. If the
kernel did all the crypto, I guess the password interface would be very
simple. If the task is split with user space then this is going to
expose all this password hand-shake protocol to userspace - not such a
slick interface I would say.
Also, the device contains a few user programmable fields: For example
the owner's name, address, and a hint for the password etc. These things
are read-only when the device is locked, but become writable when the
device is unlocked. I suppose this information would be communicated via
sysfs. Is the pattern generally to have a separate file for each one?
Also are there any general comments that I should take on board as I
embark on this?
Thanks for your help
Best Regards
Joel Holdsworth
next reply other threads:[~2014-05-06 23:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-06 23:56 Joel Holdsworth [this message]
2014-05-07 9:36 ` Questions for a Kingston DT5000 driver Bjørn Mork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53697690.6040507@airwebreathe.org.uk \
--to=joel@airwebreathe.org.uk \
--cc=kernelnewbies@lists.kernelnewbies.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).