An idea that might be worth picking up in a future version of the CryptoStick is to add a physical button for allowing exactly one authentication to be processed. That would ease the detection of a compromised computer trying to use the authentication key on the stick. (The same could easily be required for decryption and signing, of course.)
The reason I’m asking is because the CryptoStick 1.* is lacking a useful security feature: The possibility to prevent a compromised local computer to use the key as it likes as long as it is inserted and the PIN has been entered once (or even without a PIN for the authentication key).
Of course a button would make the usage more secure in untrusted environments such as Internet Cafes. The important question for us as a project is whether this would help the majority of the users or would only be a hassle for them (because of more complicated usage). We were only asked a few times to integrate a button for such purposes. Hence, I don’t have the impression many people would want to use a button. As a consequence we might consider to integrate a button but make it configurable for the user, whether they want to use it or not. But in any case this would make the Crypto Stick slightly more complex, heavier, larger, expensive, error-prone and less robust. I’m not saying that these aspects are so strong that they are show stoppers but instead such decisions needs to be done thoughtful. At the moment I don’t think the demand balances the drawbacks.
Once we will have integrated one-time-password functionality, a button might be more necessary as it is now: Here I’m talking about a future feature which would allow to authenticate via a one-time-password (OTP) (in addition to current features). In order to avoid any software dependency, on the interface level the Crypto Stick would act as an ordinary USB keyboard. To allow users to “type” the OTP they would just need to press the button.
if i let my laptop on (password locked ;p) and go grab lunch, i won’t see the LED either
so having a push button make sense. Now, its not convenient to push it for every single auth (specially if you’re going to use it with SSH or the like!).
I mentionned caching the key for 2min after a click, but actually what i’d rather have is a switch, or a button that keep it’s state, or a button+a led indicating status.
basically, push the button/switch and you can auth as many times as you like. push it back/switch to off position, and you can’t auth anymore.
Thinking this further that’s how I’d implement it:
keep the current led, but have it 2 colors (red and green for example)
add a push button
One push on button, led goes solid green
auth, sign, etc request, led blinks red, then back to solid green
push button again, led goes dark
choose default state on plugging in somewhere in the stick config, for the ones who want the old operation (so you don’t have to push the button when you plug it in)
Interesting suggestions. The key point is if your computer to be infected, conceptionally you can’t prevent the malware from sending whatever data it wants to the stick - no matter whether you watch the LED or not. Even if you see the LED blinking as expected at time you decrypt an email, you don’t know if your computer send the right e-mail for decryption to the stick or a different e-mail. If you want to be secure against those kind of attacks, you at least need a display (as you suggested) and a PIN pad integrated (I think in Germany/EU it’s called a class 3 device). Just having the PIN unlocked for a limited period doesn’t help anything.
Yes and no, there are several cases where you don’t need to be compromised for this to be acceptable, for example SSH authentication via agent forwarding.
I’m not certain it can be logically feasible to time the authentication request from the remote server without compromising you or the agent or both.
For malware running on your host, it also may not have complete access to your system (specially if you’re sandboxing processes) and timing the attack might be impossible in certain cases.
I know the devices with the pinpad and display and they’re heavy and big (well, relatively speaking). I used to setup those at a company.
Anyhow, with the current CryptoStick you’re also vulnerable to some level of passphrase sniffing since you’ve to input that on the host, and having a pinpad is not convenient. My solution is sort of in between, although it would be good to have an LCD telling you what you’re encrypting, signing or giving access to (at least what key id) I guess.
I agree that under some circumstances such feature would prevent certain attacks. However, we need to consider the following:
Even an expert user could never be sure whether he was attacked successfully or not. This leads to the risk of selling “snake oil”. At the 28C3 you find a presentation exploiting exactly this weakness at a level 2 card reader.
What should the default setting be? Would it become more difficult for non-expert users to use? Instead it should become an optional feature - if ever.
A button would make the device larger, more expensive. However, we are considering to include a button in future versions but use it primarily for OATH one time passwords (a future feature enabled in parallel to the smart card) instead of signatures. You are welcome to implement the proposed feature once we have the button.
For security applications in general and also the Crypto Stick specifically it is important to make the usage simple and that users understand the risk implications of their behaviours. The true and simple message is that on infected computers the Crypto Stick protects your secret keys from being compromised permanently but it doesn’t protect the session from being compromised or hijacked. If you feel you need to protect against this case, you better format your computer and buy a class 3 smart card reader instead of ending in a uncertain state of potentially being compromised. A button might protect you a little bit in certain cases, depending on the features of the attacking malware. But you would never know for sure.
