Toucan email communication
Written by Dominik Joe Pantůček on 2018-06-14
cryptoucanAs we have shown during the last few weeks, there are certain confidentiality, integrity and authenticity problems with email communication. We have already shown, that there is some decent cryptography available today that can improve the security of email communication. The only unsolved problem left is how to secure your cryptographic keys when you cannot trust your own computer. Good thing is, you can secure your digital identity even in case your personal computer gets compromised. Read on to learn what we have designed.
Protecting users' identity requires more and more effort every year. As the information technologies penetrate virtually all aspects of people's lives and computers become more and more complex, it seems to be an inevitable problem the systems become so complex that they cannot be trusted anymore. It is possible to address this problem at the core - use different operating system architecture. Micro-kernel[1] based approach with strict process and user separation would have less problems than current major operating systems have today. But we are not trying to solve this class of problems. Given the latest discoveries of really bad design decisions in CPU architectures[2], it would be an impossible mission anyway.
About a year ago we decided to overcome the major problems of this class by developing a secure cryptographic token to store the signing and encryption keys. But we wanted to protect the secret material without any compromises. Therefore we designed a cryptographic token Alice and Bob can use to ensure their digital identities do not get compromised even if it becomes impossible for them to trust their own computers. So, let's have a look at the final episode of our electronic mail soap opera:
Video 1: Episode 3 - Electronic mail: Toucan communication While designing the token we wanted to provide military grade security in all of the imaginable areas. Such as:
-
Physical security - multi-layer tamper protection.
-
Device PIN protection - with key-derivation function used for protecting the private content.
-
Symmetric cryptography - AES[3] even for protecting the internal data storage.
-
Asymmetric cryptography - only well-tested implementation of Montgomery curve[4] and Twisted Edwards curve[5] are supported.
-
Hardware PIN pad - the computer cannot be trusted to enter PIN, therefore the token has its own keyboard.
-
Side-channel attacks - voltage, current, or even temperature.
-
RF protection - the device does not emit any electromagnetic waves with patterns even remotely connected to what is happening with the secret material.
This is just a sneak peek into the features of the actual token. We will gradually reveal the complete list with detailed descriptions of each security measure the token provides as well as limitations - because no security solution can help without appropriate usage. And maybe next week we will show you the actual Cryptoucan™.
Thank you for staying with us and rest assured there is much more to come. See ya next week!
References
-
Wikipedia contributors. (2018, May 11). Advanced Encryption Standard. In Wikipedia, The Free Encyclopedia. Retrieved 23:04, June 13, 2018, from https://en.wikipedia.org/w/index.php?title=Advanced_Encryption_Standard&oldid=840614790
-
Wikipedia contributors. (2018, March 8). Montgomery curve. In Wikipedia, The Free Encyclopedia. Retrieved 23:05, June 13, 2018, from https://en.wikipedia.org/w/index.php?title=Montgomery_curve&oldid=829361229
-
Wikipedia contributors. (2018, April 1). Twisted Edwards curve. In Wikipedia, The Free Encyclopedia. Retrieved 23:05, June 13, 2018, from https://en.wikipedia.org/w/index.php?title=Twisted_Edwards_curve&oldid=833549559