Tamper-evident paper-mail box for secure distribution of one-time pads
A simple device for secure transportation of OTP keycards, solves the problem of secure distribution of encryption keys. Tampering will be detected.
This is part three in a series about secure communication:
1.Ā Random Number Generator [150116]
2.Ā One-time pad OTP Crypto System [160510]
3. Tamper-evident paper-mail box for secure distribution of one-time pads (this article)
After having generated one-time pads (see PartĀ 2) using the true random-number generator (see PartĀ 1), the SD cards containing the keyfiles need to be transported securely to a remote peer. This device enables the secure transportation through any papermail or any similar carrier. Opening the metal box and reading the contents of the SD card can't be prevented, but then the recipient will be warned and this OTP keyfile will never be used for encryption.Ā The eavesdropper will then only end up wil gigabytes of useless random numbers.
Description of operation:
-The circuit inside an aluminum box is powered with one CR2032 button battery. Totaly enclosed inside the aluminum box, with only two drilled holes for IRDA interface.
-The area around the SD card inside the box is "protected" by two open-plate capacitors and one phototransistor.
-If the Cx1 or Cx2 capacitance, or T1 illumination changes significantly, the SRAM zeroisation is triggered. The same happens if the battery voltage drops too low, or if a wrong "challenge" sequence is entered through the IRDA.
-If a recipient enters a correct "challenge" sequence through the IRDA, the correct "response" sequence is returned through the IRDA. Now the recipient knows that nobody has tampered with the box during the tranportation. The random number sequence on received SD card is now OK to be used for encryption.
-Both "challenge" and "response" sequences are kept in MCU SRAM. They are defined through the IRDA before sending a packet through a papermail. The SRAM bytes are inverted bitwise every 1 second to avoid various "burn-in" effects inside SRAM memory.Ā
Ā
1.Ā Random Number Generator [150116]
2.Ā One-time pad OTP Crypto System [160510]
3. Tamper-evident paper-mail box for secure distribution of one-time pads (this article)
After having generated one-time pads (see PartĀ 2) using the true random-number generator (see PartĀ 1), the SD cards containing the keyfiles need to be transported securely to a remote peer. This device enables the secure transportation through any papermail or any similar carrier. Opening the metal box and reading the contents of the SD card can't be prevented, but then the recipient will be warned and this OTP keyfile will never be used for encryption.Ā The eavesdropper will then only end up wil gigabytes of useless random numbers.
Description of operation:
-The circuit inside an aluminum box is powered with one CR2032 button battery. Totaly enclosed inside the aluminum box, with only two drilled holes for IRDA interface.
-The area around the SD card inside the box is "protected" by two open-plate capacitors and one phototransistor.
-If the Cx1 or Cx2 capacitance, or T1 illumination changes significantly, the SRAM zeroisation is triggered. The same happens if the battery voltage drops too low, or if a wrong "challenge" sequence is entered through the IRDA.
-If a recipient enters a correct "challenge" sequence through the IRDA, the correct "response" sequence is returned through the IRDA. Now the recipient knows that nobody has tampered with the box during the tranportation. The random number sequence on received SD card is now OK to be used for encryption.
-Both "challenge" and "response" sequences are kept in MCU SRAM. They are defined through the IRDA before sending a packet through a papermail. The SRAM bytes are inverted bitwise every 1 second to avoid various "burn-in" effects inside SRAM memory.Ā
Ā
Updates van de auteur