Title: secure physical payment dongle development Post by: r2k-in-the-vortex on June 20, 2011, 10:00:39 PM so an idea about physical payment token arised on irc,
main points * keypad for pc independent pin code entry * cheap 7seg screen for payment sum confirming * prom for program memory(possibly a protected ucontroller) to guarantee uninfected device side software * eeprom for wallet.dat(encrypted with decryption key only on prom with read disable keys switched on prom) * some communications with pc to get payment data for user to confirm and to sysnc wallets benifits * protection against infected pc, private keys never leave the device * over the counter payment pitfalls * even protected ucontrollers are suspectible to power use analyzis, and other grazy hackery eg like this http://www.bit-tech.net/news/bits/2010/02/10/tpm-security-cracked-wide-open/1 * nothing protects against http://xkcd.com/538/ http://groups.google.com/group/bitcoincard http://bitcoincard.wikispot.org/Front_Page |