CIYAM (OP)
Legendary
 Offline
Activity: 1890
Merit: 1078
Ian Knowles - CIYAM Lead Developer
|
 |
July 16, 2013, 11:00:04 AM
Last edit: July 16, 2013, 11:19:22 AM by CIYAM Open |
|
After recently considering 2FA (and seeing the obvious potential weakness inherent in passing a "shared secret" to a connected device) I recalled something that had amazed me some months back with HTML 5 (the ability for a web page to be able to use your webcam in order to take a photo) and then from following the Trezor project and other similar ones I suddenly came up with I what I think could be a much broader idea regarding both security and privacy.
The idea would be to create a new type of smartphone/tab computer than can (hardware selectively) operate either "normally" or instead as an "offline" device. When operating as an "offline" device it would have no access to any networking hardware and would use separate storage (including OS) to its normal mode and it would on first boot create a GPG key pair (prompting for a password and perhaps also displaying a unique key to be written down for backup restoration purposes).
Q. How does the device in "offline" mode communicate with something that is online?
A. Only one way - via QR codes (something I've already done a bit of work with when I created the CIYAM Safe). I am thinking that a very simple file format can provide all that is needed for the device to understand what to do with any particular QR code that it sees (codes may also be divided up into multiple parts of course for larger amounts of data).
Now here are some ideas of what am I thinking that the device could be used for:
1) Create new website accounts by simply showing a QR code of the GPG public key and then later being able to login to such websites with a show, scan and show again approach (the first show to tell the server the public key, the scan to scan a GPG encrypted message from the server with some information that the receiver must acknowledge and the final show being the acknowledgement itself).
It may be a tad clunky but I think it wouldn't be really be more effort than using a yubikey is.
2) Create bitcoin addresses and sign tx's offline (of course Trezor and other devices can do this but this device would be able to do this in a completely "air-gapped" manner). Also being able to sign a message with a private key to "show ownership" could be handy.
3) Send or receive GPG encrypted private messages (where perhaps the scan and show approach might actually make GPG easier to use for the masses which seems to be one of its biggest problems for widespread adoption).
Q. What is the benefit from combining the "offline" device with an "online" one?
A. Assuming that this *can* be done safely then it gives you the convenience of only needing a single device.
Questions and comments welcome.
|
