Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added a PW4 duress PIN for self-destruct functionality #43

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Added a PW4 duress PIN for self-destruct functionality #43

wants to merge 2 commits into from

Conversation

thotheolh
Copy link

Created a new type of PIN called the PW4. It's main functionality is for duress and coercion resistance function when at as a last resort the user reveals PW4 instead of PW1 or other PWs.

PW4 is entered like a normal PW1 with the difference being once PW4 is triggered, it will immediately wipe all the PGP keys as a user triggered tamper response.

A new function called checkPIN would take in a targetPIN (PW1) and a PW4 and do comparison. During checkPIN function, it will randomly select to check PW4 first or check target PIN first in an effort to prevent power glitching attacks on the chip.

A PW4 has the default trigger PIN code of 'KABOOM!!!' and the user calling CHANGE REFERENCE DATA with P2 = 0x84 would supply the first half of the data as PW1 and second half as the intended PW4 actual PIN code that the user desires. By sending PW1 concatenate with PW4 behind, the PW1 is to allow an actual user to authenticate into the card to proof that it is the actual user (PW1) who is going to issue a command to change PW4 PIN code.

The PW4 tamper trigger is actively listening under these conditions:

  • PW1 activities (sign, decrypt, authenticate by PGP keyset)
  • Changing of PW1 PIN code
  • Changing of PW4 PIN code

PW3 and RC activities are left unaffected by PW4 tamper triggering activities to prevent accdientally tripping the PW4 by accident by PW3 or by RC activity.

Under duress situation when a user maybe coerced by captives, users are recommended to do the following OPSEC measures:

  • Resist revealing any PIN code initially
  • Upon further stress applied (during interrogation and whatsoever), reveal PW4 in a reluctant manner when held under captive).
  • When asked to enter PIN code, only supply PW4 and never reveal PW1 as a last resort.

Email me at : [email protected] for further communication.

@coveralls
Copy link

Coverage Status

Changes Unknown when pulling 8de6322 on thotheolh:master into * on Yubico:master*.

@a-dma
Copy link
Member

a-dma commented Aug 22, 2016

Hey,

fist off, thanks for the contribution. I'll be completely honest. Right know for us is hard to merge this, it diverges too much from the official OpenPGP Card specifications. However, I think it's an interesting addition. I'll try to contact the people who write the specifications and see what they have to say about it.

This will probably take a while.

@thotheolh
Copy link
Author

Hi. I have attempted to contact Achim Pietig who maintains the OpenPGP card standard but to no avail for a while. Do contact Achim Pietig (author of OpenPGP card standard) and seek advise. Also, it would be nice if Achim Pietig could include such a feature in OpenPGP card 4.0.

@a-dma
Copy link
Member

a-dma commented Aug 22, 2016

Yes, I had a quick discussion with him. It's always very tricky to add this kind of things to specifications and as I said it takes time, so don't expect a super quick turnaround.

Let's see how it goes :)

…Applet and all PGPKey setDPX() methods to take their tmpBuf from the newly created pgpTmpBuf.
@coveralls
Copy link

Coverage Status

Changes Unknown when pulling fcadeb4 on thotheolh:master into * on Yubico:master*.

@thotheolh
Copy link
Author

I wanted to open a new pull request and create another topic but somehow my changes were detected and included inside here so I have no choice but to put my comments here for my new changes.

I have uploaded an additional change to the PGPKey class by shifting the tmpBuf for setDPX() method to the main OpenPGPApplet using a shared tmpPGPBuf instead. This reduces the overall RAM memory consumption from somewhere around 1900+ bytes of original RAM usage to around a calculated 1694 bytes instead with a 256 bytes reduction. This makes OpenPGP applet better suited for low RAM smart cards.

You can selectively use my changes by copying (manually) the RAM memory optimization portion as needed.

@dschuermann
Copy link
Contributor

@thotheolh Create a new branch in your fork and then cherry pick the specific commit from your master branch. Then you can open a new pull request here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

4 participants