undefined | Better HN

0 pointsgruez3mo ago0 comments

>you can get that $5 china fido key, but are you sure it's you who owns it?

Seems like a moot point because it'd be very difficult for a rogue fido key to exfiltrate data. I'd be far more concerned about random chinese IOT gadgets, which most people don't have a problem with.

0 comments

wkat42422mo ago

Hmm yes but it's possible to compromise private key generation to only create a very small predictable subset of keys. In fact some smartcards from Infineon suffered from this as a bug. And thus they can be brute forces. It requires some serious crypto chops to determine if this is the case. Obviously it's not like the first 60 bits being zero or something. And the private key is made to not be extracted in this kind of device making it even harder.

petee3mo ago

One issue i see is that it's a sealed package; it wouldn't be immediately apparent if someone added extra hardware/functionality.

More likely though I'd expect you'd just get some form of a clone device

the84723mo ago

Couldn't they ship pre-compromised? Storing the RNG seed and private key at the factory.

ComputerGuru3mo ago

Devil’s advocate: How do they map that data to a user when you are buying through a maze of resellers?

machinationu3mo ago

they dont, they try against all the keys, there are at most a few billion of them

see Dual_EC_DRBG

wkat42422mo ago

It won't be as easy as that because you can generate a private key multiple times and notice it's the same.

However yes a very limited entropy in the private key is much harder to detect especially because on this kind of device you can't see the private key directly.

j / k navigate · click thread line to collapse

0 comments

wkat42422mo ago

petee3mo ago

One issue i see is that it's a sealed package; it wouldn't be immediately apparent if someone added extra hardware/functionality.

More likely though I'd expect you'd just get some form of a clone device

the84723mo ago

Couldn't they ship pre-compromised? Storing the RNG seed and private key at the factory.

ComputerGuru3mo ago

Devil’s advocate: How do they map that data to a user when you are buying through a maze of resellers?

machinationu3mo ago

they dont, they try against all the keys, there are at most a few billion of them

see Dual_EC_DRBG

wkat42422mo ago

It won't be as easy as that because you can generate a private key multiple times and notice it's the same.

However yes a very limited entropy in the private key is much harder to detect especially because on this kind of device you can't see the private key directly.

j / k navigate · click thread line to collapse