[Blabber] Encrypted SD card
flippy9 at philherlihy.com
Wed Dec 14 19:00:51 UTC 2016
IMO, it’s a significant risk to put any kind of read-back functionality into the unit. I like cat pictures. Plausible deniability is necessary.
The best chance of success for is to have it be a dropbox/blackbox style unit. Data being streamed into the card is encrypted as it is written and never read back. There would need to be some bookkeeping, such as a pointer to the last write in the partition (that might be a bit tricky), but otherwise absolutely minimal plaintext data.
Based on the model you created, the file-specific key would have to be generated on the SD/camera, then the file-specific key would have to be stored on the SD card (encrypted with the pub key of the secure device), so that it could be recovered once the SD was inserted into the secure device. Every time the SD/camera was powered on, this process would repeat. Sound about right?
> On Dec 14, 2016, at 9:20 AM, Guan Yang <guan at hackmanhattan.com> wrote:
> Wired has an article about how filmmakers want Nikon and Canon to sell encrypted cameras:
> It mentions a project that implements this by modifying camera firmware, which is rightly judged to be unreliable. It seems to me that it might be possible to do the same thing with a special SD card, like how people used to add Wi-Fi with eyefi SD cards.
> If you pry open an SD card, inside is a circuit board with a NAND flash and a controller chip. Sometimes it is a specialized flash controller, but often it is a regular Cortex-M3 or MIPS core, possibly with some accelerated peripherals for flash and SD communication.
> See eg https://www.bunniestudios.com/blog/?p=3554
> So it might not be that hard to create a custom SD card (or custom firmware for an existing card) that transparently encrypts files being written using a file-specific key, then encrypts that key using a public-key algorithm. The secret key would not be stored in the SD card or camera, so the photos can only read later using the secret key, in a secure environment.
> Possible challenges:
> * Cameras also like to read back files that are written. Maybe one would allow read-back while the camera and SD card are powered on, then shed the file-specific symmetric key at power-off or x minutes. After a power cycle, when a file is read back, it would be a special image that just says “this photo has been encrypted”. Or cat pictures.
> * If it’s for the application described in the article, the photojournalist users might shoot large RAW or video files and expect the latest fastest SD card standards like UHS-I, which might be more difficult to implement or find suitable microcontrollers for.
> Blabber mailing list Blabber at list.hackmanhattan.com
More information about the Blabber