[Blabber] Encrypted SD card

Robby O'Connor robby.oconnor at gmail.com
Thu Dec 15 02:54:33 UTC 2016


This man asks the important questions.
On 12/14/2016 02:42 PM, James Carpino via Blabber wrote:
> How many pictures of Rick Astley can you put in this little cpu's firmware?
>
>
> ------------------------------------------------------------------------
> *From:* Phil Herlihy <flippy9 at philherlihy.com>
> *To:* Hack Manhattan! <blabber at list.hackmanhattan.com>
> *Sent:* Wednesday, December 14, 2016 2:00 PM
> *Subject:* Re: [Blabber] Encrypted SD card
>
> IMO, it’s a significant risk to put any kind of read-back
> functionality into the unit. I like cat pictures. Plausible deniability
> is necessary.
>
> The best chance of success for is to have it be a dropbox/blackbox style
> unit. Data being streamed into the card is encrypted as it is written
> and never read back. There would need to be some bookkeeping, such as a
> pointer to the last write in the partition (that might be a bit tricky),
> but otherwise absolutely minimal plaintext data.
>
> Based on the model you created, the file-specific key would have to be
> generated on the SD/camera, then the file-specific key would have to be
> stored on the SD card (encrypted with the pub key of the secure device),
> so that it could be recovered once the SD was inserted into the secure
> device. Every time the SD/camera was powered on, this process would
> repeat. Sound about right?
>
> > On Dec 14, 2016, at 9:20 AM, Guan Yang <guan at hackmanhattan.com
> <mailto:guan at hackmanhattan.com>> wrote:
> >
> > Wired has an article about how filmmakers want Nikon and Canon to sell
> encrypted cameras:
> >
> >
> https://www.wired.com/2016/12/200-filmmakers-ask-nikon-canon-sell-encrypted-cameras/
> >
> > It mentions a project that implements this by modifying camera
> firmware, which is rightly judged to be unreliable. It seems to me that
> it might be possible to do the same thing with a special SD card, like
> how people used to add Wi-Fi with eyefi SD cards.
> >
> > If you pry open an SD card, inside is a circuit board with a NAND
> flash and a controller chip. Sometimes it is a specialized flash
> controller, but often it is a regular Cortex-M3 or MIPS core, possibly
> with some accelerated peripherals for flash and SD communication.
> >
> > See eg https://www.bunniestudios.com/blog/?p=3554
> >
> > So it might not be that hard to create a custom SD card (or custom
> firmware for an existing card) that transparently encrypts files being
> written using a file-specific key, then encrypts that key using a
> public-key algorithm. The secret key would not be stored in the SD card
> or camera, so the photos can only read later using the secret key, in a
> secure environment.
> >
> > Possible challenges:
> >
> > * Cameras also like to read back files that are written. Maybe one
> would allow read-back while the camera and SD card are powered on, then
> shed the file-specific symmetric key at power-off or x minutes. After a
> power cycle, when a file is read back, it would be a special image that
> just says “this photo has been encrypted”. Or cat pictures.
> >
> > * If it’s for the application described in the article, the
> photojournalist users might shoot large RAW or video files and expect
> the latest fastest SD card standards like UHS-I, which might be more
> difficult to implement or find suitable microcontrollers for.
> >
> > _______________________________________________
> > Blabber mailing list Blabber at list.hackmanhattan.com
> <mailto:Blabber at list.hackmanhattan.com>
> > https://list.hackmanhattan.com/listinfo/blabber
>
>
> _______________________________________________
> Blabber mailing list Blabber at list.hackmanhattan.com
> <mailto:Blabber at list.hackmanhattan.com>
> https://list.hackmanhattan.com/listinfo/blabber
>
>
>
>
> _______________________________________________
> Blabber mailing list Blabber at list.hackmanhattan.com
> https://list.hackmanhattan.com/listinfo/blabber
>



More information about the Blabber mailing list