[Cryptech Tech] Sketch of a secure channel between client and HSM

[Jean-Philippe Ouellet]

On Thu, Jul 27, 2017 at 3:07 PM, Rob Austein <sra at hactrn.net> wrote:
> Old work item which we kept putting off for later.  Still not there
> (missing a few bits of C and Verilog we'd want to do this), but to get
> some of what I've been thinking written down where others can review,
> I've posted:
>
>   https://wiki.cryptech.is/wiki/SecureChannel
>
> Comments welcome.
>
> Apologies to readers who don't have access to the referenced texts,
> particularly Cryptography Engineering.  Their "Secure Channel"
> protocol is a nice simple thing using the obvious algorithms (AES and
> SHA-2-HMAC), in this particular case I do mostly trust the authors to
> have gotten the protocol details right.
>
> I'm sure that someone will quibble with XDR, for now take it as read
> that we're already using XDR and I see no need to change that here.

Hello,

I'd just like to cross-reference this and [1] an effort originating in
the Qubes OS [2] community to establish a secure channel between a
trusted USB device and a trusted virtual machine, via an untrusted and
potentially malicious USB controller.

The goals seemed sufficiently aligned that I suspect that there may be
some de-duplication of effort possible - or at least people from
either community interested in the opposite effort.

Best regards,
Jean-Philippe

[1]: https://github.com/QubesOS/qubes-issues/issues/2518
[2]: https://www.qubes-os.org/