Encrypt your USB Sticks and SD Cards on the Fly with Cryptopuck #piday #raspberrypi @Raspberry_Pi

Thought provoking concept from Platis.Sulutions via Hackster.io:

Cryptopuck is intended to provide a portable, discrete and hassle-free solution for encrypting USB flash drives, SD cards or other removable media. Whether you are a reporter on a war-front, a photographer at a demonstration that gets cracked down by the police, a developer at the office in need to transfer proprietary files on USB sticks or just a privacy-minded individual, Cryptopuck is for you. If you need your drive to be encrypted without wasting time or attracting attention by pulling out a laptop, just plug it in Cryptopuck and… it is encrypted! Only the holder of the private key can decrypt them, enabling you to plausibly claim incapable of decrypting the files, as the private key could be handled by somebody else, e.g. your customer or boss. It uses public key cryptography, so even if the Cryptopuck falls into the wrong hands, it is unable to decrypt the files. Βefore deploying the Cryptopuck on the field, keep in mind it is a proof-of-concept system that toys around with the idea of a portable gadget that encrypts your removable media. It incorporates hardware and software which have neither been audited nor designed for security-critical applications. There is absolutely no guarantee that your files will be safely encrypted or remain in tact after using Cryptopuck.

A portable device that encrypts removable media, how hard can it be? Well, apparently not that much. Despite not having any particular previous experience with encryption, I vaguely knew that asymmetric encryption allowed the ciphering of data using a public key that can be shared freely and decrypting with a private key that has to be safeguarded and kept, well, private. I assumed this should be the way to go instead of symmetric encryption where data is encrypted and decrypted using the same key, e.g. a password. This is preferred since the Cryptopuck could fall into the wrong hands or its owner “coerced” to supply the key to decipher the files.

Not knowing any better, the first thought was to use a trusted 8-bit microcontroller to do the job. The idea was to have the gadget in a low power state when inactive, turn it on when a drive is inserted, mount it and then encrypt it. To my surprise, I easily found a library with Arduino implementations of many well known cryptographic algorithms. However, as one would expect 8-bit microcontrollers are way too slow to handle considerable amounts of data and are not so secure when it comes to generating random numbers. Moreover, I also realized that asymmetric algorithms are not designed to encrypt en masse, i.e. files, since this is neither quick nor necessarily safe. Apparently, the standard approach includes encrypting data symmetrically with a randomly generated key and then encrypting that key asymmetrically. It was at that moment the idea of using a low-end microcontroller was buried away.

Read more and see more on YouTube and GitHub

3055 06Each Friday is PiDay here at Adafruit! Be sure to check out our posts, tutorials and new Raspberry Pi related products. Adafruit has the largest and best selection of Raspberry Pi accessories and all the code & tutorials to get you up and running in no time!

Make a robot friend with Adafruit’s CRICKIT – A Creative Robotics & Interactive Construction Kit. It’s an add-on to our popular Circuit Playground Express, FEATHER and other platforms to make and program robots with CircuitPython, MakeCode, and Arduino. Start controlling motors, servos, solenoids. You also get signal pins, capacitive touch sensors, a NeoPixel driver and amplified speaker output. It complements & extends your boards so you can still use all the goodies on the microcontroller, now you have a robotics playground as well.

Join 7,500+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython in 2018 – Python on Microcontrollers is here!

Have an amazing project to share? Join the SHOW-AND-TELL every Wednesday night at 7:30pm ET on Google+ Hangouts.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

Maker Business — Fewer startups, and other collateral damage from the 2018 tariffs

Wearables — Light as a Worbla feather

Electronics — Your job’s a joke, you’re broke, your semiconductor is DOA

Biohacking — The Heart Rates of the Hazda

Python for Microcontrollers — One year of CircuitPython weeklies!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.