Author

Topic: secure physical payment dongle development (Read 787 times)

newbie
Activity: 19
Merit: 0
June 20, 2011, 05:00:39 PM
#1
so an idea about physical payment token arised on irc,

main points
* keypad for pc independent pin code entry
* cheap 7seg screen for payment sum confirming
* prom for program memory(possibly a protected ucontroller) to guarantee uninfected device side software
* eeprom for wallet.dat(encrypted with decryption key only on prom with read disable keys switched on prom)
* some communications with pc to get payment data for user to confirm and to sysnc wallets

benifits
* protection against infected pc, private keys never leave the device
* over the counter payment

pitfalls
* even protected ucontrollers are suspectible to power use analyzis, and other grazy hackery eg like this http://www.bit-tech.net/news/bits/2010/02/10/tpm-security-cracked-wide-open/1
* nothing protects against http://xkcd.com/538/

http://groups.google.com/group/bitcoincard
http://bitcoincard.wikispot.org/Front_Page
Jump to: