When it comes to security questions, trust an expert, not the top post on a thread. As for side channel attack countermeasures we list several that are in use. As for the OnlyKey hardware security we use Freescale Kinetis flash security to securely lock data on the key. This is completely unrelated to hardware. As others have already mentioned, OnlyKey is not an Arduino, OnlyKey uses some of the great Arduino software libraries that are available open source and the Arduino IDE. Whoops.Īgain, had the commenter taken the time to read a bit they would see that this is completely false. > Meaning that there is no hardware security whatsoever and it's trivial to extract all your keys from the device if you ever lose it. This random input is generated every time you touch a button on OnlyKey, it's different for every person, and its truly random. Had they reviewed they would see that we specifically address how analog input alone is not sufficient entropy for a cryptographically secure number generator and one of the unique features used with OnlyKey is using capacitive touch input for our RNG. Unfortunately, this commenter posted this without reviewing any of the security documentation available for OnlyKey. ![]() > The "security" of this device is a joke, just look at how randomness is derived: I wanted to make sure I clearly address these comments, one of the issues in reading a post like this in an online thread is the most upvoted post can also be the most incorrect, and misleading.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |