When we hear about flash drives in the context of cybersecurity, we tend to think of them more as threats than as targets. When you’re using flash drives to store encryption keys, however, it makes sense to pay more attention to their security. [Juergen] designed the PECKUS (Presence Enforcing Crypto-Key USB-Storage) with this specifically in mind: a few-kilobyte storage device that only unlocks if the owner’s Bluetooth device is in the vicinity.
[Juergen] needed to store an infrequently-used keyfile on an air-gapped system, and commercial encrypted flash drives were rather expensive and left much to be desired in terms of usability. Instead, he designed a CircuitPython custom firmware for MakerDiary’s nRF52840 micro development kit, which provided a BLE-capable system in the form of a USB dongle.
After flashing the firmware to the board, the user sets it up with a particular Bluetooth device and a file to be stored; after writing the file during setup, it cannot be rewritten. Before reading from the device, the user must pair the previously-set device with the board and press a button on the board, and only then does the device appear to the computer.
The limited amount of storage space means that this device will probably only serve its intended purpose, but in those cases, it’ll be handy to have an open-source and inexpensive protected storage device. [Juergen] notes that attackers could theoretically defeat this system by desoldering the microcontroller from the board and extracting the memory contents from the its storage, but if you have enemies that resourceful, you probably won’t be relying on a $20 board anyways.
We’ve previously seen a few flashdrives cross these pages, including one meant to self-destruct, and one made from a rejected microSD card.
A Presence-sensing Drive For Securely Storing Secrets
Adding a VL53L0x or similar motion sensor could be some extra security. You wave your hand in in some gesture to unlock it. But if it only works when a paired bluetooth device is visible, then it could also use some data from that same bluetooth device to unlock encrypted data only stored in RAM. That already makes it a lot more difficult to read out the device if it’s stolen.
If a PC is airgapped for security reasons, I already find it strange that an USB port is accessible in the first place.
But just the mention that circuitpython is used makes the project a dud. It’s too easy to copy such code during a toilet break, analyze & modify, and during another toilet break load a compromised software version. In my opinion there is little room for gadgetry in a security environment. If I was his boss, he’d loose all access privileges to the security sensitive part of the company. And I don’t want disgruntled employees either, so maybe immidiate firing is in order.
If it’s a hobby / toy project. Then at least treat it more seriously. Security is only as good as it weakest link.
lose
immediate
It is a hobby project, but that doesn’t mean the security doesn’t serve it’s intended purpose. We don’t know the actual scenario and you are making assumptions that may not apply. It could be simply a prototype as well.
Good enough to hide your pornhub account for your brother and most other people.
If you can crack this you prolly can find pornhub passlists on the darkweb ,)
Seems ok for its purpose.
If you have to have your bt device, could you not just have to have the USB dongle, and the key that unlocks the USB port so it can be used. I just saw USB C ones on Amazon today, so there’s locks for USB, or unplug it and most servers have case intrusion. The USB stick goes in a safe where nobody has access to the key file.
Not that I don’t see the usefulness of the BT proximity sensing for access. Set the Boss’s computer to glitch til you walk in front of it, then he thinks you’re a magician.
The only thing the extra stuff adds is a higher potential for flaws in the security model.
Bluetooth proximity was built into the Armorlock product from SanDisk, an ultrasecure storage platform where some of firmware lives on in Raspberry Pi Pico ROM. I do not recommend purchasing the Armorlock product because it is EOL and not supported anymore, which is a huge fail.
So, don’t buy one then? This sounds like a reasonable product but likely an overpriced one.
So, to unlock this device, “Activation based on user-presence (based on user’s Bluetooth and/or WIFI device being in range)”
And the MAC address is broadcast in the clear frequently from said device. And easily spoofed by any number of devices.
That doesn’t sound like a particularly secure system.
Only if it’s just using MAC detection, which nobody does for actual security, though it’s usually fine for an environment where security isn’t the objective, but ensuring a protocol.
At first I had the same thought. Sure this can be easily foiled. But then I thought about it some more…
The attack vector goes from, someone needs to physically steal your USB device. Pretty high bar. Now it’s, someone needs to know your USB device requires a BT signal, what your hardware MAC is, and to steal your USB device.
Sure some highly trained operative could be expected to do that. The average creep would absolutely not expect it. Should an organization make this standard issue? Probably not. Would it add a level of depth to an individuals defense? I think it could. Might lead to the 5$ wrench scenario though.
Did you know? A bonded BLE connection not only involves (always changing) mac addresses that are derived from the bonding key but also encryption for connection establishment (and thereafter).
So, there is no easy BLE presence spoofing (assuming BLE firmware is implemented as per spec).
Today I learned. Thanks for educating me. This is even better then.
The “transport” encryption is not used in PECKUS, simply because it never sends any data – connection establishment is enough for presence purposes. PECKUS does register as a (generic) input device, because Smartphones (if configured so, but it is the default) automatically do initiate those connections, so it can work without any user interaction on the smartphone during PECKUS use.