Search icon Close icon
Search icon
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
BeagleBone for Secret Agents

You're reading from  BeagleBone for Secret Agents

Product type Book
Published in Sep 2014
Publisher Packt
ISBN-13 9781783986040
Pages 162 pages
Edition 1st Edition
Languages
Concepts
Author (1):
Joshua Datko Joshua Datko
Profile icon Joshua Datko
LinkedIn
Josh Datko is the founder of Cryptotronix, LLC, an open source hardware company that specializes in embedded, cryptographic electronics. He graduated with distinction from the US Naval Academy with a Bachelor's of Science in Computer Science and then served 10 years in the Navy, both actively and as a reserve submarine officer. He has been deployed to locations worldwide including Afghanistan in support of Operation Enduring Freedom. In 2014, Josh presented at both the HOPE and DEF CON conferences. He completed his Master's of Science in Computer Science, with a focus on security and networking, from Drexel University.
See other products by Joshua Datko

Table of Contents (14) Chapters

BeagleBone for Secret Agents
Credits
Foreword
About the Author
About the Reviewers
www.PacktPub.com
Preface
Creating Your BeagleBone Black Development Environment Circumventing Censorship with a Tor Bridge Adding Hardware Security with the CryptoCape Protecting GPG Keys with a Trusted Platform Module Chatting Off-the-Record Selected Bibliography Index

Chapter 4. Protecting GPG Keys with a Trusted Platform Module

After our investigation into BBB hardware security, we'll now use that technology to protect your personal encryption keys for the popular GPG software. GPG is a free implementation of the OpenPGP standard. This standard was developed based on the work of Philip Zimmerman and his Pretty Good Privacy (PGP) software. PGP has a complex socio-political backstory, which we'll briefly cover before getting into the project. For the project, we'll treat the BBB as a separate cryptographic co-processor and use the CryptoCape, with a keypad code entry device, to protect our GPG keys when they are not in use.

Specifically, we will do the following:

  • Tell you a little about the history and importance of the PGP software

  • Perform basic threat modeling to analyze your project

  • Create a strong PGP key using the free GPG software

  • Teach you to use the TPM to protect encryption keys

History of PGP

The software used in this chapter would have once been considered a munition by the U.S. Government. Exporting it without a license from the government, would have violated the International Traffic in Arms Regulations (ITAR). As late as the early 1990s, cryptography was heavily controlled and restricted. While the early 90s are filled with numerous accounts by crypto-activists, all of which are well documented in Steven Levy's Crypto, there is one man in particular who was the driving force behind the software in this project: Philip Zimmerman.

Philip Zimmerman had a small pet project around the year 1990, which he called Pretty Good Privacy. Motivated by a strong childhood passion for codes and ciphers, combined with a sense of political activism against a government capable of strong electronic surveillance, he set out to create a strong encryption program for the people (Levy 2001).

One incident in particular helped to motivate Zimmerman to finish PGP and publish his work...

Developing a threat model

At the end of the previous chapter, we introduced the concept of a threat model. A threat model is an analysis of the security of the system that identifies assets, threats, vulnerabilities, and risks. Like any model, the depth of the analysis can vary. In the upcoming section, we'll present a cursory analysis so that you can start thinking about this process. This analysis will also help us understand the capabilities and limitations of our project.

Outlining the key protection system

The first step of our analysis is to clearly provide a description of the system we are trying to protect. In this project, we'll build a logical GPG co-processor using the BBB and the CryptoCape. We'll store the GPG keys on the BBB and then connect to the BBB over Secure Shell (SSH) to use the keys and to run GPG. The CryptoCape will be used to encrypt your GPG key when not in use, known as at rest. We'll add a keypad to collect a numeric code, which will be provided to the TPM. This...

Generating GPG keys

First, we need to install GPG on the BBB. It is mostly likely already installed, but you can check and install it with the following command:

sudo apt-get install gnupg gnupg-curl

Next, we need to add a secret key. For those that already have a secret key, you can import your secret key ring, secring.gpg, to your ~/.gnupg folder. For those that want to create a new key, on the BBB, proceed to the upcoming section.

Note

This project assumes some familiarity with GPG. If GPG is new to you, the Free Software Foundation maintains the Email Self-Defense guide which is a very approachable introduction to the software and can be found at https://emailselfdefense.fsf.org/en/index.html.

Generating entropy

If you decided to create a new key on the BBB, there are a few technicalities we must consider. First of all, GPG will need a lot of random data to generate the keys. The amount of random data available in the kernel is proportional to the amount of entropy that is available. You...

Protecting your GPG key with a TPM

If you want, you could stop the project now and happily use GPG on your BBB. But if you do, you would miss out on adding some extra protection with the CryptoCape, specifically, the Trusted Platform Module (TPM). In the upcoming sections, we will use the TPM to protect our GPG private key.

Introducing trusted computing

The TPM is a cryptographic co-processor. The TPM on the CryptoCape is Atmel's embedded I2C version, which conforms to version 1.2 of the TPM spec published by the Trusted Computing Group (TCG). The TCG is an industry consortium that maintains and develops open specifications for trusted computing. Trusted in this sense is the definition from RFC 4949: a system that operates as expected, according to design and policy.

Cryptographically, TPM 1.2 is limited. It implements the RSA algorithm, SHA-1, has an internal random number generator, and some limited storage. It does not provide any symmetric ciphers. These limitations were a result of the...

Adding the keypad

We're going to need a way to enter this code into the BBB. This code is used to populate one of the TPM's PCRs that will be used to seal the GPG key. This keypad will be connected to the ATmega328p on the CryptoCape. While the BBB is more than capable of handling the I/O for the keypad, by using the ATmega328p, we take advantage of code reuse. For most hardware products in the SparkFun catalog, there exists at least an unofficial Arduino library. If the components aren't available at SparkFun, then you should be able to find similar parts from the product descriptions. In the case of the keypad, there is an official library. The hardware for this project is listed in the following table:

Device

SparkFun number

CryptoCape

DEV-12773

Keypad

COM-08653

F/F jumper wires

PRT-08430

Male breakaway headers

PRT-00116

To build this Arduino library, you'll first need to install the Keypad library from the Arduino playground site: http://playground.arduino.cc/code/Keypad. Then...

Taking ownership of the TPM

Before we use the TPM, we must first take ownership of it. Taking ownership establishes an owner password for maintenance operations and a password for one of the root keys inside the TPM, the Storage Root Key (SRK) (pronounced shark). You can set the administrator password to any password you want, but to work with legacy software, you'll want to set the SRK to the well-known password of twenty zeros. You can set a unique SRK password if you want, but the TrouSerS software, the software used to control the TPM, includes a command-line parameter to set the password to its well-known value for a reason. First install tpm-tools:

sudo apt-get install tpm-tools

Then you should restart your BBB with the CryptoCape attached. This will ensure that the TPM kernel driver and associate software load correctly. To check if everything is working properly issue the following command:

dmesg | grep TPM

This should return:

[    5.370109] tpm_i2c_atmel 1-0029: Issuing TPM_STARTUP...

Extending a PCR

We'll need to extend a PCR so that we can encrypt our GPG key. We'll arbitrarily choose PCR number 9. First let's view the PCR status to be sure that it is blank:

cat /sys/class/misc/tpm0/device/pcrs | grep PCR-09

This should return the current state of the PCR, which without using secure boot is:

PCR-09:00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Now, run the getgpgpin program from the following section. You should see the LED turn green on the CryptoCape and you have 10 seconds to enter a five-digit pin. Each time you press a key, the LED should briefly flash and when five digits have been entered, the LED will turn off. After 10 seconds, the getgpgpin program will silently exit. If you compiled the program with #define DEBUG set to 1, you should see something like this:

54321
(Line 53, extend_pcr)  Create a Context
 returned 0x00000000. Success.
(Line 55, extend_pcr)  Connect to TPM
 returned 0x00000000. Success.
(Line 59, extend_pcr)  GetTPM Handle
 returned...

Unlocking your key at startup

Finally, we need to automate this process. When the BBB boots, we want it to collect the code, extend the PCR, and unwrap the GPG keys so that they are ready to use. We'll make an init.d script that will handle this, but we still need to deal with the GPG key. We don't want an unwrapped GPG key lying around the disk, even if it is protected with a password. Instead, we'll keep the GPG keys on a ramfs, which will never touch persistent storage.

To create the ramfs, add the following to /etc/fstab:

ramfs    /mnt/ramdisk ramfs nodev,nosuid,noexec,nodiratime,size=1M,uid=1000,gid=1002   0 0

Be sure to replace your uid and gid with the appropriate values for your user. This can be obtained by running the id command. Either reboot or run mount -a to reload the fstab. Since GPG expects the secring.gpg to live in ~/.gnupg/secring.gpg, we'll create a link from there to the ramdisk. Create the following symlink:

ln -s /mnt/ramdisk/secring.gpg ~/.gnupg/secring.gpg

Now, we...

Iterating on the threat model

Threat modeling and system design is an iterative process. The system we built in this chapter is a good start, but it can be improved. We identified a problem at the beginning of the chapter in that we still had to enter the GPG passphrase from a potentially compromised computer. The code entry on the keypad is currently only protecting the GPG key when the BBB is powered off. It also protects the key if an attacker who doesn't know the code boots the BBB, since the PCR will not have the correct value after the 10-second window has passed. To mitigate against the key logger attack, we would want to enter a passphrase directly into the BBB.

There is a piece of software called gpg-agent, which manages your passphrase per login session. It can support different types of pin entry programs. For example, one pin entry program is X-Windows-based and another supports a command-line interface. You could certainly create your own pin entry program that supported your...

Summary

In this chapter, you learned how GPG can protect e-mail confidentiality. We created a threat model for our system and showed how this analysis can help us understand the capabilities and limitations of our design. At the end, we successfully built a BBB GPG co-processor that uses a TPM to help protect the GPG keys at rest and got more practice combining a microcontroller with an embedded Linux platform.

In the next chapter, we will investigate another major privacy enhancing technology that is used to protect real-time chat. You'll learn about the unique cryptographic properties of Off-the-Record (OTR) and how to use OTR over an Internet Relay Chat gateway that is hosted by your BBB.

lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 14
Next Chapter arrow right
You have been reading a chapter from
BeagleBone for Secret Agents
Published in: Sep 2014 Publisher: Packt ISBN-13: 9781783986040
© 2014 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (1)

Profile icon Joshua Datko
LinkedIn
Josh Datko is the founder of Cryptotronix, LLC, an open source hardware company that specializes in embedded, cryptographic electronics. He graduated with distinction from the US Naval Academy with a Bachelor's of Science in Computer Science and then served 10 years in the Navy, both actively and as a reserve submarine officer. He has been deployed to locations worldwide including Afghanistan in support of Operation Enduring Freedom. In 2014, Josh presented at both the HOPE and DEF CON conferences. He completed his Master's of Science in Computer Science, with a focus on security and networking, from Drexel University.
Read more
See other products by Joshua Datko

Personalised recommendations for you

Based on your interests and search pattern
Architectural Patterns and Techniques for Developing IoT Solutions
Architectural Patterns and Techniques for Developing IoT Solutions
This book covers all the patterns and considerations that give you both the power and flexibility to build scalable, secure, and performant IoT solutions by combining various patterns in interesting ways. It also lists the benefits of combining IoT with technologies like blockchain, 3D-printing, 5G, Generative AI, quantum computing, and LLMs.
Sep 2023 10 hours 8 minutes
Arduino Data Communications
Arduino Data Communications
Arduino Data Communication focuses on IoT’s Internet aspect, guiding you in setting up your own infrastructure for storing and managing the data collected from sensors. This book goes beyond microcontroller basics, equipping you with the knowledge essential for building real-world projects.
Nov 2023 9 hours 32 minutes
Arduino IoT Cloud for Developers
Arduino IoT Cloud for Developers
From fundamental principles to advanced techniques, this comprehensive book equips you with the knowledge and skills needed to design and deploy IoT applications seamlessly. Explore cloud integration, best practices, and real-world projects to harness the full potential of IoT application development with the Arduino IoT Cloud.
Nov 2023 13 hours 24 minutes
The Azure IoT Handbook
The Azure IoT Handbook
Building IoT Systems with Azure IoT is a comprehensive introduction for those who are new to the Internet of Things and looking to get up to speed in no time. This book will teach you how to create and develop IoT solutions with intelligent edge-to-cloud technologies in the Azure cloud.
Dec 2023 8 hours 16 minutes