This would be a small handheld device powered by a AAA battery that has 1 SD slot, two buttons and 1 tri-color LED.
Let's say you've just taken some prize-winning pictures and want to "secure" the SD card from copyright thieves.
You just pop in the SD card, press the "scramble" button and all content on the SD card is encrypted (in place) using AES-256. The LED lights yellow while this is happening and then turns green when done.
(The key was crafted by you and programmed into the device earlier by putting it into a file called "CFG/KEY.CFG" on a blank SD card).
When you want to unscramble the SD, you pop it in and press the "descramble" button. The LED lights yellow while this is happening and then turns green when done.
The device holds onto the "key" in flash memory. You can use a different key anytime by placing CFG/KEY.CFG on either the enrypted or yet-to-be-encrypted SD card. At the end of encryption/decryption the CFG/KEY.CFG is securely deleted (don't want to store keys in the clear, now do we?). If the CFG/KEY.CFG is supplied on a blank SD card, the flashed key is changed.
This is less secure (if someone steals your Scramble Box AND your encrypted SD cards then they can decrypt the cards so as long as they were encrypted with the currently flashed key). However, this at least allows encryption/decryption to occur without creating the key file
(so you can go directly from camera to Scramble Box).
Now, photos are probably not the best use case here. A better, although less dramatic, example would be to put a bunch of "important" documents on the SD card and run it through the Scrambler.
However, since we are just using a fairly standard AES-256 technique (CBC w/ CTS), you could always do the encryption/decryption on a PC (with the right software).
In this case, the Scramble Box can be used for batch encryption/decryption.
Oh, and for usability, the key is a simple password/passphrase that is run through a hash function, so you don't have to memorize a 32 bit key ;-)
No comments:
Post a Comment