danielinux/Motenpoche
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
Motenpoche/README.md
Daniele Lacamera 5e6c11ca93 Import from working prototype
2023-06-10 01:04:44 +02:00

141 lines
5.6 KiB
Markdown
Raw Blame History

# Motenpoche
Motenpoche ([mot-ɑ̃-pɔʃ] - French for "word in your pocket") is a physical password
vault to carry around your secrets securely. It can be unlocked with a main
passphrase and it will automatically paste passwords selected from your collection.
Passwords can be provisioned with the help of a host-side command line tool that
can be run on a GNU/Linux PC.
## Status
This project is still in an early alpha phase and has not been properly tested yet.
Use at your own risk, no guarantee provided on loss of secret information, service
profiles, bank details or other relevant information. The author and the
contributors recommends not to use this software for any purpose rather than
security auditing, research and study, and they cannot be held responsible or any
damage of any kind resulting from any proper or improper use.
## Software License
The software distributed in this project is uniquely released under the terms of
GNU GPL v.2.
## What is this for
I'm lazy and skeptical when it comes to distributed password managers. I don't
like the idea of keeping a wallet of passwords on a cloud server. On the other
hand, I'm oftern traveling and carrying a laptop, where I must periodically update
my password database if I want to access services when I'm abroad.
This system was created to have a temporary physical storage that can be carried
around (and lost, or forgotten on a public transportation...) with reduced risk.
## Hardware design
## How it works
The siple idea behind it is that the device does not carry any secret in plain
text. The passwords are stored on an external SPI flash, encrypted and signed with
unique keys created when the device is initialized.
The encryption key is symmetrical (ChaCha) and can be derived on board using the
main passphrase, which is entered through the rotary and the confirm button.
The signature key (Ecc256) is created during device initialization on the PC. The
key is used to sign the passwords to be added to the vault.
Passwords can be provisioned using the host tool, either manually or importing
them from a CSV file, previously exported from e.g. a software password manager
or a web browser.
When the device is unlocked, selecting the service needed from the "Services" menu
will paste the password onto the PC. The user should ensureto select the right
password box before activating the service on the device to prevent password leaks
in clear text on the PC screen.
Multiple paste modes are available from the "Settings" menu onboard. The device
can for example fill username + password web forms automatically, by typing in the
username, then the TAB key, then the password and finally ENTER.
### Initialization
The device can be initialized using a TOFU (Trust on First Use) mechanism. When
the device is in "factory mode", it can be initialized using the host command line
application, selecting the "TOFU" function. The application will then ask to input
(and confirm) the main password that will be used to unlock the device.
As mentioned, this procedure also creates the main signature key to provision
passwords. If you want to be able to add passwords to the vault from different
PCs, ensure that you carry a copy of the key generated in `~/.pvault/`.
### Adding password services
Passwords can be provisioned using the host tool, either manually or importing
them from a CSV file. The information is then encrypted on the PC using the main
password, signed using the signature key and transmitted to the device.
The device must be unlocked in order to receive password services to add to the
database. Uploading a single password may take a few seconds because the device
verifies that the source of the information is trusted.
### What does the PC see
When you connect motenpoche to your PC, it will show up as three different
devices:
- A USB drive, containing the source and the binary of the host command line tool `mep` [TODO]
- A serial port (typically /dev/ttyACM0), used by the host command line tool to communicate
with the device, initialize it after factory reset and upload passwords.
- A HID keyboard device. Motenpoche will use a 'fake' keyboard to input the selected
password when requested.
### Security considerations
- The algorithm used to generate the encryption key is PBKDF2, using SHA512 for
hashing, and a random salt generated when the device is initialized
- Neither the passwords, nor the main secret, or any private key is ever stored
on the device. When the device is turned off, the storage is encrypted.
- Password checking is performed on board by decrypting the signature stored in the
initial settings page, and then checking for the integrity (sha) and
authenticity (ecc signature) of the page itself.
Each password is then decrypted on demand and sent to the PC through the HID
keyboard device.
- Passwords can still be intercepted by a keylogger, e.g. using a USB sniffer.
(This is not very different from an actual USB keyboard).
- Main keys and passwords are never transmitted via USB.
### Future development
- The command line tool `mep` might have a function to "rekey" the device, changing
the salt and the constant part of the IV used for the encryption
- Store private keys / custom secret files in the storage device. Those would be
invisible until the device is unlocked.
## Compiling and flashing to Raspberry-pi pico:
To compile the firmware run the following from the source directory:
```
mkdir build
cd build
cmake .. -DFAMILY=rp2040 -DPICO_SDK_PATH=/path/to/motenpoche/pico-sdk
```
### Host tool
A copy of the host tool `mep` is in the `msc_content` directory. Compile using
"make", then run the tool pointing it to the correct USB serial device, e.g.:
```
./mep /dev/ttyACM0
```
Reference in a new issue View git blame Copy permalink