Autore: Sebastian Nielsen Data: To: tails-dev Oggetto: [Tails-dev] Suggestion: Determistic key generation option for
completely read-only systems
I have a suggestion for tails, that will make it more useful for the masses,
and still having it completely read-only.
And that is having, when the Tails OS starts up, there will be a password
prompt.
This password prompt will accept any password. This passsword is then used
with PBKDF2 key strengtening to create a master key. Then this master
key is SHA512d concatenated with a counter, creating a CSPRNG stream.
(with a 32 bit counter there will be exactly 2 TB of randomness before it
start to repeat)
(ergo: the first 512 bits is: Sha512( PBKDF2(password) + 0 ) , second 512
bits = Sha512( PBKDF2(password) + 1 ), and so on).
Then this CSPRNG stream is then used to create a PGP key, then a bitcoin
keypair (with adress and such), then a Tor keypair, and then a few other
keys, certificates and such needed for the system. Of course this should not
be fed into /dev/random, instead other ways is needed to correctly inject
this randomness in the key generation functions for OpenPGP and such.
Of course, 2 different users starting up Tails and entering the identical
password will of course get the same PGP key, same bitcoin keypair and such.
But the main advantage is that you dont need to store anything. Even if
your Tails installation media is seized, nothing can happen. You have your
password, thats all that is needed to recreate your installation of Tails.
Of course, the user needs to select a secure password.
This also means any single tails installation media can be used by unlimited
users. And that would also make it more interesting for internet cafés and
such to install Tails on their public computers, since tails then become
completely read-only but still users can get their PGP keys, bitcoin keys,
and TOR keys and other keys by simply logging in with the password they
chose when first starting to use tails at home.