![]() Specific hardware support for key storage starts to become useful when we consider advanced attacks. Never run code from untrustworthy sources. You need to follow all usual security practices. You want an operating system that restricts processes' access to each other's memory, and users' access to each other's files. It is fine to do public-key cryptography on a traditional computer. Special cryptography support and acceleration are a fairly recent thing. I guess that rules out any public-key cryptography?The Pi very much is a traditional desktop computer. It sounds like you're saying that one such limitation is that cryptographic keys cannot be securely stored on a Pi. Tue 2:45 pmI'm trying to understand, then, what all you cannot do (security-wise) with Pi that you could with a traditional desktop or laptop computer. I imagine it would be crushingly slow on a Pi, though perhaps using an SSD and USB 3.0 might mitigate some of that slowness. In my experience with TrueCrypt and later VeraCrypt, disk encryption (for a large HDD) was slow even on a then-fast machine. But I've not yet tried any security key (e.g., Yubikey or Titan), nor PGP, nor disk encryption. I've not had any issue using a password manager on the Pi. I'm curious if the Pi's advanced security limitations are relevant to my use case. What limits on general computing usage would be implied by the lack of crypto acceleration instructions? I guess that rules out any public-key cryptography? I'm trying to understand, then, what all you cannot do (security-wise) with Pi that you could with a traditional desktop or laptop computer. The Raspberry Pi might have something like secure boot-capable hardware but details are scarce (duh) and it is most certainly disabled by default. Turns out they are indeed optional, at least for ARMv8 integrators like Broadcom/Raspberry Pi Trading. ![]() The Raspberry Pi CPU also lacks the ARMv8 crypto accelaration ![]() The Raspberry Pi has no Trusted Platform Module or Secure Enclave, which are used on computers or smartphones to
0 Comments
Leave a Reply. |