Re: Key management question

From: Michael Schmidt (NOSPAM_schmidt@nue.et-inf.uni-siegen.de)
Date: 02/04/03

• Next message: DSCOTT: "Re: Nasa's incompedent managers"
• Previous message: Scott Nowell: "Re: Fletcher Checksum Question"
• In reply to: Richard L Rosenheim: "Key management question"
• Next in thread: Andrew Swallow: "Re: Key management question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Michael Schmidt <NOSPAM_schmidt@nue.et-inf.uni-siegen.de>
Date: Tue, 04 Feb 2003 15:55:12 +0100

Hi Richard,

Richard L Rosenheim schrieb:
> I'm working on a program for Windows-based PocketPC PDAs. I would
> like to secure the data that has been entered to ensure that the
> information is not modified after it has been entered (for audit
> purposes).
>
> My question, is how might one go about protecting the key so that the
> program has access to the key, but not the user? The PDA will be
> disconnected from any network, so storing the key elsewhere is not an
> option.
>
> If anyone have any suggestions, or could point me to some relevant
> links/articles, I would appreciate it.
>
> Richard Rosenheim

Claudia Eckert states in
"Zur Sicherheit mobiler persönlicher Endgeräte - eine Bestandsaufnahme"
(http://www.sec.informatik.tu-darmstadt.de/de/publikationen/, apparently
in German) that Windoes CE does neither offer efficient process address
space isolation nor efficient separation between kernel and user mode.
Although WinCE claims to offer it (and the HW architecture would support
it), the respective OS mechanisms can be circumvented relatively easily.

As a consequence, if you need to store your data in the PDA, encrypt the
file, and keep the time the data is unencrypted in memory (and the key
is in memory) as little as possible.

Michael

-- 
Michael Schmidt
University of Siegen, Germany
http:   www.nue.et-inf.uni-siegen.de/~schmidt/
e-mail: schmidt _at_ nue.et-inf.uni-siegen.de

---

• Next message: DSCOTT: "Re: Nasa's incompedent managers"
• Previous message: Scott Nowell: "Re: Fletcher Checksum Question"
• In reply to: Richard L Rosenheim: "Key management question"
• Next in thread: Andrew Swallow: "Re: Key management question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: HELLO MICROSOFT ... The MS DST update is not an application, but a set of registry changes. ... It is impossible to completely remove ActiveSync from the PDA. ... Thanks for the description of the memory management in the PDA. ... (microsoft.public.pocketpc.activesync) Re: HELLO MICROSOFT ... The MS DST update is not an application, but a set of registry changes. ... It is impossible to completely remove ActiveSync from the PDA. ... Thanks for the description of the memory management in the PDA. ... (microsoft.public.pocketpc.activesync) Re: New PDA newsie ... PDA parts will also be discussed because these can widen your PDA ... A Toshiba contains both memory card slots, is a basic design and comes in ... Although the new models of Pocket PCs contain a 128MB memory chip inside ... For iPAQ users, before you can use CF card, you need to buy the CF sleeve ... (microsoft.public.pocketpc) Re: New PDA newsie ... >> PDA parts will also be discussed because these can widen your PDA ... >> I have never used an Axim, but the iPAQ is your fancy model, and your ... >> A Toshiba contains both memory card slots, is a basic design and comes ... >> PLEASE invest in a small chip to save your work regularly! ... (microsoft.public.pocketpc) Re: HELLO MICROSOFT ... Thanks for the description of the memory management in the PDA. ... Microsoft DST Update. ... Since ActiveSync generally doesn't just crash, ... (microsoft.public.pocketpc.activesync)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)