NSA Away(Increase your privacy and security by exchanging short messages securely)

管理員語：

此設(shè)計在國外一個創(chuàng)客大賽中找到，設(shè)計的中心思想是保證在網(wǎng)絡(luò)交流中的安全和隱私。

由于內(nèi)容介紹全部是英文，很多是專業(yè)術(shù)語，作為硬件設(shè)計出身的我也不敢輕易翻譯。先將設(shè)計內(nèi)容以英文形式呈現(xiàn)，同時征集可以完整翻譯的專業(yè)人士，可以通過發(fā)起討論來交流。

首先給大家展示這個系統(tǒng)的工作示意圖，整個項目介紹在附件里。

Example workflow

Before needing to send a private message:

Use the dedicated hardware key generator to populate two SD cards with identical one-time pad keys

Keep one copy of the key for your self and give the other copy to the message recipient

To send a message:

Type a message on the encryption device using the software keyboard

Choose the appropriate encryption key from an SD card to encrypt the message. You would choose a key that you pre-exchanged with the message recipient.

The encryption device encrypts the message using that key

Start composing an email to the message recipient on your PC and have the cursor active in the message compose window

Plug in the encryption device via USB and click send to have the encrypted message typed into your email. Your encrypted message will be typed into your email message by the encryption device sending keystrokes.

• Send the email on the PC

To receive a message:

• Open the email containing the encrypted message on your PC
• Point the encryption device’s camera at the encrypted message and take a picture of the encrypted message

• The encryption device performs optical character recognition (OCR) and interprets the data
• Choose an appropriate key from an SD card to decrypt the message. You would choose a key that you pre-exchanged with the message sender.
• The encryption device decrypts the message using that key
• You read the message displayed on the encryption device’s screen

As long as key exchange and management is done properly and the Android device remains physically secure this solution should provide very private and secure message transmission. The portion of the key used for encrypting or decrypting the message are deleted after use, thus also providing forward secrecy: the unencrypted message cannot be recovered from either the sender or the receiver once it is sent and read.