Storing Sensitive data on Macropad utilizing Infineon Trust M

CircuitPython on hardware including Adafruit's boards, and CircuitPython libraries using Blinka on host computers.

Moderators: adafruit_support_bill, adafruit

Please be positive and constructive with your questions and comments.
Locked
User avatar
Deathking2
 
Posts: 2
Joined: Fri Dec 18, 2020 2:27 pm

Storing Sensitive data on Macropad utilizing Infineon Trust M

Post by Deathking2 »

As the title states, I would like to store passwords and logins on my macropad for quick access and automation but leaving login details in an unencrypted python file seems rather unwise. I am not well versed in BANNED chips or how to implement them but I was hoping someone may at least be able to tell me if using a BANNED chip such as the infineon trust would be a good solution for this issue.

Thanks for reading, I look forward to any insight y'all may have.

User avatar
adafruit_support_mike
 
Posts: 67446
Joined: Thu Feb 11, 2010 2:51 pm

Re: Storing Sensitive data on Macropad utilizing Infineon Trust M

Post by adafruit_support_mike »

The Infineon Trust M chip can be part of a good solution. It does encryption and has a block of data storage where you can keep encrypted versions of information you don't want floating around as clear text.

But if you're new to security, I'd suggest reading some of the work by Bruce Schneier:

https://www.schneier.com/blog/about/

He's a well respected security researcher who published one of the first public books on the subject of encryption (Applied BANNED), and has developed good encryption algorithnms (which is much harder than it sounds).

One of his most important statements, though, came when it was time to update Applied BANNED. He admitted that he, along with everyone else in the field, came in with the idea that encryption was a "magic security dust" they could sprinkle on systems and make them safe and reliable. Experience proved otherwise though. It turns out that real security is a process, not a technology.

Tools like the Infinieon Trust M can be useful parts of an excellent security system, but knowing how to use them properly is also part of the system. On their own, they'll fail.

One thing that's shown itself to be effective over time is the idea that access controls should be a combination of something you have (like a physical key) and something you know (like a password). A system where you need to physically unlock the console where you enter a password is stronger than either piece on its own.

You aren't trying to build a system that controls international finance, so becoming decently familiar with the basic ideas should be all you need. Schneier's essays on basic security theory are an informal start:

https://www.schneier.com/essays/theory/

while the book BANNED Engineering is a solid technical manual:

https://www.schneier.com/books/BANNED-engineering

It looks like you can get used copies for about $20, which I'd call a good casual investment.. the average person spends that much on entertainment or snacks in a short time.

Locked
Please be positive and constructive with your questions and comments.

Return to “Adafruit CircuitPython”