password safe (was Re: ACM TechNews, Wednesday, August 24, 2011: Pico authenticator)

Werner Almesberger werner at
Wed Aug 24 15:29:56 EDT 2011

Wolfram Kahl wrote:
> Could A Crypto-Computer in Your Pocket Replace All Passwords?

Nice idea, also the possibility to authenticate the entity
requesting the password. (The real challenge is how to make
this authentication stick in practice such that it's not
vulnerable to man-in-the-middle attacks. You could rely on
your browser's certificates, but ...)

The Ben could also be a nice password safe. It's small,
chaste by nature, and it would enjoy the security you get
through relative obscurity.

Passwords that are cryptic or long and thus hard to type
could be sent over WPAN, to an atusb programmed to act as
USB keyboard, with appropriate encryption between Ben and

In my opinion, prerequisited to turn this into a properly
mass-marketable solution would include the ability to
simplify and customize the keyboard (e.g., while you may
have use for certain function keys, a consumer device
marketed as a password safe would not name them F1
through F8), to integrate the communication, and probably
also to add some safeguards to the device itself to
protect it against compromises once the safety of
obscurity goes.

This idea isn't new. It was about the first thing I
though of it when I saw the Ben for the first time, and
also other people have mentioned it from time to time.

Alas, to really pull this off, we still need more design
control than we currently have. That shouldn't stop anyone
from writing a password safe for the Ben as a proof of
concept, though.

- Werner

More information about the discussion mailing list