project idea: portable password safe

Werner Almesberger werner at
Mon Sep 9 07:04:53 EDT 2013

Felix wrote:
> I remember to see Pass-Pal some time ago, and though.. hey, what a great
> idea!! but then realize that you need a pc program, so is BIG breach...

Indeed. Of course, in the case of traditional passwords, you can
always use the PC on which you're replaying the password, since a
keylogger would catch that anyway.

This wouldn't work for things that never see a PC, e.g., ATM PINs
or challenge-response passwords/passphrases.

For setting a local PIN, the interface could be kept simple.

> batteries are cheap, environment friendly (more than button ones) and have
> more than enough energy for months (or years).

What I really hate about them is their acid. The sooner or later,
it'll come out and foul up your circuit.

> Entering data: if you put a MCU with usb host capabilities, you can connect
> directly a keyboard!!

Hmm yes, just plugging in a regular keyboard as "secure keyboard"
for setup/management tasks might be a reasonable compromise.

> Screen: 10x2 screen with backligth would be more than enough (rotating long
> text of course), so the device size would be kept small.

Or, better: an OLED. They're dirt cheap these days. And there's even
a fab in China that has figured out how to please us lazy Western
developers, with data sheets, and even offering matching connectors:

Meanwhile, I did some thinking in the direction of a device without
keyboard, without USB host, and without dongle bay, but still with
the other features.

Block diagram:

"Pwr" is the magic device that figures out where to take power from,
in the configuration shown, it would be either from the battery or
from a USB Vbus regulator built into the MCU.

The voltage of the boost converter for the LCD depends on what the
panel wants. E.g., I have my eyes set on the ER-OLED013-1 (1.3",
128x64), which has a built-in DC-DC converter, but apparently they
found it too weak, so the external supply would have to be 12 V.

If the internal converter is sufficient, 3.3 V would do, which could
then also be used for the memory card. Not sure if the memory card
would be happy with just the battery voltage.

The idea of using a rotary encoder for input kinda grew on me. I
first thought of the one that's coplanar with PCB (EVQWKA), but
the iPad-style encoder may actually be more convenient. It should
also be more comfortable to "dial" an item than to hammer a "next"
botton a dozen times.

The LED would be lit when the safe is open, especially when the
display is off. And, of course, it'll be of great use for debugging.

And this is what the critter could look like:

This is just an XFig doodle, not a proper CAD drawing. So there may
be mistakes in the dimensions.

The size is mainly determined by the dial, the display, and the
space/clearance the RF antenna needs. This assumes a reuse of the
PCB antenna used in atben/atusb. There are also chip antennas that
are a bit smaller, but they still require significant open space.

I put the battery next to the dial because there should be a bit of
room under the dial for components, which makes it a good location
for, say, the boost converter. Components would also go under the
LCD, in the area marked as "spacer".

The 128 x 64 display is quite large. but that should make the
device look nice. One of the smaller OLEDs (e.g., 128 x 32) may
already look a bit lost on that surface.

Dimensions may be too optimistic by a few mm, but hopefully not too
far off. The uSD holder would be the push-pull type.

Heh, I just realized that it looks almost like my Samsung X830 ;-)

Display alternatives would include a smaller OLED (at the risk of
looking less sexy), or a ~1.5" RGB. There's a lot of them out
there. Alas, they'd make the device even larger. E.g., the
Varitronix COG-C144MVGI-08 Digi-Key have (and that even at a
resonable price, unlike most of the rest of their displays) would
grow the device from 28-30 mm to at least 38 mm.

- Werner

More information about the discussion mailing list