Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ESP32 implementation #148

Open
hadmut opened this issue May 11, 2024 · 0 comments
Open

ESP32 implementation #148

hadmut opened this issue May 11, 2024 · 0 comments

Comments

@hadmut
Copy link

hadmut commented May 11, 2024

Hi,
that's not a bug report, that's just a christmas wish.

Tang servers usually suffer from two particular problems:

  • they are running on regular machines with regular operating systems and usually other tasks, and such can be hacked even if the tang server itself is hacked.

  • tang runs on a regular computer, and if an encrypted machine with a clevis client is stolen, probability is high that both machines are stolen together, and since the machine with the tang server tends to boot independently for bootstrapping the net, a thief/spy can resemble the network with stolen devices and make them boot and decrypt their disks / recover the key.

Therefore, would be nice to have tang running on an ESP32 microcontroller. There's extremely small modules available that can easily be hidden anywhere, where 5V or 3.3V are available, and connect to the router through Wifi, making it much more difficult to spot and steal them.

ESP32 controllers do have a bunch of security and crypto features, and seem to be a good base for this kind of task.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant