encryption password-PIN input device not interceptable by keyloggers

Discussion:

(too old to reply)

Luca Villa

2007-12-30 16:03:16 UTC

Does an IDE-to-IDE or SATA-to-SATA encryption device exist that use a
dedicated direct (non keyloggable) device for password/PIN input?

I mean an input device like this: http://www.rocstor.com/Products/rocsafepx.html
for a encryption system like this: http://www.enovatech.net/products/mx_info.htm
(still not in a commercial product?)

Luca Villa

2007-12-30 16:21:41 UTC

Permalink

Post by Luca Villa
I mean an input device like this: http://www.rocstor.com/Products/rocsafepx.html

Also see this input device: http://www.enovatech.net/products/reference/secureusb_pro.htm

Vend

2007-12-31 03:11:58 UTC

Permalink

Post by Luca Villa
Does an IDE-to-IDE or SATA-to-SATA encryption device exist that use a
dedicated direct (non keyloggable) device for password/PIN input?
I mean an input device like this:http://www.rocstor.com/Products/rocsafepx.html
for a encryption system like this:http://www.enovatech.net/products/mx_info.htm
(still not in a commercial product?)

It doesn't seems to me a very clever idea: it would be fairly easy for
someone with physical access to hardware to add tap the data in
transit on the unencrypted end of the device.
Better to do all the encryption in software, IMHO.

Luca Villa

2007-12-31 14:42:47 UTC

Permalink

Post by Vend

It's true the opposite.
If we consider hardware tapping, every software encryption can be
broken more easier because the hw devices to intercept the keyboard
are broadly on commerce:
- http://www.spyequipmentuk.co.uk/index.php?main_page=product_info&products_id=119
- http://www.keyboardco.com/keyboard_details.asp?PRODUCT=481
- http://aspyshop.com/shop/catalog/product_info.php?products_id=375

While you can't say the same for devices that incercept proprietary
password/PIN input devices. Furthermore, being these input devices
more little than the keyboards, it would be more difficult to make not
noticeable interceptors.