Hello,
I’ve been looking into an implantable RFIT chip for a while, and I think I am ready to get the xNT, but I had a couple of questions.
First, I intend to use the chip to store encryption key(s) for a few applications. My concern with this is that the keys data could be read by an attacker. I understand that this would require an attacker to have near-physical access to the implant, but it is still something I would prefer to avoid.
I read a post on read-only access ( Can my xNT be easily set to read-only?) and your response and am curious about the #3, password protected reads/writes feature. My understanding is that if I implemented this, and protected the encryption key reads with a password, then the following use case would be possible.
- Encrypt something on a computer (say a Bitcoin wallet) using a private key (pkey)
- Create an NFC password (pwd).
- Connect an NFC reader/writer to the computer and write the pkey to the xNT.
- Use the process outlined in the above post to make the xNT user-memory only readable with the pwd.
- Create a script that does the following:
A. Asks user for password
B. Interfaces with NFC reader/writer to send pwd to chip.
C. If authenticated, chip allows pkey to be read.
D. Send pkey to encrypted container (such as Bitcoin wallet)
Assuming good security on the machine, there are not any passive attack vectors here, correct? In order decrypt the vault, an attacker would need both the pwd of the xNT chip, and access to the chip itself. The only real weak point of this seems to be the reader, which could be modified to record the pwd as it is being sent.
I’m a software engineer, so the programming part won’t be difficult, but I’m a little new to encryption and NFC security features. Just want to rule out any obvious weaknesses for using the xNT for authentication.
Also, any recommendations on USB reader/writer that would work with both Windows and Linux?
Thanks,
Grim