Fun With Building Dedicated Encryption Devices

Sabu Model100


With the advancements in technology in relation to being convenient has also created major issues for privacy. Major threats as of late have been reliance on smart phones, drive by exploits, emergence of the cloud, and Windows 10. Something as simple as clicking a link can mean total destruction of security leading to major privacy breaches as well as opsec. There was a simpler time where the majority of these threats did not exist due to the lack of attack vectors created by convenience, which in part inspired some of the choices for this project with the usage of old hardware.

Model100 Replaced Battery

Explaining Hardware Choices

The idea was to make something with a keyboard that would have a very low attack vector and ideally have none. I was looking a lot into prototyping and building a small microcomputer in the beginning based on possibly an ARM, 8085/8080, or even a Z80. The issues were that this would take a lot of time to do, it wouldn’t be easily accessible due to the skill required to build it, and it could get pretty expensive.

There is still available a mass amount of cheap easy to acquire vintage microcomputers and gaming devices I could easily take advantage of. This would solve the biggest problem I could see for practicality, which is accessibility. The Model 100 hardware and design is very ideal and easily fully exploited for this project. The keyboard has a nice feel and this was probably why it was so widely used for it’s simple word processing capabilities, from journalists writing stories to student usage in schools. You can also get them for around $100 USD and even less for ones in heavily worn condition easily off eBay. A big bonus is ease of software distribution as you can the load software onto it by playing a mp3, a cd, or go all out with an original tape deck.

I have decided to go with usage of the Tandy TRS-80 Model 100 computer for a variety of reasons, all of which I have explain here. The most obvious and first criticism I can think of for using such old hardware is why not use a Raspberry Pi or an Ardruino? Well, idiots use those, and I am not an idiot.

Ardruinos are mostly for the know it all who want a gold sticker they can program a microprocessor without any real need to truly understand the hardware or how it works. The entire some of their knowledge can be summed up as a few pretty graphs, a flow diagram, and digitalWrite(1, HIGH).

Using a Rasbery Pi would be even more uninteresting, very much like watching an ice cube melt. It would also defeat the purpose and go against the core inspirations of this project by having an operating system striving to be Microsoft Windows Hipster Edition. Link a few libraries, call SuperSekretEncrypt(“I LIEK CAKE”), and celebrate you are An Hero.

Model100 Case


The practical implementations of this project, in particular how two units would communicate, inspired much thought. At present I only see 3 possible mediums that could be implemented minus the very obvious manual keying everything in the keyboard like an 80s version of the German Enigma.

The first and most amusing solution is to get one of those mobile wireless modules that you put a SIM card in. The serial port of the Model 100 could handle communicating with one to send text messages with little effort via AT Commands. The issue with this is it could easily be tracked, monitored, and give a variety potential opsec failures.

The second solution would to use it very much like it was intended to be used with a bit of modernization for cell phones. There is a built-in and rather slow modem that could easily be connected to a headset jack. It’s possible to use a phone coupler on a pay phone to recreate the famous scene from the movie Hackers. I’d imagine would raise a few eyebrows if anyone saw you connect an ancient yellowing keyboard to a phone. This would suffer from the same issues as the first in relation to using some kind of phone.

The third solution I have opted to do and I have saved for last on this list. It seems the most practical to simply connect the Model 100 up to a modern computer using a USB to serial adapter. This will allow easy transfer of encrypted text from the Model 100 to the computer and vice versa. Making a null modem adapter requires little skill and fits into the practical implementation aspect of this project. You can buy commercially available adapters to further simply this. Connect cable, start terminal software on a modern computer, type your message, push a function button for sending, and copy the output from the terminal software on the modern computer into whatever communication medium you want. Decryption would be pushing the decryption function button, pasting the message into the terminal followed by an indicator like a double return to indicate end of said message, and read the message on the screen. This is a simplification of the steps involved as obviously it is a good idea to protect the private key with a symmetric encryption algorithm requiring a password among other standard practices for public key encryption.

The details of the encryption implementation I have not fully decided on as of yet. There will be the obvious public key encryption implementation of RSA and/or Diffie-Hellman coupled with a symmetric encryption algorithm. The three that come to mind that are practical in the restrained environment is skipjack, RC4, or a variant of TEA, specifically XXTEA. The thought of using skipjack kind of amuses me considering the history and it’s originally intended purpose. RC4 would be the easiest to implement, having the fastest encryption times, with flexible key lengths without resorting to encrypting already encrypted text a few times. Due to the key being randomly generated on each message it will not suffer from some of the common vulnerabilities we all know and love when they decided to use it in WEP. It can be susceptible, however, to a kind of plain text attack that could compromise parts of it’s keystream which kills it’s usefulness sadly for text communications.

The most important and critical requirement is a proper CSPRNG. Without this implemented properly it is essentially as good as having no encryption at all, or well at the very least, using a caesar cipher with a pen and paper. So how is it possible to get decent random numbers good enough for cryptology on hardware with no reliable random seeding? Well, we can take this further than just pseudo randomness, you build a TRNG obviously! (Dice not included) Welcome to the theory and implementation of very random seed source of zener diode avalanche noise. There is a few ways of making a true random number generator but this method is the easiest and most practical to build unless you want to go into messing with radioactive materials giving yourself a nice glowing touch. As strange as this may sound, there was an optional barcode reader with a corresponding connection port for the Model 100 which looks to be perfectly usable for connecting our TRNG up to.

Give me money

As you can imagine, this project will cost and has cost some money. I will be working on this project, regardless of any donations, to completion detailing specifics of building and programming in future blog posts. As I am putting all this information out in the public to benefit everyone, I would give the option of letting anyone that feels like contributing via funding some of the costs or just wants to give me money because I am Godly, can do so.

Bitcoin Address: 1Hbg26e7RRaguVG2ZuDZWMvGVWGfSykVCe



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s