katlogic · August 29, 2015 14:02
diff --git a/gistfile1.txt b/gistfile1.txt
 +-- RxM -----------------+
 | Laptop                 |
 |   /|\                  |
 | RxAVR<-TRNG            |
 |    +----< OC <---ADAVR <--SID<--[ untrusted pc ] (browser?)
 +------------------------+       /|\
                                  |
 +-- TxM --------------------+     |
 | PS2 keyboard + power      |     |
 |   \|/                     |     |
 | TxAVR<-TRNG               |     |
 |    +----> OC >-- HIDAVR --> USB HID+
 +---------------------------+

 RxM is tempest-proofed laptop, input: Airgap SID
 TxM is tempest-proofed PS2 keyboard, output: USB HID

 SID: Suitable Input Device - audio or light? must be possible to emit via JS from browser on PC with no special software other than default windows install.

 Both have AVR/TRNG/OC built inside tempest-proof chassis.

 RxAVR, TxAVR, HIDAVR - http://www.obdev.at/Images/vusb/circuit-zoomed.gif
 TRNG: http://robseward.com/misc/RNG2/ 
 ADAVR: Has to decode SID signal somehow

 Probably build prototype using Arduino boards first, then minitaturize to fit normal-looking laptop chassis /
 external keyboard.

 Assuming design like http://i.imgur.com/3luPKrm.jpg + epoxy is used, it should all fit.

 TBD: Work out details of OTR, as it stands it is probably not practical to run one on 8bit AVR. PK possible.
 TBD: Details of SID D/A for RxM mic? Isn't audio kinda tough? But how can laptop safely receive one-way signal
 from coffeeshop pc?

 Not using TOR is intentional, untrusted PC is assumed to be whatever is available at the moment
 and data are sneaked using regular browser. Connections to TOR guards are usually not desirable
 under that scenario.

 Alternative 1, assuming SID needs to be some sort of airgap anyway, the diode behavior is natural.
 Stuff can be optimised:

 +-- RxM -----------------+
 | Laptop <-TRNG          |
 |   |                    |
 |   +------------<------SID<---(untrusted pc)
 +------------------------+

 This also gives us much more room to properly decode SID (much easier on desktop system than on a tiny 8bit MCU).

 Alternative 2, using keyboard as TxM might be cumbersome, this may work too:
 +-- TxM --------------------+
 | Laptop <-TRNG             |
 |    |                      |
 |    +----> OC >-- HIDAVR --> USB HID->(untrusted pc)
 +---------------------------+

 TRNG is assumed to occupy some unused D/A input of mobo (line-in/mic?).
 OC + HIDAVR is necessary (HIDAVR is powered via hid of uPC).
	+-- RxM -----------------+
	\| Laptop \|
	\| /\|\ \|
	\| RxAVR<-TRNG \|
	\| +----< OC <---ADAVR <--SID<--[ untrusted pc ] (browser?)
	+------------------------+ /\|\
	\|
	+-- TxM --------------------+ \|
	\| PS2 keyboard + power \| \|
	\| \\|/ \| \|
	\| TxAVR<-TRNG \| \|
	\| +----> OC >-- HIDAVR --> USB HID+
	+---------------------------+

	RxM is tempest-proofed laptop, input: Airgap SID
	TxM is tempest-proofed PS2 keyboard, output: USB HID

	SID: Suitable Input Device - audio or light? must be possible to emit via JS from browser on PC with no special software other than default windows install.

	Both have AVR/TRNG/OC built inside tempest-proof chassis.

	RxAVR, TxAVR, HIDAVR - http://www.obdev.at/Images/vusb/circuit-zoomed.gif
	TRNG: http://robseward.com/misc/RNG2/
	ADAVR: Has to decode SID signal somehow

	Probably build prototype using Arduino boards first, then minitaturize to fit normal-looking laptop chassis /
	external keyboard.

	Assuming design like http://i.imgur.com/3luPKrm.jpg + epoxy is used, it should all fit.

	TBD: Work out details of OTR, as it stands it is probably not practical to run one on 8bit AVR. PK possible.
	TBD: Details of SID D/A for RxM mic? Isn't audio kinda tough? But how can laptop safely receive one-way signal
	from coffeeshop pc?

	Not using TOR is intentional, untrusted PC is assumed to be whatever is available at the moment
	and data are sneaked using regular browser. Connections to TOR guards are usually not desirable
	under that scenario.

	Alternative 1, assuming SID needs to be some sort of airgap anyway, the diode behavior is natural.
	Stuff can be optimised:

	+-- RxM -----------------+
	\| Laptop <-TRNG \|
	\| \| \|
	\| +------------<------SID<---(untrusted pc)
	+------------------------+

	This also gives us much more room to properly decode SID (much easier on desktop system than on a tiny 8bit MCU).

	Alternative 2, using keyboard as TxM might be cumbersome, this may work too:
	+-- TxM --------------------+
	\| Laptop <-TRNG \|
	\| \| \|
	\| +----> OC >-- HIDAVR --> USB HID->(untrusted pc)
	+---------------------------+

	TRNG is assumed to occupy some unused D/A input of mobo (line-in/mic?).
	OC + HIDAVR is necessary (HIDAVR is powered via hid of uPC).