crypto private keys

voidstar · Post by **voidstar** » Fri Mar 04, 2022 5:12 am

Anyone got thoughts on vintage PCs for crypto private keys?

They're not (usually) networked [irony, in contrast to my other thread!] so that's a plus.

Floppy media isn't reliable (well, IMO). Did I read correctly the X16 will support a tape? (basically Commodore-ish ROM and user-port?). The ROM itself is enough to have some sort of load/save capability, without any kind of OS.

Parts and reliability of actual vintage machines is one issue, you really don't want to lose those keys. Paper obviously can burn. But anyway, basically couldn't any vintage system basically be a Ledger Nano S type device? (cold storage)

A "simple" non-FPGA device, with documented and obtainable components - maybe that's (another) good reason for a "modern" vintage system?

Justin Baldock · Post by **Justin Baldock** » Fri Mar 04, 2022 6:23 am

I think you may have mis-read. It is hoped to support the IEC connector which will allow the Commodore serial floppy drives, eg the 1541s etc.

voidstar · Post by **voidstar** » Fri Mar 04, 2022 11:42 am

Probably so - not that anyone would actually use a tape deck, but: (a) the tape interface could be emulated with a different device that had storage, but didn't literally use a rolling tape media - but still used the simple "header" and tape-data format (maybe not as easy as it sounds, since such a device would need to support at least 44khz encoding of an audio signal??), and (b) depending on how similar it is to the original Commodore ROM, there is space (addresses) reserved for tape buffers (I can't recall the size, maybe about 300-600 bytes for both of the two tapes?). Maybe this portion of the code could be extracted and replaced with some networking code -- however, the whole point of "cold storage" is to be separated from a network.

TomXP411 · Post by **TomXP411** » Fri Mar 04, 2022 10:44 pm

There's really no benefit over using a "retro" computer for storing data, including encryption keys. The Commander is intended to use an SD card for storage, and that same media can be used on a PC, smartphone, or Raspberry Pi. More to the point, getting large public or private keys into the system would still require connecting to another computer. So an airgapped machine with only a single port for storage is really not ideal for use as a key vault. At the very least, you'd need a storage medium and a USB port or other removable storage connector.

The Commander X16 will feature an IEC port, which could be used with something like an SD2IEC... but for performance reasons alone, that seems like a step backward. I'd much rather just set up a small Pi based workstation as a key vault.

CallieLong · Post by **CallieLong** » Thu Dec 29, 2022 1:25 pm

I don't think vintage PCs are suitable for private crypto keys. Tradings require large warehouses of powerful mining machines. Also, a vintage PC isn't reliable and robust enough. I would instead use a good tool on my phone to manage all my funds. Btw, this is what I currently do. Due to https://fbs.com/trading/mobile-personal-area facilities, I can access my data involved in trading from any place around the globe. It's very convenient and safe. With the info arranged concisely and comprehensively, my daily deals are simple and profitable.

neutrino · Post by **neutrino** » Thu Dec 29, 2022 9:36 pm

At least the original MOS 6502 is unlikely to have a "secure domain" processor like:

Intel: https://en.wikipedia.org/wiki/Intel_Management_Engine

AMD: https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor

ARM: https://en.wikipedia.org/wiki/ARM_architecture_family#TrustZone

And so on..

So in essence the very CPU on a modern system will rat you out.

Modern computerized phones ie "smartphones" are really dumb from a security perspective. The radio air interface DSP can in many cases be reprogrammed over the air. The main CPU is vulnerable due to the intimate (DMA) connection to the main CPU. Which in turn have "secure domain" CPUs builtin into the chip die. Peripheral chips may hide additional vulnerabilities. The boot strap usually dictate by signed-boot what OS that will be permitted. Ie an OS from a manufacturer that have software that weaken any security the user might have setup.

So yes an old system may have its perks. If you wish to read and write secure messages. There's unlikely to be back doors. However EMI might be very telling so a metal box project with RF filters on all connections might be suitable. It's also recommended to use a flatscreen with digital connection and send random data on the LSB. Analog video is easy to receive from a distance.