Skip to main content

Messages

This section allows you to view all Messages made by this member. Note that you can only see Messages made in areas you currently have access to.

Messages - ferdinandk

16
General discussion / Re: Driving 5v logic from 3.3v?
I like to use the Little Logic series from TI. They come in an easy to solder SOT23-5 package and are quite cheap. For your application the SN74AUC1G17 might be a good match (http://www.ti.com/product/sn74auc1g17). OnSemi and NXP also have single gates in small packages, which is great if you don't have much PCB area and need only a few gates.
17
General discussion / Re: Quick teardown of a "Samurai Watch"
Packaging is rather expensive, so they probably save a lot by using bare dies. My guess would be that for a simple semiconductor like an LED the packaging is more expensive than the actual die. Bunnie posted an article on what Chinese workers achieve with bamboo tweezers and a steady hand. Bonding does not seem to be that much of an issue after all.
18
Project development, ideas, and suggestions / Re: USB Password Manager
I finally came around to draw the schematic for the first version. The schematic is divided in three major parts: the microcontroller with support circuitry, the HW random number generator and the display. Next to the microcontroller is a serial flash for storing login credentials and a small joystick. The micro also outputs the signals required for the charge pump. The charge pump generates the high voltage required for the RNG. The noise signal from the transistor pair is amplified by a single transistor amp and fed into the comparator input of the micro.
The display is a small 96x16 pixel OLED with an SSD1306 controller. The supply voltage for the integrated charge pump is supplied via a simple two diode voltage regulator. The load resistor at the output of the regulator keeps the voltage below the maximum rating of the display when all pixels are turned off.

What do you think?
19
General discussion / Re: One more PCB fab house - Cheap stencils
[quote author="digistump"]While I haven't tested their PCB service yet - I just made the plunge for a big test of their store:

Reflow Oven AT-R1825 $299.99
DC Power Supply LW PS-1503D (0-15V/0-3A) $29.99
SMD Book R0402 $19.99
Multimeter Victor VC830L (U,I,R) $7.99 (can never have too many of these!)
Sub-Total:   $357.96
Express: 3-8 days, with tracking & insurance, dimensional weight (21.85kg):   $103.25
Total:   $461.21

I'll post an update when I get it - ordered last night, got a confirmation, but nothing else yet - of course it is now nearly the weekend there.[/quote]

Did you receive the oven yet? I've been playing with the idea of buying one since I found this store. Googl'ing didn't bring up any reviews, so I'm eager to hear your story :)
21
General discussion / Re: I just bought this, and you what did you buy ?
I recently got myself a signal generator, the Siglent SDG1025 to be exact. I am not sure how long Siglent has been around, but I had not heard of them before. However, they make some really nice gear. They even had a booth at Electronica.
So far I'm really happy with signal generator. It can generate sinus, rectangle, sawtooth, pulse and noise out of the box. It also has some preprogrammed arbitrary waveforms, but you can also generate your own. The software that comes with the device is ok, but not great. As waveforms are saved as CSV files, it is easy to generate them. I wrote a short script for this task and it worked flawlessly. I tried to measure THD and 50dB @ 100kHz was the best I got (this was the first time I worked with a spectrum analyzer, so the actual value is most likely better).
22
General discussion / Re: Truly Dangerous Prototypes you've worked on
I am working on a high-voltage signal generator for my university. It is capable of outputting a 20kHz, 400Vp-p square wave. The construction is modular, several modules can be daisy-chained for a higher number of output channels. After touching one of the caps on the high voltage side shortly after turning off the power supply, I realized the importance of bleeder resistors :) Shown below is a picture of the prototype.
23
Tools of the trade / Re: Group buy in Shenzhen?
Awesome idea, and if we can support DP by buying cheap tools it would be even better. Of course you wouldn't be liable for the tools, that goes without saying.

Participants living in the EU could also pool their orders and then split them up locally - shipping is usually inexpensive and customs are only paid once.
24
Project development, ideas, and suggestions / Re: LIDAR Jammer
As you are switching a (relatively) large load very fast, things like parasitic inductance and ESR have be taken into account. I would try to bypass each LED with an 10 or 100nF ceramic cap. And maybe add another 100nF in parallel to the 47uF output cap, just to make sure.
26
Project development, ideas, and suggestions / Re: Eagle PCB routing help?
[quote author="alanh"]5) The data sheet for your LDO recommends 2.2uF on the output side.  Your 10uF on either side actually violates the USB spec for in-rush current limit (max 10uF total characteristic capacitance).  Eliminate C13 and C10 for one 2.2uF or 4.7uF ceramic
[...]
7) The data sheet for your LDO also recommends a 470pF cap from BP to ground.
[/quote]

Great advice from Alan, thank you.
Just be careful about the bypass cap. You should increase the output capacitance when using a bypass cap. Also keep in mind the ESR of the output cap - it shouldn't be too small or the reg might start oscillating. So I would rather choose a tantalum or aluminium electrolytic cap.
I try to use 78-series regulator whenever I can, as they are cheap and work with just one 100nF ceramic cap at the output.
27
Project development, ideas, and suggestions / Re: USB Password Manager
[quote author="nickjohnson"]For randomness, have you considered generating analog noise? This may be a lot easier - for instance, with a diode junction - and you can amplify it, sample it, and take the LSB.[/quote]

That's the plan. Actually I will be using two transistors, with one connected in a diode configuration.

[quote author="nickjohnson"]Another thing to consider is the security of your flash. If you store the data unencrypted, anyone with a logic analyzer or bus pirate can extract the data. For that matter, if you don't require authentication, they can simply plug it in to their computer and browse it.

For the device as a whole, it seems to me that this is going to be rather hard to work with. Using the UI while it's attached to a USB port will be awkward, and entering site names using a dpad is likely to be an exercise in frustration.[/quote]

While you won't be able to plug the device in the PC and browse the database, there is nothing standing between the data and an attacker with physical access to the device. You are right about the problem with adding new entries, but that can be bypassed with a PC side app that communicates with the micro via HID or CDC. Judging from the LUFA demos it shouldn't be too hard to implement a device with two USB interfaces (e.g. HID and CDC).

The approach of just decrypting the passwords outside the PC didn't appear to me, but sure is quite elegant. However it's not as much fun as adding a display and hw RNG :)
28
Project development, ideas, and suggestions / Re: USB Password Manager
[quote author="honken"]I still have problem to make some an IF-statment into "BTSC" without some in-lineing. Without it there will be timing attacks on the key generation (there's still the power consumption attack, but I don't see any way out of that without going into preemptive multitasking with a dummy thread)[/quote]

To protect a device like this against advanced attacks like a timing attack is way out of my league. So I won't try, at least not for the first revision of the firmware.
My plan is to store the user credentials in plain text files stored on the flash chip. For this to work the flash will be FAT formatted. I can then access it from the PC like a regular USB flash drive, which makes importing and exporting the data really easy - although that won't be possible when the regular firmware is programmed (for obvious reasons). The level of security I'm aiming for is comparable to a piece of paper with all your passwords on it, but with the comfort of not having to type them yourself. So if an attacker has physical access to the device he can easily extract the data.
But that will be subject to change, as once the system is working it should be easy to implement some kind of encryption for the password files.
29
Project development, ideas, and suggestions / Re: USB Password Manager
[quote author="honken"]Yes it's simple, but it's not an efficient use of the scarce resource of entropy.
You should at least look into implementing MD5 or AES, it's fun and you use every last bit of entropy (pun intended).

http://http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html[/quote]

It might not be efficient, but I reckon I won't need a lot of the available entropy.
The stick figure guide to AES looks fun - however I'm not sure if implementing AES in a micro is my cup of tea...
30
Project development, ideas, and suggestions / Re: USB Password Manager
Thank you for the links. I had an in-depth look at the Whirlygig, but in the end decided not pursue this approach any further. The reason being the price of the XC95288XL. It costs about 18 USD in single quantities (in TQFP144 package) and that is just too much for this kind of gadget. And although I can't find the link anymore, there are some randomness elitists complaining about the quality of entropy generated by it. I'm not an expert on that topic, but I'd rather implement a hw RNG of doubtful quality for 1 USD than a slightly better one for 18 USD. In the comments to the Hack-A-Day post about the Whirlygig I found a link to the Entropy Key website (http://www.entropykey.co.uk/) and it also uses a reverse-biased PN junction. So the method seems to be proven.

Using a 555-timer might be a solution, but as with the Whirlygig the randomness of the generated data is doubted. And I really like the two transistor method much more - but I also like building DC-DC converters, so I might be biased there. However in the comments of the Hack-A-Day article I found a link to the Arduino Entropy Library (http://code.google.com/p/avr-hardware-r ... AVRentropy), which seems to be well tested and can be implemented with no cost at all. I will give it a try over Christmas holidays, although the final circuit will likely include an (optional) hw RNG.

[quote author="honken"]Even if you find some entropy source to use, you should whiten/de-bias it anyway. Preferably with a cryptographically strong pseudo random function.[/quote]

I plan on using the von-Neumann method, as it's very easy to compute.

( ! ) Fatal error: Uncaught exception 'Elk_Exception' with message 'Please try again. If you come back to this error screen, report the error to an administrator.' in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
( ! ) Elk_Exception: Please try again. If you come back to this error screen, report the error to an administrator. in /var/www/dangerousprototypes/forum/sources/database/Db-mysql.class.php on line 696
Call Stack
#TimeMemoryFunctionLocation
10.01682450240session_write_close ( )...(null):0
20.01712581864ElkArte\sources\subs\SessionHandler\DatabaseHandler->write( )...(null):0
30.01712582640Database_MySQL->query( ).../DatabaseHandler.php:119
40.06252721400Database_MySQL->error( ).../Db-mysql.class.php:273