Hardware components | ||||||
 |
| × | 1 | |||
Software apps and online services | ||||||
| ||||||
I have always found it difficult to remember passwords and with the increasing demands on security, passwords are becoming longer and more complicated. To aid with the entry of passwords on any system, this project has utilised a USB-with-BLE development dongle from Nordic Semiconductor to emulate a HID keyboard that relays password info from a wireless device onto the cursor prompt.
Please watch the video to see this product in action. Note that, although the keyboard was used to enter the master password used to decrypt the credentials file, it was not used to enter the password into the target login page (polaris). The terminal displays the debug logs from the dongle which shows the use of a 16-byte encrypted token authenticating the user application.
The code can be found at p-dial8891/Prism.
ConceptThe USB-Bluetooth dongle behaves as a secure link between the smartphone (or any Bluetooth computer) and the target terminal.
SetupThere are two main components
1. The user application which maintains a database of passwords in an encrypted file (AES-128) and creates a BLE link with the dongle. The BLE connection is encrypted using level 2. In the repo, there is a webpage (webapp.html) that acts as the user application. A command line (cliapp_rs) version is also under development for use on linux based distributions.
2. The dongle firmware which uses the NRF5 SDK from Nordic. To compile and download the firmware you will need the programmer from NRF Connect for Desktop to download and the GCC compiler for ARM to compile. The mingw32 arm compiler can be obtained using the MSYS2 project.
UsageSee the steps to configure and use the firmware here.
DISCLAIMER: Attempts are being made to improve the security aspects of this project, but there is no warranty or guarantees as to the effectiveness of the measures taken and the use of the device is at the user's own risk.
Comments
Please log in or sign up to comment.