Hello there,
We have some goals with our LOK-IT hardware encrypted key..You can check it here :
http://www.lok-it.net/ .PIN pad is used to unlock key ,there is no any additional software.Here are specs of requirements :
Premise:
This USB Stick has no application software inside. To unlock the key, the user must insert a pin by the embedded pin-pad. The key hangs after power loss. When the user unlocks the key the computer sees it as normal USB key but there’s the possibility to create partitions inside the key. The usb stick already has a wipe function integrated when the user digits a wrong pin for ten times.
Functionalities to be implemented:
• Create a start screen before OS boot with a password request. The password request it is a unique text field, but the user can insert three different passwords: OS boot password, wipe password and restore password. The first boot of the key must contain three default passwords:
• OS password: admin
• Wipe password: wipe
• Restore password: restore
There will be the possibility for the user to personalize those three passwords.
• Insert Ubuntu 10.04 as a persistent live CD with italian language. The key must keep the user configurations. The OS has to work in live modality so without check the machine hardware.
• Create a wipe function procedure. Wipe has to start with a specific password inserted during the boot phase of the key. Wipe function must clear the key, destroying all the partitions and what’s contained inside.
• Create a OS restore function: the restore function must recreate the factory status of the key. Restore has to start with a specific password inserted during the boot phase of the key. After the restore, the key reboots, starts with a new OS copy and all the user data and custom applications have to be deleted. When the user restore the key the custom three startup password must not be resetted. The user has to use the
password he chose.
Special functionalities to be implemented:
• When the user unlocks the key and inserts it on a running OS the key partitions must
be hidden. At least on a windows system.
• You must create a system that blocks unwanted copies of the key. Our idea is to create a script that run when startup screen is loaded. This script check the hardware id or serial number of the key and compares it with a specific code saved inside the key. If at the startup this last code does not exists the system ask the user to insert it. This code is created by a php script in our website: our script take the hardware id or serial number of the key and calculate a code using a specific algorithm. When the user inserts for the first time the activation code the script of the key compares in the same way the two codes, if it is correct saves it on the key. From the second boot and so on, the script recall the algorithm with the saved code and the hardware id or key serial. If the code is wrong or missing the user can’t use the key.
At the moment I dont need to relize activation and algorithm,but I uploaded attachment with algorithm pseudocode and documentation.If someone can say what is possible what is not it would be nice.Or if someone can help me a little bit more please add me to skype:
aleksandar.veselinovic.805