Rietta: Web Apps Where Security Matters
You are reading The Rietta Blog, a publication about the web since 2005.

Raspberry Pi Crypto Key Management Project!


A few months ago I bought a Raspberry Pi B to experiment with, but sadly my day job as a Ruby developer keep me busy enough that it just sat on the shelf unused until this last weekend. For those not yet in the know, the Raspberry Pi is an excellent little complete computer system on a small circuit board that uses very low power and looks like this:

My Raspberry Pi booting for the First Time!

It’s GPIO support means its especially good for projects involving interoperating with physical devices.

However, I have a different idea for my first project. I intend to configure it as a dedicated offline key management system with OpenPGP (via GnuPG) and an SSL Certificate Authority setup for air-gapped operations! The device appears to have a hardware real random number collector and others have posted projects about wiring up electronics to pick up randomness from the environment, something that regular computers do not typically support.

Maintaining an air gap does not remove all attack risks, but it significantly changes the threat model faced while carrying on primary secret key management practices.

I will keep you all posted on the outcome of this project, but it should be a lot of fun and a sub $100 setup capable of managing crypto keys separate from an internet connected system will be a huge win!

About Frank Rietta

Frank Rietta's photo

Frank Rietta is a web application security consultant, software developer, author, and speaker. He is a computer scientist with a Masters in Information Security from the College of Computing at the Georgia Institute of Technology. He teaches about security topics and is a contributor to the security chapter of the 7th edition of the "Fundamentals of Database Systems" textbook published by Addison-Wesley.