I got to choose any security-related project I wanted for my CPE 321 (Intro to Cybersecurity) final project. So, I chose to make a hardware password manager on a Raspberry Pi!
I implemented it in a total of about 15 hours. It was a very interesting project covering lots of topics:
- USB Human Interface Devices (HID) - I had to pore over the USB HID spec to implement the password keying.
- SystemD and Linux Init - I learned about the different targets and where to stick my own services. I also researched ways to implement my own init process for a v2 of this device.
- Encryption and Key Derivation - I learned more about bcrypt and AES and how to store stuff securely.
- Hardware and physical security - It turns out that hardware security is kinda hard and there’s lots of ways to hack this device!