add asks and dr kandah

2025-03-27 17:29:10 -05:00
parent 843563fb0c
commit 242d23fe65
3 changed files with 204 additions and 148 deletions
--- a/tabletop-discussion.md
+++ b/tabletop-discussion.md
@@ -26,4 +26,48 @@

 ### nKode Over Unencrypted Channel
 - TOTP
- DARC
+- DARC
+
+### Discussion Outcomes:
+
+#### Attacks and controls
+| Attacks                 | Controls                                                                       |
+|-------------------------|--------------------------------------------------------------------------------|
+| Screen Recording Attack | Split shuffle/more icons per key than keys                                     |
+| Exfiltrated DB          | Physically separated keys and icons, partial or full encryption, nKode renewal |
+| *APT                    | *Don't wait for garbage collector, manage timeouts                             |
+| Phishing                | Dispersion Resistant Keypad, nKode policy, passkey protected keypad icons      |
+| *MiTM                   | TLS, *TOTP shuffle, *DARC                                                      |
+*not implemented yet/needs another look
+
+#### asks for Dr. Kandah
+
+- Evil nKode screen watching/key replay
+    - Can we rig the shuffle in our favor? How long do we need to cache?
+    - shoulder surfing
+    - Keylogger resistance
+    - split shuffle is unbiased
+- Dispersion Attack/Phishing attack
+    - CAC/passkey protection for server stored icons
+    - is the dispersion algorithm unbiased?
+- validate the cipher
+  - validate the server-side values
+  - validate the relationship between the mask and the hash
+  - validate the renewal
+  - are these processes secure?
+- Minium amount of encryption needed
+  - Least encryption:brute force crack with plain text database breach
+  - Most encryption: everything is encrypted
+  - Is there an secure inbetween? what stays plain text what gets encrypted with HSM?
+  - How long does it take to brute-force with plain and what's gained?
+- how often does nkode need to be changed if at all?
+  - if it does need to be changed can we roll the icons? can we start with 4 icons and add icons over time?
+- Low-bandwidth: how low can we go?
+  - TCP vs UDP
+  - Security of RX/TX without tls/encrypted channel
+- Hypothetical: Break the cipher keys onto different machines in different locations?
+- TOTP shuffle on client and server
+
+
+Other stuff:
+- unbiased icons/psychology