Cherry’s Secure Board 1.0 Encrypts Every Keystroke & Has Smart Card Reader
by Anton Shilov on December 3, 2019 10:00 AM EST- Posted in
- Peripherals
- Keyboard
- Security
- Cherry
- Secure Board
Security is one of the primary concerns for many organizations these days, so makers of hardware and software have been responding in-kind with new security features baked into their products. To that end, Cherry has introduced a new keyboard that has a smart card reader and can encrypt every keystroke to prevent keylogging.
The Cherry Secure Board 1.0 is a classic looking black or white keyboard with inexpensive rubber dome switches (which Cherry calls LPK) that has an integrated Class 2 reader for ISO 7816 and ISO 14443 A/B-compliant smart cards as well as cards/tags with an RF/NFC interface. Such cards and tags are used by various government and corporate organizations to identify their employees using hardware means and control their access levels and actions. The board is FIPS-201 compliant.
The key feature of the Secure Board 1.0 is support for Secure Mode that verifies authenticity of the keyboard to its host PC with a special certificate and encrypts every key stroke when used in Secure Mode. According to Cherry, Secure Mode protects against BadUSB attacks, yet it does not explain how exactly other than saying that it blocks 'the standard keyboard channel'. At any rate, since Secure Mode encrypts every keystroke, it should make it impossible for keyloggers to intercept sensitive data and/or passwords.
At this point, we can only speculate how Secure Mode works: it might prevent the OS from getting 03h (human interface device) descriptor from devices without a special certificate and thus infect the PC with a virus by executing preprogrammed keystrokes and/or running certain applications. Alternatively, it might prevent the OS from recognizing any unencrypted input from a keyboard.
The biggest limitation with Secure Mode at the moment is that it currently works only with clients running Linux, while Windows support is still under development. This pretty much limits usefulness of Secure Mode to a handful of corporate desktops, but considering the fact that Cherry is a German company and Linux is widely used in Germany, it's not as problematic as it may first appear for Cherry's home market.
Cherry has already started to sell its Secure Board 1.0 keyboards in Europe and the UK for €69.99 and £64.99 respectively. Versions with layout for Belgium, Germany, France, Italy, Spain, Switzerland, Nordic, and the UK are available. There are also black and white versions with the US layout (albeit with € symbol).
Related Reading:
- HP’s Endpoint Security Controller: More Details About A New Chip in HP Notebooks
- HP’s Security Push: Sure Sense & Endpoint Security Controller
- Synaptics' Next-Gen Fingerprint Sensor Security: The FS7600 Match-In-Sensor
- Synaptics Discusses Fingerprint Security and the Need For End-to-End Encryption
- Cherry Launches MC 4900 Mouse with Fingerprint Reader, 1375 DPI Sensor
- Cherry Announces the MW 4500 Mouse with 45° Palm Rest, 1200 DPI Sensor
Source: Cherry
24 Comments
View All Comments
JanW1 - Wednesday, December 4, 2019 - link
"How do you know that the software implementation on these keyboards isn’t horribly insecure?"By reading the source code. Look up "libsecureboard" on Github.
jordanclock - Tuesday, December 3, 2019 - link
No one needs to create boogeymen. There are boogeymen. There are a lot of them, in fact, and they are using every little opening they can find to get into systems.mooninite - Tuesday, December 3, 2019 - link
@Anton (OP), Linux is more widely used in commercial space than you realize. I encourage you to step out of your Windows cage and explore the free air. Talk to companies that make Real Things (eg. defense contractors) and you'll find they use Linux for not only backend but for front ends, too.brucethemoose - Wednesday, December 4, 2019 - link
I bet a significant chunk of professional programmers use Linux as their primary OS as well.drexnx - Tuesday, December 3, 2019 - link
>only works on Linux>still has a windows key
hmmmm
jordanclock - Tuesday, December 3, 2019 - link
Secure Mode only works in Linux, but the keyboard can be used as a regular keyboard on any operating system.GreenReaper - Tuesday, December 3, 2019 - link
I bet if you use Cinnamon's Windows 10 theme, it will work to open the Start menu: https://cinnamon-spices.linuxmint.com/themes/view/...rahvin - Tuesday, December 3, 2019 - link
You don't actually think the "windows" key has no purpose outside windows do you?CharonPDX - Tuesday, December 3, 2019 - link
I have to wonder about "encrypting each keystroke" though - statistical analysis can figure out what keys are actually being pressed if timing is recorded, too. To combat this, it would need to bundle multiple keystrokes and send them not in perfectly real time, which would be painful for all but the fastest typists.GreenReaper - Tuesday, December 3, 2019 - link
Ah, but if they type fast enough, it might be able to compress them and *increase* the bandwidth!