Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address Feedback from TockWorld7 USB Security Key Tutorial #48

Open
lschuermann opened this issue Jul 4, 2024 · 3 comments
Open

Address Feedback from TockWorld7 USB Security Key Tutorial #48

lschuermann opened this issue Jul 4, 2024 · 3 comments

Comments

@lschuermann
Copy link
Member

Participants have given us the following feedback on the USB security key tutorial hosted at TockWorld7:

  • More guidance would be appreciated on the libtock-c part of the tutorial, in particular compared to the Encryption Oracle part. Having explicit steps, more fine-grained milestones and an introduction to libtock-c's architecture and design decisions may help.
    • We may want to give background on Tock's systems calls and userspace/kernel separation, and it's async execution model a little earlier?
  • The Encryption Oracle is not giving enough background on AES, and how encryption and decryption works.
    • Illustrating the essential concepts using a simpler capsule would be better.
  • For the Encryption Oracle, the Grant type and userspace-/kernel-interactions are not particularly clear.
    • It may help if we provide a C header file that illustrates the API that the Oracle capsule will later expose to userspace.

I think that these are all good remarks, and we should address them before hosting the next iteration of this tutorial. We may want to brainstorm potential alternatives to the Encryption Oracle component here on this issue.
@bradjc
Copy link
Contributor

bradjc commented Jul 5, 2024

It would be helpful if we had a plugin for the book which would somehow differentiate expository text from tutorial text.

@bradjc
Copy link
Contributor

bradjc commented Jul 5, 2024

One thought would be to have the kernel portion implement the same hotp functionality but in the kernel. Userspace would still handle button presses but would just request the next code from the kernel.

@lschuermann
Copy link
Member Author

One thought would be to have the kernel portion implement the same hotp functionality but in the kernel. Userspace would still handle button presses but would just request the next code from the kernel.

Interesting idea! Slightly skeptical of that as

  • it somewhat goes against our intended separation of concerns with userspace and kernel,
  • dealing with the USB stack is not any more trivial than AES,
  • doesn't show how the kernel interacts with userspace (I think that's still something we want to show, but just needs to be explained better),
  • it's a bit redundant with the userspace part, which may not be great pedagogically.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bradjc @lschuermann