The nature of engaging with a forum is that there will be different voices there. Some will like a project and be supportive, some will be indifferent, and some will have criticisms - sometimes constructive, but not always.

I think a problem with this thread is that it tackles three or four different ideas. I've said elsewhere that one of the currencies of a successful project is dedication, or focus. The business plan is one thing, the technicalities of encryption another, and the applicability of a 65xx CPU is a third. For this forum, it's that third aspect which should get the most useful and constructive response.

Maybe some forums are different, but here I advocate starting a new thread for a new topic or a new idea: if you have three ideas, have three threads. And give them descriptive subject lines. You can even update the subject line to clarify.

Having a thread about USB storage on a 65xx system could be useful. Indeed, we might already have one, in which case it could be updated, or summarised and updated. (Here we do like to see old threads resurrected, if the new comment is on-topic. Otherwise, we need to construct our own backlinks, which is extra work.)

The sour tone in the thread wasn't caused by mixing of multiple ideas in the one thread, something which makes searching topics difficult and is a pain for forum management, but doesn't upset the users so much.
There is very high probability, that even if separated into multiple threads, the conclusion of each thread would be similar, indicating something else.

The real problem with this thread was the elephant in the room that we must no speak of.

Upon re-reading my post it came off as more hostile than I intended. In my defense I was extremely tired and it ended up being much more of a rant than I originally intended, neverthless I aplogise for that. As I have said before, it is not my intent to stop you making your device, and to that end I have given and will continue to give practical advice. However, I also wanted to make it clear that if you're expecting this to be an actual mass-market product, there are many things you do not appear to have considered properly and Idealism, no matter how well founded, will not overcome those on their own. I guess my fundamental point there is that, at least in my opinion, this product is not mass-market, and the reason is not technical but societal, and society is much harder to overcome, and you should temper your expectations to match.

_________________
Want to design a PCB for your project? I strongly recommend KiCad. Its free, its multiplatform, and its easy to learn!
Also, I maintain KiCad libraries of Retro Computing and Arduino components you might find useful.

In other news, Hurricane Harvey is making a big mess of things.

Seriously, I would never discourage anyone from trying to find a new use for the venerable 6502 family. I'm sure there are plenty of tasks that need doing that a 65C02 or 65C816 can handily perform. However, in my opinion, "perfect encryption" is not one of them.

Although mathematically proved by Claude Shannon to be unbreakable (assuming care in protecting the shared secret), perfect encryption has no practical application at this time—the "one-time pad" is largely unused in digital communication, for a variety of reasons that I won't recapitulate. Encryption of E-mail text has dubious value, as techniques for protecting digital content while in transit already exist and are trustworthy. Almost any E-mail server can be configured to use TLS and reject connections that don't use TLS. If the transport mechanism is secure then the content is also secure during transit, even in the face of packet sniffing, and only needs protection at the origination and termination points.

Mr. Adrian's insistence to the contrary flies in the face of general consensus in the world of cryptology. Also, there doesn't appear to be any concerted effort at this time to intercept E-mail for nefarious purposes. Organizations who would be concerned about unauthorized interception of E-mail content will presumably have taken steps to protect that content.

As for the average user, I don't know about you, but none of my E-mail communication contains information that is of any known value to a third party. Therefore, I consider Mr. Adrian's "solution" to be one that is in search of a non-existent problem.

What I would like to see is a 6502 assembly language implementation of the DES algorithm. It may already exist, but I have not run across it.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!

I don't know, BDD... I think Jim comes from a victim mindset that people aren't successful in life because shadowy figures watch their every move and steal all their ideas. Who hasn't seen a fancy product come to market and think, "I thought of that 5 yeas ago!" Lots of people think about lots of things, but success comes from people who (through money or just plain force of will) act on those thoughts. Unsuccessful people don't think like that, though, they think they're idea was stolen and look to conspiracy types to agree with them.

Putting aside both my opinion of Internet Troll and Conspiracy Nut, let's look at the end goal and how to get there.

The end goal is perfect secret message transfer between two parties using a pre-shared 1TB flash drive full of true random data. Obtaining two 1TB drives full of the same random data is a challenge in itself. If you're a maximum paranoiac, you can't trust a commercial computer to generate the random data as the Minions of Orthodoxy (MoO) have infiltrated all PC, Macs, etc. at the firmware level. If you relax that constraint then you can use your CD collection, or download media, ISO files, music, video, tar files, or any other data from the Internet and XOR random samples of source data together and, eventually, you'll have an effective true random bit-stream. If you trust 3rd part true-random-number generator hardware, you could use that too... but MoO infiltration applies.

So once you have two flash drives containing the same data. Give one to your secret pal, and you're good to go.

Now you need a device on which to compose your secret "3 Minute Abs" business plan, so you can send it to your secret best friend, and that's where this thread really starts.

Your message device contains:
* At least one USB port; to attach your 1TB key flash disk, and later your message transfer flash drive.
* A keyboard interface.
* A display interface.
* CPU, RAM, ROM.

To avoid MoO key logging, the keyboard should be discrete mechanical (not USB). Obviously you can't use RS232 attached to another unsecured computer with its own keyboard and display.

The display should be ubiquitous like VGA or HDMI; so perhaps a small FPGA works here. Include a SPI interface to talk to the MAX3421.

The 6502 for a CPU+RAM+ROM should be fine here. It's task is to be a typewriter and interface to the MAX for USB.

So the 6502 presents an interface to allow you to:
* Compose a message
* Encrypt a message
* Decrypt a message

Once a message is composed (in RAM), the Encrypt option prompts you to install the 1TB Flash drive. The first 5 bytes on the drive hold the running offset for outgoing messages (you and your buddy should agree to start from different offsets, so his messages don't use the same key data as yours). So the application knows where to fetch the new key data, XORs the data with the messages, and writes back the new offset for next time.

The program then prompts you to install the outgoing message flash drive, and writes an encrypted message formatted as:
* 4 bytes (little endian) of message text length
* 5 bytes (little endian) indicating the start-offset within the 1TB flash of the decryption key
* Encrypted bytes (0..len bytes)

You can then remove the flash drive, take that to an unsecured PC and send / post the message to any destination, secure or not, in the world.

Once the receiver obtains the message, he can decrypt it using the process of:
* Use an unsecured PC to write the message to the data flash
* Use the secured 6502 computer to read the message
* Insert the key flash
* Use the message length and key offset to decrypt the message.

If the message is altered in transit, or if it comes from a foreign actor, then the compromised bytes will most likely contain nonsense. With a simple XOR scheme, you can nudge an ASCII character over by one byte by changing a 0x63 in the encrypted data to 0x62, but as you'll not know what that byte meant there's no real value there.

But still, if you're concerned about message integrity you can include an encrypted XOR of all message bytes; with that value itself encrypted.

So let's say that's the product. What's the cost?

With an FPGA in the mix, you might as well just buy an FPGA board with the right I/O. That's going to be the cheapest choice. Doing a board by hand is going to be 5x the cost of a commercially available board, and you avoid the board design, layout, manufacture and assembly headache.

So you buy your FPGA board, integrate the open source 6502, SPI and VGA cores, and now it's a software problem.

(if you're wondering why I don't suggest including the USB controller in the FPGA: it's because these controllers are non-trivial and I personally wouldn't want to try to integrate or debug one).

So cost to you is ranging from $5 for the Pi Zero to $150 for an FPGA dev board to $1000+ to build your own board and have it commercially assembled. Add to that a mechanical keyboard and some flash drives.

x 2; as your buddy needs his.

And some software.

With all this you now have a perfectly secret communication terminal.

... until the MoO compel you to hand over your key flash drive.


So let's think about that for a second. Let's accept the premise that the Minions of Orthodoxy monitor all communication and have the means to decrypt all current encryption systems (via means that, say, were designed in but have so far escaped detection from researchers).

All of a sudden the MoO observe perfect secret messages on the Internet that they can't decrypt. That's going to put a laser target on you PDQ.

Now you know for a fact that the MoO can't decrypt your messages, and you know that's going to make them very nervous. Do you think they'll let you get away with it? Do you think they'd sit by and take no action?

Who are you? Would anyone notice if you just disappeared one day? Do you think that's outside the toolkit of the MoO to squash dissent?

I don't know... Your 3 minute abs plan may be worth it, but I'd rather not have the MoO open a file on me.

What is success? What is the measure of a man? Is it the success of 3 minute abs? Is it money in the bank, a big house or a luxury car on the drive? Or is it the smile on his daughter's face when he walks into the room? Is it providing for his family, putting his children through school and ensuring they themselves have good lives?

What would it mean to have the MoO come after you and your family? And for what? 3 minute abs...

I don't think it's worth it, but then it's not my idea.

Good luck and God bless you all.

A quick google also suggests that such an implementation does not exist, but from my best understanding of DES I think it should be reasonably practical. The algorithm is mostly table lookups, bit rotations and XORs, all of which are quite feasible on the 6502. Sounds like a fun project, but I should probably finish the ones I'm on before starting any more

_________________
Want to design a PCB for your project? I strongly recommend KiCad. Its free, its multiplatform, and its easy to learn!
Also, I maintain KiCad libraries of Retro Computing and Arduino components you might find useful.

I don't want to get into an ad hominem situation, but after reading some of the content on his website I tend to agree that a certain amount of "black helicopter" thinking is present. The irony is Mr. Adrian's website goes out of its way to promote the use of Google for searching:

Indentation areas (like the one at the start of this paragraph) are links to Google. This allows you to conveniently search for any unfamiliar words or phrases by copying the text in question and clicking on an indentation.

The truly paranoid would stay as far away from Google as possible. Yet the above paragraph is on every page that I viewed.


It indeed is a complex, convoluted and circuitous way to get information from person A to person B, which is why "perfect encryption" is seldom used. Your detailed description of the procedure is probably the most amount of effort that should be put into it.

Meanwhile, my large scale locomotive is coming along nicely.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!

Nice!!!

That's really amazing BDD. Where did you get the body? Is it electric, gas, or diesel?

Thanks!


I fabricated it. The nose is an Alumilite casting. Everything aft of the cab doors is steel, most of it laser-cut sheets. An internal skeleton gives it structural rigidity. Below is a photo I took while I was working on the body.


The above pic was taken right before I welded the side sheet to the skeleton.


It's powered by a Briggs & Stratton industrial V-twin gas engine. See below picture with the body opened.

_________________
x86?  We ain't got no x86.  We don't NEED no stinking x86!

I'd much rather we didn't feel a need to attack other members of the forum. If you don't like their projects, ignore them. Researching their life elsewhere so you can criticise their personality or beliefs is just shabby.

I suppose this is a cleverly rail-related derail as a comment on off-topic subject matter? There's a forum facility which might be useful in cases such as these: in the User Control Panel you can unsubscribe from topics. So when you find you've commented on a topic which you no longer find interesting, you can choose to get no further notifications about it.