Project

# Title Team Members TA Documents Sponsor
69 Shamir Secret Self-Destruct USB
 Alex Clemens
Danny Metzger
Varun Sivasubramanian
 Michael Gamota design_document1.pdf
final_paper1.pdf
grading_sheet1.pdf
presentation1.pdf
proposal1.pdf
# Team Members
- Varun Sivasubramanian (vsiva4)
- Alex Clemens (clemens9)
- Danny Metzger (djm14)

# Problem

Traditional USB flash drives pose a security risk if lost or stolen, especially for highly sensitive data such as cryptographic keys, classified documents, or personal information. Even if encrypted, existing encrypted USBs rely on software-based security, which is vulnerable to forensic recovery or brute-force attacks. Some physical destruction, like crushing or snapping, may still leave recoverable data on the drive. Furthermore, USB devices often do not enforce security via the device itself.

# Solution
A custom USB flash drive with built-in cryptographic security and hardware self-destruction, ensuring that sensitive data cannot be recovered under any circumstances. The system will:
- Encrypt and split the drive's decryption key using Shamir’s Secret Sharing across multiple physical hardware keys.
Require a threshold number of shares (⅔) to reconstruct the key and decrypt the data.
- Trigger a hardware-based self-destruct mechanism under various circumstances.
- Ensure complete destruction by physically rendering the flash memory unreadable.

# Solution Components

## Subsystem 1: Shamir Secret & YubiKey Authentication
Purpose: Ensures multi-factor authentication and prevents software access by restricting key reconstruction to hardware.

Components:
- Microcontroller: ESP32, STM32 or similar. Should handle reading YubiKeys and managing key reconstruction along with triggering destruction.
- Secure Element: AES-256 Encryption capable. Handles all cryptographic operations and is tamperproof.
- 3 USB-C YubiKeys: Hold each share of the Shamir Secret in a ⅔ authentication.

Upon first connection, the user is able to set up Shamir Secrets by plugging in all YubiKeys and initiating the MCU and SE to create the shares.

## Subsystem 2: Storage System
Purpose: The flash drive should still have traditional storage and functionality. Conceals encrypted portion unless Shamir is reconstructed. With partitioning, an unencrypted partition should also be allowed.

Components:
- Flash NAND storage: Any small size (8-16GB) is good. Should support basic partitioning.
- USB Mass Storage Controller: Facilitates communication with the computer.
- External USB-C ports: Allow YubiKeys to be connected to the PCB
- USB-A or USB-C interface: Plugs into the computer.

The encryption of the storage will be done by the secure element.

## Subsystem 3: Hardware Self-Destruction
Purpose: Ensures that if there is a potential attacker, the storage is permanently destroyed. The exact method of self-destruction is contingent on circuit design, but a voltage overload is most feasible.

Components:
- Boost Converter: Steps voltage to create destruction.
- MOSFET: Switches from normal functioning to destruction voltage.
- 2 LiPo or CR2032 batteries: Allows destruction to take place even when unplugged.
- Tamper detection circuit: A circuit that detects when two pins are no longer in contact i.e. when the casing has been opened up.

Trigger Mechanisms:
There are multiple triggers that lead to frying the NAND. Multiple YubiKey fail attempts, opening the physical casing, or attempting to access the Secure Element should trigger the self-destruction. The MOSFET should direct high voltage directly to the NAND, irreversibly damaging memory.

# Criterion for Success
1. Shamir Secret: The Shamir key can only be reconstructed via firmware on the physical drive, not on a computer.
2. Irreversible: Destruction of the NAND is irreversible. Data should not be recoverable.
3. Tamper-Resistant: Removing casing or tampering with the SE should lead to destruction.

UV Sensor and Alert System - Skin Protection

Liz Boehning, Gavin Chan, Jimmy Huh

UV Sensor and Alert System - Skin Protection

Featured Project

Team Members:

- Elizabeth Boehning (elb5)

- Gavin Chan (gavintc2)

- Jimmy Huh (yeaho2)

# Problem

Too much sun exposure can lead to sunburn and an increased risk of skin cancer. Without active and mindful monitoring, it can be difficult to tell how much sun exposure one is getting and when one needs to seek protection from the sun, such as applying sunscreen or getting into shady areas. This is even more of an issue for those with fair skin, but also can be applicable to prevent skin damage for everyone, specifically for those who spend a lot of time outside for work (construction) or leisure activities (runners, outdoor athletes).

# Solution

Our solution is to create a wristband that tracks UV exposure and alerts the user to reapply sunscreen or seek shade to prevent skin damage. By creating a device that tracks intensity and exposure to harmful UV light from the sun, the user can limit their time in the sun (especially during periods of increased UV exposure) and apply sunscreen or seek shade when necessary, without the need of manually tracking how long the user is exposed to sunlight. By doing so, the short-term risk of sunburn and long-term risk of skin cancer is decreased.

The sensors/wristbands that we have seen only provide feedback in the sense of color changing once a certain exposure limit has been reached. For our device, we would like to also input user feedback to actively alert the user repeatedly to ensure safe extended sun exposure.

# Solution Components

## Subsystem 1 - Sensor Interface

This subsystem contains the UV sensors. There are two types of UV wavelengths that are damaging to human skin and reach the surface of Earth: UV-A and UV-B. Therefore, this subsystem will contain two sensors to measure each of those wavelengths and output a voltage for the MCU subsystem to interpret as energy intensity. The following sensors will be used:

- GUVA-T21GH - https://www.digikey.com/en/products/detail/genicom-co-ltd/GUVA-T21GH/10474931

- GUVB-T21GH - https://www.digikey.com/en/products/detail/genicom-co-ltd/GUVB-T21GH/10474933

## Subsystem 2 - MCU

This subsystem will include a microcontroller for controlling the device. It will take input from the sensor interface, interpret the input as energy intensity, and track how long the sensor is exposed to UV. When applicable, the MCU will output signals to the User Interface subsystem to notify the user to take action for sun exposure and will input signals from the User Interface subsystem if the user has put on sunscreen.

## Subsystem 3 - Power

This subsystem will provide power to the system through a rechargeable, lithium-ion battery, and a switching boost converter for the rest of the system. This section will require some consultation to ensure the best choice is made for our device.

## Subsystem 4 - User Interface

This subsystem will provide feedback to the user and accept feedback from the user. Once the user has been exposed to significant UV light, this subsystem will use a vibration motor to vibrate and notify the user to put on more sunscreen or get into the shade. Once they have done so, they can press a button to notify the system that they have put on more sunscreen, which will be sent as an output to the MCU subsystem.

We are looking into using one of the following vibration motors:

- TEK002 - https://www.digikey.com/en/products/detail/sparkfun-electronics/DEV-11008/5768371

- DEV-11008 - https://www.digikey.com/en/products/detail/pimoroni-ltd/TEK002/7933302

# Criterion For Success

- Last at least 16 hours on battery power

- Accurately measures amount of time and intensity of harmful UV light

- Notifies user of sustained UV exposure (vibration motor) and resets exposure timer if more sunscreen is applied (button is pressed)