Security is one of the primary concerns for many organizations these days, so makers of hardware and software have been responding in-kind with new security features baked into their products. To that end, Cherry has introduced a new keyboard that has a smart card reader and can encrypt every keystroke to prevent keylogging.

The Cherry Secure Board 1.0 is a classic looking black or white keyboard with inexpensive rubber dome switches (which Cherry calls LPK) that has an integrated Class 2 reader for ISO 7816 and ISO 14443 A/B-compliant smart cards as well as cards/tags with an RF/NFC interface. Such cards and tags are used by various government and corporate organizations to identify their employees using hardware means and control their access levels and actions. The board is FIPS-201 compliant.

The key feature of the Secure Board 1.0 is support for Secure Mode that verifies authenticity of the keyboard to its host PC with a special certificate and encrypts every key stroke when used in Secure Mode. According to Cherry, Secure Mode protects against BadUSB attacks, yet it does not explain how exactly other than saying that it blocks 'the standard keyboard channel'. At any rate, since Secure Mode encrypts every keystroke, it should make it impossible for keyloggers to intercept sensitive data and/or passwords.

At this point, we can only speculate how Secure Mode works: it might prevent the OS from getting 03h (human interface device) descriptor from devices without a special certificate and thus infect the PC with a virus by executing preprogrammed keystrokes and/or running certain applications. Alternatively, it might prevent the OS from recognizing any unencrypted input from a keyboard.

The biggest limitation with Secure Mode at the moment is that it currently works only with clients running Linux, while Windows support is still under development. This pretty much limits usefulness of Secure Mode to a handful of corporate desktops, but considering the fact that Cherry is a German company and Linux is widely used in Germany, it's not as problematic as it may first appear for Cherry's home market.

Cherry has already started to sell its Secure Board 1.0 keyboards in Europe and the UK for €69.99 and £64.99 respectively. Versions with layout for Belgium, Germany, France, Italy, Spain, Switzerland, Nordic, and the UK are available. There are also black and white versions with the US layout (albeit with € symbol).

Related Reading:

Source: Cherry

Comments Locked

24 Comments

View All Comments

  • JanW1 - Wednesday, December 4, 2019 - link

    "How do you know that the software implementation on these keyboards isn’t horribly insecure?"

    By reading the source code. Look up "libsecureboard" on Github.
  • jordanclock - Tuesday, December 3, 2019 - link

    No one needs to create boogeymen. There are boogeymen. There are a lot of them, in fact, and they are using every little opening they can find to get into systems.
  • mooninite - Tuesday, December 3, 2019 - link

    @Anton (OP), Linux is more widely used in commercial space than you realize. I encourage you to step out of your Windows cage and explore the free air. Talk to companies that make Real Things (eg. defense contractors) and you'll find they use Linux for not only backend but for front ends, too.
  • brucethemoose - Wednesday, December 4, 2019 - link

    I bet a significant chunk of professional programmers use Linux as their primary OS as well.
  • drexnx - Tuesday, December 3, 2019 - link

    >only works on Linux
    >still has a windows key

    hmmmm
  • jordanclock - Tuesday, December 3, 2019 - link

    Secure Mode only works in Linux, but the keyboard can be used as a regular keyboard on any operating system.
  • GreenReaper - Tuesday, December 3, 2019 - link

    I bet if you use Cinnamon's Windows 10 theme, it will work to open the Start menu: https://cinnamon-spices.linuxmint.com/themes/view/...
  • rahvin - Tuesday, December 3, 2019 - link

    You don't actually think the "windows" key has no purpose outside windows do you?
  • CharonPDX - Tuesday, December 3, 2019 - link

    I have to wonder about "encrypting each keystroke" though - statistical analysis can figure out what keys are actually being pressed if timing is recorded, too. To combat this, it would need to bundle multiple keystrokes and send them not in perfectly real time, which would be painful for all but the fastest typists.
  • GreenReaper - Tuesday, December 3, 2019 - link

    Ah, but if they type fast enough, it might be able to compress them and *increase* the bandwidth!

Log in

Don't have an account? Sign up now