[MattCruikshank]

I've wanted to use this for an air-gapped communication device.

I have a device with a camera and a touch-screen that only uses capacitive charging. I type a message. Bytes are encrypted. I hit send. QR codes flash on my screen. I use my PC or my normal phone to receive the encrypted bytes, and transmit them to you. You have the same device. You have your PC or phone flash encrypted QR codes. You use your device to receive, and then decrypt.

I've daydreamed about also buying several different hardware random noise generators. XOR all of their bits together. Save a huge one time pad to each of our devices. And then also use public key crypto on top of it.

I'm not really sure why I want this. But, it's my answer for how to reduce attack surface as much as possible, and have truly secret messages.

[reaperducer]

I have a device with a camera and a touch-screen that only uses capacitive charging. I type a message. Bytes are encrypted. I hit send. QR codes flash on my screen. I use my PC or my normal phone to receive the encrypted bytes, and transmit them to you. You have the same device. You have your PC or phone flash encrypted QR codes. You use your device to receive, and then decrypt.

Congratulations. You just invented IrDA: https://en.wikipedia.org/wiki/IrDA

[MattCruikshank]

I specifically want this device to have no input or output hardware that could be used without my knowledge. IrDA could absolutely be used without my knowledge.

[reaperducer]

IrDA could absolutely be used without my knowledge.

Having actually used IrDA on Sony, Nokia, and Ericsson devices, no it couldn't.

In the real world, two IrDA devices have to be very specifically aligned, and also brought within just a few inches of each other. There's no way data transfer would happen without your knowledge.

[MattCruikshank]

I blame the intentionally cheap receiving optics. Researchers have reconstructed a TV signal from a hotel room with closed blinds, by very accurately measuring the ambient light intensity of the room (as shown on the blinds.)

Knowing that, I doubt that someone with even moderate funding would have difficulty receiving a signal from any of the transmitters you mention.

But, in all honesty, if you put a physical cap on the transmitter and receiver, maybe I'm wrong.

But in the other hand, none of the devices I currently own have one of your transmitters, and they all have screens and cameras, so...

Thanks for the dialogue and for sharing your experiences.

[unprovable]

So two parts to a reply - first is, you don't need the encryption per se, but you can add that in the case that you give it some key and then it's encrypted. I don't see the value unless you're using this to generate frames for a video, which isn't current functionality but totally doable.

Second part, Charlie Bennet said "the only entropy source is one you can trust" and the best entropy source is quantum fluctuations, so we built a fully open source phase diffusion QRNG at Quantum Village and released it. Link: https://github.com/QuantumVillage/EntropyLoop

[skinfaxi]

> I have a device with a camera and a touch-screen that only uses capacitive charging. I type a message. Bytes are encrypted. I hit send. QR codes flash on my screen. I use my PC or my normal phone to receive the encrypted bytes, and transmit them to you. You have the same device.

Why do you need a separate device for this and not just an airgapped computer?

[MattCruikshank]

Me, in my life, I have a PC that's connected to the internet. I have a phone that's connected to the internet.

I want another device, which I imagine to be a Pi or Esp32 or something with a camera and a touchscreen display, and capacitive charging. After I program it and give it the public/private keypair and the OTP, I imagine physically breaking off a USB port, or sealing one with some hardening resin.

I don't want an entire airgapped computer. Maybe you do, that's fine. For me, I'd love it to be a credit-card sized doodad.