Security is one of the primary concerns for many organizations these days, so makers of hardware and software have been responding in-kind with new security features baked into their products. To that end, Cherry has introduced a new keyboard that has a smart card reader and can encrypt every keystroke to prevent keylogging.

The Cherry Secure Board 1.0 is a classic looking black or white keyboard with inexpensive rubber dome switches (which Cherry calls LPK) that has an integrated Class 2 reader for ISO 7816 and ISO 14443 A/B-compliant smart cards as well as cards/tags with an RF/NFC interface. Such cards and tags are used by various government and corporate organizations to identify their employees using hardware means and control their access levels and actions. The board is FIPS-201 compliant.

The key feature of the Secure Board 1.0 is support for Secure Mode that verifies authenticity of the keyboard to its host PC with a special certificate and encrypts every key stroke when used in Secure Mode. According to Cherry, Secure Mode protects against BadUSB attacks, yet it does not explain how exactly other than saying that it blocks 'the standard keyboard channel'. At any rate, since Secure Mode encrypts every keystroke, it should make it impossible for keyloggers to intercept sensitive data and/or passwords.

At this point, we can only speculate how Secure Mode works: it might prevent the OS from getting 03h (human interface device) descriptor from devices without a special certificate and thus infect the PC with a virus by executing preprogrammed keystrokes and/or running certain applications. Alternatively, it might prevent the OS from recognizing any unencrypted input from a keyboard.

The biggest limitation with Secure Mode at the moment is that it currently works only with clients running Linux, while Windows support is still under development. This pretty much limits usefulness of Secure Mode to a handful of corporate desktops, but considering the fact that Cherry is a German company and Linux is widely used in Germany, it's not as problematic as it may first appear for Cherry's home market.

Cherry has already started to sell its Secure Board 1.0 keyboards in Europe and the UK for €69.99 and £64.99 respectively. Versions with layout for Belgium, Germany, France, Italy, Spain, Switzerland, Nordic, and the UK are available. There are also black and white versions with the US layout (albeit with € symbol).

Related Reading:

Source: Cherry

Comments Locked


View All Comments

  • jordanclock - Tuesday, December 3, 2019 - link

    Padding and forward secrecy would protect against such an attack without having to do anything weird with inputs.
  • JanW1 - Wednesday, December 4, 2019 - link

    I think one of the main purposes is that once the OS has loaded the drivers for their secure mode, it no longer accepts input from other USB HID (03h) devices. This thwarts attempts to inject keystrokes using malicious devices (Rubber Ducky), or simply to access the computer by connecting a regular keyboard. This probably also means you can't use a mouse on such a computer - maybe one of the reasons why Windows support was not the highest priority.
  • kalgriffen - Tuesday, December 3, 2019 - link

    Or they can send a continuous stream of data and embed the keystrokes within the stream.
  • quadibloc - Monday, January 13, 2020 - link

    Something like this would be more generally useful in the case of a wireless keyboard.

Log in

Don't have an account? Sign up now