Ryan Lackey (rdl@MIT.EDU)
Mon, 30 Mar 1998 14:36:52 EST
So, here's the deal with ibuttons (I first got them at financial crypto 98,
and now have 4 crypto buttons and 2 java buttons). I speak only for
myself, of course, and all standard disclaimers apply.
There are two versions, the java version and the crypto version. The
java version is the crypto version with java added, and the crypto
parts ablated with a laser :( :(. So, the java version only does fairly
weak crypto. In nov98, they'll ship a version with 134K ram, strong
crypto, and java -- it will rock.
I signed up as a developer, and have been doing quite a bit of work with the
crypto versions. I've modified PGP to do PK operations on the ring, and
to store private keys on the ring. This means your host machine handles
the session keys and the red/black data, but your private key never
leaves the security perimeter of the ring. You already trust the machine
with the red/black data, so giving it your session key isn't that bad.
I've also gotten their solaris devkit to work under linux.
I'm also working on a challenge-response authentication system using
the i-button for use in ssh-like systems, SSL connections to web pages,
and as a safety interlock on a side project (2 watt HeNe laser array...).
I'd like to also get this used in door hardware, since the current
i-button based locks use the serial number and compare it to the list,
which obviously is poor if Eve exists, and if a lock is compromised.
They're really cool toys. I'd like to see if people would be interested
in "the cypherpunks i-button development group" or something like that.
Due to export restrictions, getting crypto i-buttons outside the US
will be a hassle. I've got a machine inside the US (sof.mit.edu) which
currently has a java i-button and a crypto i-button attached to the
serial port, running linux, with the ability for people to ssh in.
As soon as I get some free time to do documentation and stuff, I'd like
to release the pgp patches and the linux devkit.
I'd really like someone to make the Pilot work with the i-button. I'd do
it, except I currently do not own a pilot. Being able to have a secure
portable small box that does fast crypto and stores signing/long-term keys in
tamper-reactive space would be really cool.
-- Ryan Lackey rdl@mit.edu http://mit.edu/rdl/
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:23 ADT