Ben Laurie (ben@algroup.co.uk)
Mon, 30 Mar 1998 23:17:11 +0100
[These are cool toys]
Cees de Groot wrote:
>
> Hi all,
>
> This might be old news for a lot of you, but I found it nevertheless very
> interesting stuff: last week on the Java One conference, all attendees
> received a Java Ring from Dallas Semiconductor. The ring contained as the
> "jewel" a device called the iButton, which is basically a smartcard enclosed
> in a tamperproof-housing not unlike a small button-model battery.
>
> The interesting stuff is this: the iButton contains a Java JVM, 6kB of NVRAM
> (backed up by an internal power cell guaranteed for 10 years), and as far as I
> know a 1024-bit exponentiator. I say AFAIK, because the thing should be in
> there but I haven't had time to test this hands-on. The JVM supports Java Card
> 2.0 with extensions like support for garbage collection.
>
> Furthermore, "readers" for this device are dead cheap: US$15 retail (the
> iButton itself is even cheaper, I believe). They sold these at Java One
> literally by the thousands.
Although I haven't played with a Java iButton yet, I've been messing
with other members of the family (hmmm ... sounds dodgy :-), and the
reader can probably be made even cheaper than that - essentially it is
some rather weird front-end for a serial port that you abuse to do
1-wire LAN (for that is the iButton inteface). You drive the serial at
strange speeds, and read the bytes you write (which come back subtly
altered) to do the actual comms. Strange but fun stuff.
> The relevance for CodherPlunks is clear, I think: here is a device that every
> decent Java programmer can program, sporting support hardware for
> authentication/signing/encryption, and a development starter kit goes for
> fifty bucks - as far as I know, way below what smartcard vendors want.
>
> Java language flame wars aside, wouldn't this be a great platform to implement
> some hardware token stuff? 6kB should be enough for some basic RSA stuff plus
> your PGP private key...
Interesting - I've been worrying a bit about the likelihood of getting
general export for the crypto version, but sounds like the Java version
can cut through that concern... (wanders off into sunset pondering)...
Cheers,
Ben.
-- Ben Laurie |Phone: +44 (181) 735 0686| Apache Group member Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org and Technical Director|Email: ben@algroup.co.uk | A.L. Digital Ltd, |Apache-SSL author http://www.apache-ssl.org/ London, England. |"Apache: TDG" http://www.ora.com/catalog/apache
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:24 ADT