From owner-freebsd-security  Mon Oct  5 15:33:38 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA18433
          for freebsd-security-outgoing; Mon, 5 Oct 1998 15:33:38 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from pluto.plutotech.com (mail.plutotech.com [206.168.67.137])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA18426
          for <FreeBSD-security@FreeBSD.ORG>; Mon, 5 Oct 1998 15:33:35 -0700 (PDT)
          (envelope-from kelly@plutotech.com)
Received: from plutotech.com (tampopo.plutotech.com [206.168.67.161])
	by pluto.plutotech.com (8.8.7/8.8.5) with ESMTP id QAA02770;
	Mon, 5 Oct 1998 16:33:22 -0600 (MDT)
Message-ID: <36194931.975AA5AC@plutotech.com>
Date: Mon, 05 Oct 1998 16:33:21 -0600
From: Sean Kelly <kelly@plutotech.com>
Organization: Pluto Technologies
X-Mailer: Mozilla 4.04 [en] (X11; I; FreeBSD 3.0-CURRENT i386)
MIME-Version: 1.0
To: Chuck Robey <chuckr@mat.net>
CC: FreeBSD-security@FreeBSD.ORG
Subject: Re: Java-based Crypto Decoder Ring gets NIST FIPS 140-1 certification
	 (fwd)
References: <Pine.BSF.4.05.9810051545070.15656-100000@picnic.mat.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Chuck Robey wrote:
> I'm not asking if the software exists ... if it doesn't (and I know it
> doesn't yet) 

... well, some of it actually *does* exist!

Steve Passe <smp@csn.net> developed some C++ code that interfaces to an
iButton (or any Dallas Semiconductor MicroLAN product) using a simple
busmaster that you can assemble.

Using that code as a basis, I'm developing some Java code that does the
same thing, but uses the Dallas Semiconductor DS2485 busmaster.

MicroLAN, upon which the iButtons are based, is really nifty: using a
single data line, most devices use parasitic power off the bidirectional
data line to power themselves.  There are remote addressable switches,
temperature sensors, and serial numbers.  Both of Steve and I use them
in our home automation shenanigans.

> I can do that part, I'm interested if this really
> represents a secure method for me to be able to do something like carry
> around my whole 1024 bit private key with me, and use the $15 (yes, it's
> only $15!) ISA card to interface to the ring, and tell the system
> securely who I am.  I want to know if there are any hidden traps to
> doing logins that way.

I hope not, since I'm planning on using my iButton to arm and disarm the
home security system.  I get the added bonus of a record of who did it
(me, wife, or future kids), and a nearly nil chance that anyone else can
disarm it.

Go for it!
--Sean

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message