On Mon, Mar 13, 2000 at 10:50:16AM -0800, Rich Leggitt wrote:
> Interesting concept...
>
> A suggestion is MD5 (one way hash) instead of RSA, better suited to
> microcontrollers I believe. Means the server has to walk the passcode
> table, or part of the passcode is actually an ID transmitted plaintext.

Well, but one of the main advantages is that other servers (I mean PC's,
door locks, or other access granting devices) have only the public key
of my PICKEY. It has many important consequences:

1) If one of the systems where I use my PICKEY gets hacked, there is no
   need to change the whole key and information in all used servers.
2) The record of "login" session is a proof that the PICKEY owner accessed the
   system (No one is able to falsify the encrypted response, so if the
   "challenge" contains the server specific part and the time mark,
   the recorded response is a real proof of the access).

So I think that there should be a public/private key system used in PICKEY
device. I don't know if there is any system better than RSA for that purpose.
Because the RSA is patented (till September 2000) in the USA, it would be
nice to have an alternative (fortunately I'm not the USA citizen so it is
not a problem for me :-) ).

> More important problem: a digit is only about 3.2 bits, no one can
> remember an 18 digit passcode, maybe 10 digits = 32 bits (but realisticly
> more like 4 digits!). Assuming I can eavesdrop the conversation then this
> is very easy to crack.

Well, so we can have 12 keys, each with 2 letters assigned, a SHIFT key
to select one of the letters, the ARM key, the START key and the "EMERGENCY
DISARM" key. It is easy to remember a long password containing solely the
letters (eg. first or second letters of the long sentence or song etc.)
and each letter is ca. 4.6 bits!

And yet another technical remark. The use of external RAM could solve the
problem of lacking memory, however it is unsafe. If this RAM were used
for "challenge" encryption, monitoring of PIC<->RAM communication
could lead to the private key recovery. Well, it should be done very fast,
untill the device remains "armed", but it is not impossible.
--
                        Thanks,
                        Wojciech Zabolotny
                        http://www.ise.pw.edu.pl/~wzab

Build your free Data Acquisition System:
http://www.ise.pw.edu.pl/~wzab/picadc/picadc.html