On Fri, 13 Aug 2004 12:56:45 +0100, Howard Winter wrote: > Robert, > > The DS1991 may be the most interesting to you: it has some of its RAM area password protected - if you don't > give it the right password it doesn't object, it just returns random data (I rather like that idea! :-) so a > brute-force attack would not work, even if it was feasible. > There are others but I think the ones above cover the ground pretty well. But what would stop the attacker from using a fake iButton that's really a PIC that talks in the iButton protocol and steals the password? I've never seen an iButton so I don't know if it's actually possible to get some alligator clips or probes in there. I agree with Robert, some sort of rolling code would be useful. There would have to be out of sync detection with a manual override. It wouldn't stop the evil-doer the first time, but at least you'd be able to detect if someone had stolen the key and accessed the door without your knowledge. In that way you'd be one better than the standard key. You'd have to also make sure that the evil-doer can't crack your encryption scheme when the controller writes the new data back to the copied iButton. Ie make it very hard to calculate the next code when you already know two sequential ones. Alex -- http://www.piclist.com hint: To leave the PICList mailto:piclist-unsubscribe-request@mitvma.mit.edu