1992-11-28 - Re: Crypto Dongle…

Header Data

From: yanek@novavax.nova.edu (Yanek Martinson)
To: 74076.1041@CompuServe.COM (Hal)
Message Hash: 8f98454a7a00c2e14af3dfab8e906ee3c7dd32fc001903bba75a00d6f17e8455
Message ID: <9211282124.AA27769@novavax.nova.edu>
Reply To: <921128171942_74076.1041_DHJ49-2@CompuServe.COM>
UTC Datetime: 1992-11-28 21:24:30 UTC
Raw Date: Sat, 28 Nov 92 13:24:30 PST

Raw message

From: yanek@novavax.nova.edu (Yanek Martinson)
Date: Sat, 28 Nov 92 13:24:30 PST
To: 74076.1041@CompuServe.COM (Hal)
Subject: Re: Crypto Dongle...
In-Reply-To: <921128171942_74076.1041_DHJ49-2@CompuServe.COM>
Message-ID: <9211282124.AA27769@novavax.nova.edu>
MIME-Version: 1.0
Content-Type: text/plain


> Yanek - I do think your dongle idea is promising, but there are a
> couple of other problems I haven't seen you mention.

The concept is by no means complete. I will continue to add
improvements as people suggest them.

> One problem with this is that the terminal programs I use tend not to
> just blast the whole mail message out in literal form, especially
> since it is likely to be longer than one screenful.  Instead, it
> pauses after each screen, prompting with something like "type space
> for next page",

It would be transparent the other way, so that you would press space or
'n' or 'return' or anything you want.

> or such.  Also, it may insert VT100 control sequences as it goes from
> page to page in order to clear the screen, etc.

It should not be too difficult to ignore any codes that are not part of
the data stream.  If the message is coded with something like uuencode
or base64 then the uniform-length lines of data should be clearly
disinguishable from any other text such as "Press N for next screen"
or an escape sequence.

Also, overlapping display (some pagers show you a couple of lines from
the previous screenful) could be dealt with by detecting duplicate
lines.

>> When you are done, you press Q, and the plaintext is immediately
>> deleted from the memory.

> Well, I'd think you'd want the option of saving the plaintext to a
> file on your PC, not always deleting it from memory.

By memory I meant the RAM in the dongle.  If you wanted to save it, you
could have just used to "logifile" function of your communication
software.

> What if you wanted to do what I'm doing here, which is to quote the
> message you are replying to?  

I have not thought about that.

Right away I see several possibilities: one, if the message you are
replying to is the one you just decrypted, it could have been stored in
the buffer, and you can delete the irrelevant lines, and insert your
comments.

The other would be that as you read a message, you could write and
encrypt your reply.  In that case it would also be simple to
automatically use the public key that was used to verify the
signature.

I am sure there are other ways.  There is essentially no limit on
possibilities once you have a CPU.

I will think about it some more.  Thanks for bringing this up.

>> simple line editor, that works with any terminal or terminal

> I think this is OK, although I'm not sure how happy I'd be with
> your line editor, not being accustomed to using BBS's.

You could probably download an editor of your choice into it.  There
could be several editors available.  Maybe even a simple screen editor
that recognizes several most common terminals like vt100 and ansi.

> like I can always compose on my PC, so that's OK.

If your comm software supperted such a feature, the dongle could
transmit a magic sequence which would make the pc to automatically go
into an editor and then transmit the text.  I would imagine eventually
the most popular communication programs would have this feature.  Some
might already.  The point is that if you happen to be using a dumb
terminal or some machine or software WITHOUT this capability you could
still receive and send secure messages.

>> Then you may want to scan a newsgroup like alt.w.a.s.t.e for any mail

>> message whose key-id matches one of the keys on your key-ring,
>> decrypts and displays it, while ignoring all the other messages

> You might have a buffering problem here.  A decryption takes 30
> seconds

They would not be decrypted "on-the-fly".  Each Subject: line would
contain the MD5 hash of the public key.  It would take a fraction of a
second to determine if that hash matches one of your keys for which the
hash values would be precomputed and stored.  Then the message would be
captured.  Later, when the scan is complete, it would be decrypted and
displayed.

> reasons; first, you don't know what flow control the host uses (if
> any), and second, it would expose the fact that you had found a
> message you wanted to decrypt).

That is true.  It should not be a problem though, if there are not too
many messages for you. I plan for the device to have 256k of ram, so it
could hold a few messages.  The ram could be expanded if necessary.

> You can't really anticipate how big the buffer might need to be,
> especially if this method of anonymous communication became popular. 
> As I said in a previous post, you could easily have thousands of
> messages  to sort through, with perhaps dozens for you.

I envision that this method would only be used for short and important
messages, mostly of the form:

  "Contact me by sending mail to xyzzy@anon-r-us.com, key: dfgSDFgds34DF"

So they would be short, easy to buffer, quick to decrypt and hopefully
not too many of them.  If there WAS too many messages, more than you
were able to buffer, then it would just ignore the rest, process the
ones it did get, and then you would request a second scan during which
the first ones (that have already been processed) would be ignored, and
the rest would be received.  The problem with this is that the host
would know that if you scan twice you have a lot of messages. They dont
know which ones though.  Or maybe you just had a transmission error...

> solution than just encouraging people to buy laptops and use them? 

Most people that use e-mail already have a computer, They may not want
to buy another one.  They may use the computer or terminal on their
desk for other things too, and would not want the inconvenience of
having to use a separate screen/keyboard anytime they receive or want
to send a private message.

Laptop will cost more.  Why buy a screen, keyboard, disk drive if you
already have it.  Hopefully my device will be cheap.  It should be
cheaper than any laptop.  All I have is two serial ports, a cpu, some
RAM and support cirquitry.  I don't have a full-fledged keyboard,
display, disk (or card) drive, and all the other stuff that goes in a
laptop.  

Laptops are bigger.  Or if they are small, they have lousy
screens/keyboards.  I hope to make my device smaller than even the
so-called "palmtops".  It would be easier to carry with you, in your
pocket.  It would be easier to hide if necessary.

You can't make a laptop.  You cant easily open it up, or if you can, it
is complex enough that you can not completely understand its design.

You can make a dongle from a kit, testing each part before you assemble
it.  You could make one from scratch.  You can design one if you don't
trust the schematics.  Or you could show it to a competent electronics
engineer and he could tell you if it does what it says it will.

A laptop is not designed with security in mind.

If you find that someone has just learned your secret code (that you
used to encrypt your private key) and are going to seize your laptop in
15 seconds, you can't immediately destroy the key (you need to turn it
on, boot or resume, exit from whatever program you were running or
create a new window, CD to the directory where you store your private
key, delete the file, run some program that makes sure the sectors are
cleared.)  And you still can't be sure that the key is not stored in
some buffer or disk or cpu cache or a temporary file.

Compare this with punching in a short "DESTRUCT" sequence on the
keypad; if you have the device in your pocket, you can even do it
without taking it out of your pocket, if you know the keypad well; And
be absolutely sure that all information is completely gone.

> Despite my negative comments here, I think there is room for plenty
> of different approaches to making crypto easier to use.

Absolutely.  I am not saying that a hardware device designed
specifically for cryptography is the ONLY way to go, what I do believe
is that it is just a very good way to make easy access to cryptography
widespread.

A person that does not even know enough to be able to download, uncompress
and install a software package could get one of these devices and make
use of it.  And there is no limit as to what a knowledgeable person
could do with such a device.

>If the dongle really could be made available at the price level you
>mentioned, there might be some interest ...  and if there was one for
>$200 or less that would definately be interesting to me.

Right now I hope to make it available for about $100. I don't know if I
can yet, but will find out soon.


--
Yanek Martinson    mthvax.cs.miami.edu!safe0!yanek     uunet!medexam!yanek
this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred
Phone (305) 765-6300 daytime   FAX: (305) 765-6708  1321 N 65 Way/Hollywood
      (305) 963-1931 evenings       (305) 981-9812  Florida, 33024-5819





Thread