1992-11-28 - Detailed Scenario of Dongle Usage

Header Data

From: yanek@novavax.nova.edu (Yanek Martinson)
To: cypherpunks@toad.com
Message Hash: 2f1843b3936d0212ff4270cac5c50cbf1aed5cd1ee739981ff7f932ab8b0c724
Message ID: <9211281553.AA19458@novavax.nova.edu>
Reply To: N/A
UTC Datetime: 1992-11-28 15:53:25 UTC
Raw Date: Sat, 28 Nov 92 07:53:25 PST

Raw message

From: yanek@novavax.nova.edu (Yanek Martinson)
Date: Sat, 28 Nov 92 07:53:25 PST
To: cypherpunks@toad.com
Subject: Detailed Scenario of Dongle Usage
Message-ID: <9211281553.AA19458@novavax.nova.edu>
MIME-Version: 1.0
Content-Type: text/plain




So, you walk up to ANY terminal directly connected to a host, or to a
terminal server, or a personal computer of any kind connected through a
modem, or borrow someone's laptop connected to a cellular modem.

You connect your dongle in between the terminal/computer and the
communications line, and punch in your secret code on the keypad
(which, like phones, also has letters so you can remember fairly long
ID-s).

Call up, or telnet, dial up a bbs, or connect through any other means, to your host,
and log in.

Run your favorite mail reader, let's say _elm_.  Start reading your
mail as you usually would.

Any time an encrypted message is displayed whose public key ID matches
one of the private keys on your keyring, the dongle temporarily buffers
the message it into its RAM, flashes the "decrypt" LED, while
decrypting the message.  Then you can view the plaintext using a
simple, terminal-independent pager that lets you go forward/back one
page, and search for a key word.  When you are done, you press Q, and
the plaintext is immediately deleted from the memory.  Note that during
all this, the plaintext did not appear anywhere on the host or any of
the communication links connecting you to it.

Let's say you want to reply to a message.  Press 'r' or whatever key is
used to reply in your particular mail reader.

Or if you want to send a message, press 'm' and fill in the address.

Then, if your editor is something like vi or ed that requires you to do
something before you can input text (like press 'a') then do that.  If
you use an editor like EMACS or SMiLE or jove or cat or anything that
lets you just type in text, you skip this step.

Now, press the "encrypt" button on the dongle.  It presents you with a
simple line editor, that works with any terminal or terminal emulation,
but is reasonably easy to use (something like most bbs-es use for
composing messages).  You type your message, or if it was prepared
ahead of time on the local equipment, you transmit the text.

NOTE: this is the simpler of the several different approaches to plaintext
handling that I am considering.

When you are done, you pick the public key to encrypt it with (or it
can be automatically determined based on the address you typed in to
your mail program previously).  If you have lots of public keys, you
could use a search to quickly find the one you want.

Then you have the option of signing the message with any one of the
private keys that you have.

Finally, the dongle transmits the cyphertext to the host, and you type
the _exit_ key sequence for the editor (:wq, or C-x C-c, or /done,
etc).

The message is sent by the mailer software on the host.

Then you may want to scan a newsgroup like alt.w.a.s.t.e for any mail
that may be for you.  Put your dongle into "WASTE SCAN" mode (for
example by pressing *WS on the keypad) and tell your newsreader
something like "display all new messages".  The dongle will detect a
message whose key-id matches one of the keys on your key-ring decrypts
and displays it, while ignoring all the other messages that are not for
you.  You must retrieve all the messages, so that anyone monitoring
your activity has no way of knowing which one, if any, was actually
addressed to you.

Then you receive a "talk" request (or a chat call on a bbs, or you may
be on irc or a MUD with "chat mode") from someone you know has a
similar device (or software that emulates it).

If you both know each other's public keys, the two devices both
generate a random session key and encrypt it with the others' public
key.

If not, a key-exchange protocol may be used to generate a key both of
you know, but that can not be later recovered by someone recording the
data.

Now the dongles encrypt any text (one line at at time) that you type,
and decrypt anything received.

Many other applications for a portable, trusted crypto engine could be
thought of, given time.


--
Yanek Martinson    mthvax.cs.miami.edu!safe0!yanek     uunet!medexam!yanek
this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred
Phone (305) 765-6300 daytime   FAX: (305) 765-6708  1321 N 65 Way/Hollywood
      (305) 963-1931 evenings       (305) 981-9812  Florida, 33024-5819





Thread