1992-11-25 - RS232 Crypto Dongle (idea for widely accessible crypto technology)

Header Data

From: yanek@novavax.nova.edu (Yanek Martinson)
To: cypherpunks@toad.com (CypherPunks Mailing List)
Message Hash: dee6dbc836a0f0d3acfbc254a95182750b92310e2518490a5e9ed91f12507981
Message ID: <9211250712.AA03659@novavax.nova.edu>
Reply To: N/A
UTC Datetime: 1992-11-25 07:13:08 UTC
Raw Date: Tue, 24 Nov 92 23:13:08 PST

Raw message

From: yanek@novavax.nova.edu (Yanek Martinson)
Date: Tue, 24 Nov 92 23:13:08 PST
To: cypherpunks@toad.com (CypherPunks Mailing List)
Subject: RS232 Crypto Dongle (idea for widely accessible crypto technology)
Message-ID: <9211250712.AA03659@novavax.nova.edu>
MIME-Version: 1.0
Content-Type: text/plain


A very useful device for people who can not trust the host they are
talking to such as users of multiuser unix systems, or low security BBS
systems, or "public access" workstations or PC-s, (this includes almost
every single person that uses e-mail, except probably for users of a
high-security mainframe communications system) would be an RS232 crypto
"dongle" that would sit between the terminal (or modem) and the remote
system.

It would contain some tamperproof (write and decrypt only, can not be
read out without a great deal of trouble) memory (as someone at the
midnight crypto session at Hackers was talking about) for storage of
the private key, some nonvolatile memory (flash eprom?) for the public
key ring, and a processor to do the encryption/decryption.

It would look (if all that can be fit into a small enough space) like a
null modem or a gender changer.  (or an RS232 break-out box). If crypto
tech ever becomes illegal, it could even be disguised as one, with some
special signal combination enabling the crypto function.

It should also contain some out-of-band signal such as an LED to
indicate that it is actually doing the decryption, instead of the host
mimicking it.

If introduced now or in near future, this device could become
incredibly widespread, since most everybody that is accessing any form
of e-mail goes at some point through an RS-232 link (either a terminal
hanging off a terminal server, or a PC connected to a modem).

Also, it would not require ANY special software on the host or the pc,
nor any special terminal.  Thus it would work with any of the great
variety of e-mail and BBS sysetems that exist, instead of having to
deal with each of them individually as a purely software-based approach
would have to.  It would also be completely independent of the type of
computer/terminal or operating system used.

You would send the usual mail command to the host, type the magic
sequence to the encryption device (or even better, flip a little
switch), and then type your message.  The device would send to the host
the ciphertext, while echoing the plaintext to your terminal so you can
see what you are typing.  The plaintext would never travel further than
the RS232 connection between your terminal and the encryption device.

When you receive an encrypted message, flip the switch on your device
to "decrypt", and tell the host to send you the message.  The host and
any intervening networks would only see the ciphertext.  The only place
the decrypted text appears is on your terminal.  I think this is as
secure as you can get (until a decryption implant can be put in your
head :-).

Now, to allow the use of existing tools (pagers, editors, mailers, etc)
the device should be completely transparent except when performing the
crypto function.  Even then, careful design should make it pretty
transparent.  For example if it passed all control characters intact,
it could be used with a text editor that uses control key sequences for
movement.  It could be programmed for most common arrow key sequences,
and for commands for editors such as EMACS, vi, etc, to pass them
through unchanged.

Same thing for receiving. When decrypting, it should pass through
unchanged any characters passing through the other way, and should not
interfere with terminal control characters, so any mail viewing program
would not be affected.

Additional functions it might include are generation and verification
of signatures, an echo mode with decrypt/encrypt (so you could store
the encrypted texts on your local drive, and to view would just "ascii
upload" them to the device while in a comm program; also you could
prepare the text of a message locally, while storing the encrypted text
echoed back. Then you could upload the cyphertext to the system), a
simple local editor and viewer, and anything else we have the ROM space
for.  Once the basic hardware is developed, there is nothing to stop
one from including any desired features.

Is anyone here already working on something like this?  If not, is
anyone interested in working with me on developing this kind of a
device?  I have the design pretty much thought out (this post is just a
summary).  I also have a clear picture of the prototyping and
development process, and am capable of writing the software part.  I
would like to work with a partner who knows the hardware part of all
this.  I.E. the RS232/UART control, PCB layouts, that kind of stuff.
Also, I know almost nothing about the technology of tamperproof memory
storage.

The main objective of this is not to make loads of money (though that
would not hurt either) but to increase widespread accessibility and use
of good crypto technology.  So I would make the schematics and code
available, in case anyone wants to be SURE and build one themselves.
This could probably also be made available in kit form, that could be
assembled by the user.  (an interesting parrallel: this is how the
personal computer was first distributed... look at the prevalence of PC
use today!) This way they can be more sure that it does what it says it
does.

So, if you have read this far you are probably interested in this.
PLEASE reply to me or to the list.  If you are the person I am looking
for to help with the development, please contact me soon, using one of the
addresses or numbers listed in the signature. 

If you think you would be interested in buying or using such a device
when it is ready, please let me know.

If you have any improvements to the idea, or other comments, or reasons
why you think this device would not be useful or could not work, please
let me know too.

Waiting for your feedback....

--
Yanek Martinson    mthvax.cs.miami.edu!safe0!yanek     uunet!medexam!yanek
this address preferred -->> yanek@novavax.nova.edu <<-- this address preferred
Phone (305) 765-6300 daytime   FAX: (305) 765-6708  1321 N 65 Way/Hollywood
      (305) 963-1931 evenings       (305) 981-9812  Florida, 33024-5819





Thread