From: Carl Ellison <cme@sw.stratus.com>
Date: Fri, 12 Nov 93 09:03:41 PST
To: cypherpunks@toad.com
Subject: Re:  OMNI CARD
Message-ID: <199311121700.MAA21161@ellisun.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain


This sounds almost identical to the Racal-Guardata Watchword.  It's old
technology (although making the unit small might be new).  I have a
Watchword on my desk as I write this.

It's a calculator with authentication built in.

There's my own DES key inside.  To get to it, I enter 1 of 2 PINs.  (the
second is a "duress PIN" -- works but sounds a warning in the security
office, saying that I have a gun to my head, if I use it for a
challenge/resp).

The system authenticating me gives me a 7-digit challenge number.  I enter
it and my Watchword gives me a 7-digit response number back.  I then give
that number to the system -- typed as a password or over the phone to a
person.


-------

The SecureID (which I carry in my wallet, against directions from the vendor)
has my encryption key buried inside along with a calendar clock.

Every minute, it encrypts the date and time with my key and displays 6 digits
of the result.  It has a keypad for entering a PIN which is then added (without
carry) to the 6-digit result and that is displayed instead, if I've entered
the PIN, for the next 5 minutes.

This saves half the protocol (by sync of calendar clocks).

 - Carl