From: Eric Blossom <eb@comsec.com>
Date: Tue, 27 May 1997 04:41:58 +0800
To: tcmay@got.net
Subject: Re: V-Chips for the Internet / Crypto Keyboards
In-Reply-To: <v03102800afabb4cdc0fe@[207.167.93.63]>
Message-ID: <199705262003.NAA09654@comsec.com>
MIME-Version: 1.0
Content-Type: text/plain


Tim May writes:
> Could hardware-based chips be coming? At a recent meeting, John Markoff
> asked me if I'd heard anything about Intel's rumored contract to buy 20
> million (yes, 20 _million_) keyboards with crypto features built in. I had
> not heard this rumor.
> 
> (Since then, though, there have been rumblings that Intel is preparing to
> offer such keyboards, possibly with "user authentication" features (don't
> know what kind). This might, speculating here, be linked with  the Intel-HP
> (and maybe Verifone, which HP is buying?) key recovery work. Conceivably, a
> plan to sell a large user base (20 million?) on a hardware/keyboard-based
> "secure commerce" solution.)

I haven't heard anything about this rumor.  However, if you look at
the new USB chips being built by Cypress et al, it's not hard to
imagine keyboards with ISO smart card readers built in.  The USB chips
contain a simple RISC core, lots of I/O pins and something like 4-8KB
of FLASH or OTP memory.  The incremental cost is a slot with 6
contacts for the smart card.  Unlike PCMCIA, the ISO smart cards are
cheap to build and easy to interface to.  Schmlumberger is currently
promoting it's "CryptoFlex" card which can do 1024-bit RSA sigs as
well as triple-DES.  I believe that it can do a 1024-bit sig in
something like 20 ms.

Eric