Active Topics
-
Porting apps to Leste (32)
to Maemo 7 / Leste by Arno_11 - 3 days, 10 hrs ago -
[ANNOUNCE] CSSU-thumb thread - stable Thumb2 on N900 (2,264)
to Maemo 5 / Fremantle by panjgoori - 5 days, 5 hrs ago -
Full linux distros on Sailfish OS (254)
to SailfishOS by qoh - 6 days, 3 hrs ago - more...
|
2009-02-17
, 14:12
|
|
Posts: 1,097 |
Thanked: 650 times |
Joined on Nov 2007
|
#12
|
Originally Posted by Benson
And a countdown too - 8...7...6 seconds to self-destruction kind of thing - otherwise what kind of a self-destruction is it ? Any self-respecting 'self-destructing' routine should have a countdown and some pyrotechnics and smoke to go with it ...
That's boring. If I get a self-destructing security device, I expect some flames.
:-)
|
|
2009-02-17
, 14:47
|
|
Posts: 77 |
Thanked: 41 times |
Joined on Jan 2008
@ Charlotte, NC
|
#13
|
Even the "Mission Impossible" tape player gave off a bit of smoke when it destructed. I believe a puff of smoke is not too much to ask so you are assured that it has destructed.
Last edited by eetimm; 2009-02-17 at 15:19.
Last edited by eetimm; 2009-02-17 at 15:19.
|
|
2011-06-19
, 22:22
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#14
|
Old thread - but here's how I think it works.
I don't think it's anything like a SecureID, beyond it having a battery (which has already been mentioned), what appears to be a multi-character 7-seg ChLCD (http://en.wikipedia.org/wiki/Cholesteric_liquid_crystal), and a microcontroller of some sort.
On the front there are smartcard contacts, probably for programming the card. The way I think it works is basically it's an electronic version of PPP - Perfect Paper Passwords (https://www.grc.com/ppp.htm). The microcontroller's memory is simply programmed (via the smartcard interface) with a huge generated list of these passwords, and the list is tied to your account as well.
You press the button, it pulls the next PPP token from the list, displays it on the LCD, and then sets a flag bit saying "this token is used" (a similar flag bit is set on the server side as well on its list). If the token matches the free (non-flagged) token on the server, then access is granted. If it doesn't match, access isn't granted. Either way, the token on the server is flagged as "used" - so it can't be reused.
Such a system would require very little memory; only 20 bits per entry in the list. Flagging the token wouldn't necessarily need another bit: Just reset the number higher than the 6 digits but within the 20 bit space, and call that "flagged". As a bonus, it destroys the original value in the memory cell (extra security?). With 32K of flash RAM or similar SRAM onboard, it could hold 13000+ tokens. Even if you used the card 4 times a day, it would still be able to supply tokens for over 8 years. The battery would likely be dead long before that.
I don't think it's anything like a SecureID, beyond it having a battery (which has already been mentioned), what appears to be a multi-character 7-seg ChLCD (http://en.wikipedia.org/wiki/Cholesteric_liquid_crystal), and a microcontroller of some sort.
On the front there are smartcard contacts, probably for programming the card. The way I think it works is basically it's an electronic version of PPP - Perfect Paper Passwords (https://www.grc.com/ppp.htm). The microcontroller's memory is simply programmed (via the smartcard interface) with a huge generated list of these passwords, and the list is tied to your account as well.
You press the button, it pulls the next PPP token from the list, displays it on the LCD, and then sets a flag bit saying "this token is used" (a similar flag bit is set on the server side as well on its list). If the token matches the free (non-flagged) token on the server, then access is granted. If it doesn't match, access isn't granted. Either way, the token on the server is flagged as "used" - so it can't be reused.
Such a system would require very little memory; only 20 bits per entry in the list. Flagging the token wouldn't necessarily need another bit: Just reset the number higher than the 6 digits but within the 20 bit space, and call that "flagged". As a bonus, it destroys the original value in the memory cell (extra security?). With 32K of flash RAM or similar SRAM onboard, it could hold 13000+ tokens. Even if you used the card 4 times a day, it would still be able to supply tokens for over 8 years. The battery would likely be dead long before that.
Thanks, kansieo. and welcome to itT!