Smartcard device support?

[Dirk-Willem van Gulik]

On Tue, 12 Mar 2002, Louis A. Mamakos wrote:

> You should take a look at the Dallas Semiconductor Java iButton,
> which is a small Java smartcard like device in a package about the
> size of a button-battery.  There's also an inexpensive reader
> dongle you can attach to a serial port to talk with it.
> 
> The Java iButton can do RSA public key processing; in fact, with
> a suitably written application (in Java, of course), you can have
> the device generate a public/private keypair, hand you back the
> public key, and never expose the private key inside the tamper
> resistant device.  Very cool.

And extremely easy to write/handle. I used it to do the above; have it
signed by a CA - and then use the iButton to sign 5 day cert's which go
down into a web server. They are not that fast though - i.e. do not expect
those nice <1msec touch-and-go you see with the nedap devices. You have to
conciously press them against the blue connector for a noticable period of
time. I.e. there is a 'rest' moment.
 
> See http://www.ibutton.com/ for information.  See also
> /usr/ports/comms/mlan3 for some low-level code used to talk
> to these types of "one-wire" devices.

I found them working just fine. However - the IDE requirers java comm
support - which I could not get to work on FreeBSD (a year ago). So I had
to do the initial part of the development on Sun Solaris box (PC is fine
too).

But once you are set up it is 100% java and platform agnostics; and
especially if during development you allow the iButton to DHCP network
itself in - using one of the adaptor cards and the java SIM - you can use
(t)ftp to do all your develpment just fine from any unix. And may only
need ot do something special when you are rolling out the ibottons on a
PC.

DW.


To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message