From: Jason S. <jas...@sh...> - 2003-08-10 20:20:00
|
Why not use a simple eeprom Ibutton and store a new random key. That way you would need the ibutton serial number and current key when you open the door. Everytime it connects the server issues a new key to that serial numbered device and would expect it upon next use for valid entry. Kinda like how some of the new garage door remotes work. (or rip out the electronics from a mechanically busted garage door opener and use that for proximity opener ;) ) -J On Sun, 10 Aug 2003, Steve Haehnichen wrote: > -=> On Sun, 10 Aug 2003, Chris Witte <cwi...@wi...> said: > > > Actually, it'd be pretty simple (electronically) to clone an ibutton > > with a PIC or something. The attacker would still need to get hold > > of an authorized ibutton serial number, but once they did, it could > > be cloned be a variety of programmable chips. > > If you are only checking for the iButton unique serial number, then > you're quite right. If you implemented the entire iButton side of the > 1-Wire interface, then you could spoof (known) serial numbers. > > But that's not the iButton to use for security. THIS one is: > http://www.ibutton.com/ibuttons/java.html > > Even a motivated and funded organization would probably have to pause > a bit and consider alternatives: > http://www.ibutton.com/software/crypto/fips140-1l3.pdf > > > In the end, it just has to be more secure than a key lock or window > latch, I suppose. I prefer the contact-less HID proximity cards since > you can hide the reader out of view. But they're even less secure > than iButton serial numbers. > > -Steve > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 > ________________________________________________________ > To unsubscribe from this list, go to: http://sourceforge.net/mail/?group_id=1365 > > |