[3116] in cryptography@c2.net mail archive
Re: Bluetooth personal radio LAN authentication idea
daemon@ATHENA.MIT.EDU (John Gilmore)
Wed Jul 29 23:29:03 1998
To: cryptography@c2.net, gnu@toad.com
Date: Wed, 29 Jul 1998 20:08:22 -0700
From: John Gilmore <gnu@toad.com>
A postscript thought: Our implementation of authentication can be
arbitrarily complex, if a simple touch-contact interface existed to
simplify the user interface. Like the "Java ring", it only needs one
wire or contact to communicate. E.g. you would tell the devices "I'm
about to introduce you to another of my devices" and then bump the two
devices together, and they would establish authentication of each
other. (They can push 400 kbit/sec over the Bluetooth radio link, so
all they really need is say 9600 baud over the physical-contact link,
to pass secrets that shouldn't go via radio, and to prove that the
device you're talking to on the radio is the same device your user
wants to introduce to you.) An ideal user interface would allowed a
tenth-of-a-second contact to provide the authentication. The actual
technology of authentication could be as complex as we can reasonably
fit into a small chip -- e.g. a randomly generated shared secret key
pair for 3DES would suffice.
This would eliminate the need to manually configure for
authentication, e.g. enter the same 4-digit PIN on each device (which
would offer minimal security, and requires a keyboard interface on
each device). They contemplate using this for really simple things
like headphones (audio output devices), eliminating the cable between
a radio, cellphone, ordinary phone, or PC and the headphones.
Presumably you wouldn't want your neighbor on the train to be able to
listen in on your phone call, using his own (possibly customized)
Bluetooth headphones.
Of course, people who wanted to intercept you could "bump into you" to
authenticate their interception devices to yours. I suppose the
paranoid among us could put electrical tape over their "private ports"
once they had authenticated their devices to each other. Is that what
those black rectangles in those pictures is?
John
