Stokes’ ProjBlog

A journal documenting innumerable, mostly terminally in-progress undertakings. Nerdiness abounds.

 

Buttoning down security November 1, 2015

Filed under: Miscelaneous Projects,New project! — Stokes @ 3:41 pm

iButton Reader 2My employer recently rolled out new security policies, including stricter requirements for passwords. As often the case, strong passwords using the new scheme can be a bit difficult to remember, and the unnatural mix of symbols makes them slow to type. A system with less strict password rules paired with a physical key (the “something you know/something you have” combo) would be more secure and convenient, but it is usually something that needs to be rolled out at a company level. I came up with a compromise.

iButtons are kind of a cool technology, albeit one that never made it out of certain niche markets. Basically, iButtons are 1-Wire chips in ruggedized packages similar to coin cell batteries. They only need two connections — combined data/power and ground — so the battery form factor works well. iButtons have unique 64 bit IDs and can join a 1-Wire “MicroLAN” with just a touch to a reader. I’ve had an assortment of 1-Wire and iButton hardware for a long time but never found a good use for it… until now.

(Note: again, the code samples cause my theme to render badly in several browsers. My apologies; redoing/modernizing my blog’s theme is on the to-do list.)

The idea is simple: data on the iButton is used to generate simulated keystrokes. I type half of the password, and the iButton ‘types’ the rest. In my proof-of-concept, the text generated by the iButton is derived from its ID, which undergoes some secret modification before it is written. I’ve got enough ID-only iButtons to let me change them every time my password expires for the next several years. I also have some with EEPROM and other forms of memory, so a future version might use that.

iButton Reader Electronics, explodediButton Reader, ElectronicsThe guts of my prototype are a miniature knock-off of an Arduino Leonardo (based on an ATMega 32U4). The reader itself is ‘dumb,’ not much more than two concentric rings of stainless steel with a decorative LED in the middle. The sleek enclosure was something hanging around the office, left over from an old project. A piezo speaker indicates a good or bad read. All in all, it’s pretty good for a single evening’s work, using parts I had on hand.

Writing the code was easier than I’d anticipated. The Arduino OneWire library works better than expected.

(I used this example as a guide.)

This was just a proof-of-concept, not something I’m intending to use, at least not in its current form. Any of my coworkers seeing this can rest easy. It works remarkably well, though, so I may actually use a future iteration.

No schematics for this yet, but it’s all pretty simple. Will update at some point.

 

 

Leave a Reply

You must be logged in to post a comment.