Home iButton® Overview Types of iButton Thermochron Java™-powered Memory iButton Accessories Blue Dot Receptor Digital Jewelry Mounting Hardware TINI Java-powered Ring Weather Station iButton Quick Reference Software Developer's Tools FAQs

Algorithm
Mathematical procedure performed in a series of steps. A public key encryption algorithm must have special characteristics:

1. The algorithm is not simply reversible; that is, you cannot directly derive initial conditions just by knowing the end result.
2. Processing the algorithm forward encrypts; running it backwards decrypts; both encryption and decryption require input from either the public or private key.
3. The algorithmic sequence must be permutable; that is, either key value can be inserted into either the forward or the reverse process that results in encryption/decryption. The key usage must be sequential, but the initial order does not matter.

The algorithm used in the DS1954 crypto iButton is licensed from RSA Data Security, Inc. and looks like this:

Encryption: C = M^E mod N
Decryption: M = C^D mod N

M = Original plain text message (as a number)
C = Encrypted message (as a number)
N = Public and private key modulus
E = Public key exponent
D = Private key exponent

Authentication
The ability to bestow authoritative, legal, binding identity upon electronic communications, both as to content and source. This is the purpose of the digital signature.

Cryptography
Obscured writing. See Encryption. "Encipher," "encode" and "encrypt" are used interchangeably in common English usage; when it comes to securing Internet messages, however, "encryption" is distinguished from the "encoded" character set, such as ASCI, that all computers must use.

Digest
Abridged and cryptographically obscured version of message text, also called a message hash. In electronic communication the message digest is used for 1) incorporating a message identifier within a digital signature and 2) tamper detection.

Digital Signature
Code that 1) encrypts a person's identity and 2) links it to a specific message traveling over the Internet. The crypto iButton uses RSA public key encryption (PKE). In this scheme, the digital signature incorporates the digest and the sender's private key.

Note: When the encryption technique renders it unique and unforgeable, a digital signature carries the same legal significance as a handwritten signature. A trustworthy digital signature is essential to validate commercial and financial transactions over the Internet. The digital signature authenticates both sender identity and, through the hash value, the message content. The encryption technique used for creating digital signatures is legally exportable from the U.S.A. The technology to encrypt and decrypt messages is export-controlled.

Encryption
The substitution of units of message values (letters, numbers, words, places, names, etc.) according to a regular plan or formula agreed upon by the sender and receiver. The crypto iButton uses public key encryption (PKE).

FIPS
Federal Information Processing Standards of the NIST (National Institute of Standards and Technology). The crypto iButton meets FIPS 140-1 Security Requirements for Cryptographic Modules, per the following:

1.3 Security Level 3

... Level 3 attempts to prevent the intruder from gaining access to critical security parameters held within the module. For example, a multi-chip embedded module must be contained in a strong enclosure, and if a cover is removed or a door is opened, the critical security parameters are zeroized.

Hashing
The mathematical process that produces the message digest or "hash." The processor treats the message as a large number, which it subjects to mathematical transformations that result in the digest or hash. The computer incorporates the hash into the sender's digital signature. Due to the mathematics involved, the original message cannot be recreated from the hash. However, the method for creating hashes is public knowledge. To check for tampering, the message recipient re-hashes the full message in hand and compares the result with the hash enciphered with the digital signature. If the hash values do not match, the message has been altered.

Math Accelerator/ Cryptographic Engine
The guts and glory of the DS1954 crypto iButton: a secure DS83C950 microprocessor with NV RAM and the 1-Wire® circuit design. The microprocessor cycles at a low power, 10-20 MHz, yet manages to hash the message, fetch the keys and generate the digital signature in about one second.

While running the math, the crypto iButton disguises signals by using an irregular oscillator to cover patterns. A separate, steady oscillator runs the clock/calendar that provides the time and date stamp.

PKE (Public Key Encryption)
Encryption scheme using two complementary numeric keys for either encoding or decoding a message in a sufficiently complex mathematical process. The public key is openly available; the private key is known only to the owner. One key is used in the algorithm for the encrypting process, and the other key in its complementary place for the decryption process. The keys can be used interchangeably for either encrypting or decrypting. Both keys are essential to the complete process but can only be used separately. If one key is used to encrypt, only the other key can be used to decrypt.

The algorithm used to produce both keys is publicly known; however, the process does not allow the value of the private key to be derived from the public key.

The keys in the public/private key pair are related through a composite number produced by multiplying two large prime numbers together. The public key is built with this composite; the private key is an inverse of the public key. Even though its value is dependent on the public key, the private key value cannot be deduced from the public key without unrealistic amounts of time and computer power, mainly due to the intractable nature of large prime numbers.

The success of public key encryption depends on two aspects of the private key: 1) The private key must be very large to maximize the difficulty of figuring it out. 2) The private key must be physically kept safe and secret.

PKI
Public Key Infrastructure: "a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction." Source: Webopedia.

Private Key
In Public Key Encryption, the key value that is complementary to the owner's public key, but is carefully kept hidden and private in an electronic medium secure from hacking. It is too large to be memorized or transferred from paper. The crypto iButton stores the private key offline, in nonvolatile RAM.

The 1024-bit private key's number value (used in the crypto iButton) covers 21024 decimal extensions. However, since the number represented must include the product of primes (one 512-bit number times another 512-bit number), currently known methods for finding primes reduce the range to approximately 296 possible values.

Public Key
In Public Key Encryption, the key value, complementary to the private key, published in a publicly accessed directory and publicly associated with the owner.

Zeroization
A tamper response whereby an attempt to access protected memory initiates an instant erasure. The crypto iButton zeroizes in a fraction of a second thanks to the high-speed read/write capability of nonvolatile random access memory (NV RAM). The DS1954's the steel case is a constantly monitored 1-Wire switch contact. If someone attempts to open it, the cryptographic chip separates from the lithium power cell, putting the circuit on internal capacitor power. The chip uses this power to completely overwrite the memory area with nulls, making the previous content irretrievable.