Java Ring: One Wearable To Rule All Authentications

Today, you likely often authenticate or pay for things with a tap, either using a chip in your card, or with your phone, or maybe even with your watch or a Yubikey. Now, imagine doing all these things way back in 1998 with a single wearable device that you could shower or swim with. Sound crazy?

These types of transactions and authentications were more than possible then. In fact, the Java ring and its iButton brethren were poised to take over all kinds of informational handshakes, from unlocking doors and computers to paying for things, sharing medical records, making coffee according to preference, and much more. So, what happened?

Just Press the Blue Dot

Perhaps the most late-nineties piece of tech jewelry ever produced, the Java Ring is a wearable computer. It contains a tiny microprocessor with a million transistors that has a built-in Java Virtual Machine (JVM), non-volatile storage, and an serial interface for data transfer.

A family of Java iButton devices, including the Java Ring, a Java dog tag, and two Blue Dot readers -- one parallel, one serial.
A family of Java iButton devices and smart cards, including the Java Ring, a Java dog tag, and two Blue Dot readers. Image by [youbitbrain] via reddit
Technically speaking, this thing has 6 Kb of NVRAM expandable to 128 Kb, and up to 64 Kb of ROM (PDF). It runs the Java Card 2.0 standard, which is discussed in the article linked above.

While it might be the coolest piece in the catalog, the Java ring was just one of many ways to get your iButton. But wait, what is this iButton I keep talking about?

In 1989, Dallas Semiconductor created a storage device that resembles a coin cell battery and uses the 1-Wire communication protocol. The top of the iButton is the positive contact, and the casing acts as ground. These things are still around, and have many applications from holding bus fare in Istanbul to the immunization records of Canadian cows.

For $15 in 1998 money, you could get a Blue Dot receptor to go with it for sexy hardware two-factor authentication into your computer via serial or parallel port. Using an iButton was as easy as pressing the ring (or what have you) up against the Blue Dot.

Indestructible Inside and Out, Except for When You Need It

The mighty Java Ring on my left ring finger.
It’s a hefty secret decoder ring, that’s for sure.

Made of of stainless steel and waterproof grommets, this thing is built to be indestructible. The batteries were rated for a ten-year life, and the ring itself for one million hot contacts with Blue Dot receptors.

This thing has several types of encryption going for it, including 1024-bit RSA public-key encryption, which acts like a PGP key. There’s a random number generator and a real-time clock to disallow backdating transactions. And the processor is driven by an unstabilized ring oscillator, so it constantly varies its clock speed between 10 and 20 MHz. This way, the speed can’t be detected externally.

But probably the coolest part is that the embedded RAM is tamper-proof. If tampered with, the RAM undergoes a process called rapid zeroization that erases everything. Of course, while Java Rings and other iButton devices maybe be internally and externally tamper-proof, they can be lost or stolen quite easily. This is part of why the iButton came in many form factors, from key chains and necklaces to rings and watch add-ons. You can see some in the brochure below that came with the ring:

The Part You’ve Been Waiting For

I seriously doubt I can get into this thing without totally destroying it, so these exploded views will have to do. Note the ESD suppressor.

So, What Happened?

I surmise that the demise of the Java Ring and other iButton devices has to do with barriers to entry for businesses — even though receptors may have been $15 each, it simply cost too much to adopt the technology. And although it was stylish to Java all the things at the time, well, you can see how that turned out.

If you want a Java Ring, they’re on ebay. If you want a modern version of the Java Ring, just dissolve a credit card and put the goodies in resin.

27 thoughts on “Java Ring: One Wearable To Rule All Authentications

  1. Dallas TouchMemory ? we had a customer in ’96 (in Argentina) that use the Dallas versions DS1994 for access to a lab where vaccines were produced. It was used in a high humidity environment, the people of Dallas didn’t like high humidity :). It worked well, if I remember correctly.

    1. I’ve seen these in a lot of pubs. Of course, I don’t know if they’re actually Java Rings or just some other kind of token in the same form factor.

      It’s interesting to look back at the old JVM, which was very much designed for embedded use — like, the only part of the language which allocated memory was the new keyword, and by restricting it to static initialisers only you ended up with a remarkably usable language which didn’t have any form of dynamic memory allocation, and because it was interpreted programs were very dense. And as it was a strict subset of desktop Java, development was trivial.

  2. Nothing happened. That iButton became part of technology’s past. The rest of the buttons are still around, mostly. But the original idea lies with a timer built by BULOVA for the Explorer 1 sat. It became a watch. From there the Dallas people created them. I still use the RTC buttons for the stuff I build.

  3. I desperately wanted some of these back in the early 2000’s, but they were export restricted due to the crypto, and could not be shipped to South Africa. They should be the same size as any other still-available iButtons, I would expect, if they are intended to use the same readers.

    And yes, they are still in use here in South Africa for things like security guard patrol tracking – they have a smart baton that they touch to a series of iButtons (typically only holding a 64-bit identity) scattered around the site, that records the time that each identity iButton was touched to confirm that the guard was not sleeping on the job.

  4. Such devices could store some data associated with the device owner, but it can’t store a useful amount of data. Such data would either have to be public, or the device would have to authenticate someone trying to access it.

    A useful amount of data associated with the device owner is easily stored in a database on a server. The device can be used as an identification key “into” the database. But that’s no more useful than an RFID or banking SecurID type device.

    Hence such devices aren’t much more than a solution looking for a problem.

      1. The SDK was dreadful for these things, and I suspect that was a big part of it. It was clunky, brittle, and closed source and didn’t really offer much in terms of inspiring exaples.

        I remember snagging a dev kit to play with and arriving at the conclusion that there was previous little it could do in practice that couldn’t be done just as well with a signed blob stored in a plain old EEPROM (since it had no real I/O with the outside world except to its base station, other than knowing the time and possibly a private key, anything you fed it had to be when it docked and at thay point its maximum capability envelope was a limited transaction log and the only thing it could offer over a vanilla EEPROM in that respect was the ability to refuse to update itself for an untrusted base station).

        1. With modern ECC keys and experience with TPM/FIDO operation it could probably be done much better. You have it generate a key locally that it will never give you, sign the public portion at your authority, and put that cert back on it. Then you have an API to sign or do key-derivation with it and you’ve got a nice identity system.

  5. They’ve been popular as guard-tour stations, where the iButtons are in little wall mounts bolted to various places on the building or grounds, and the guard walks around with a reader and touches them to prove that they actually walked the property rather than sitting in the guard shack playing Angry Birds all night.

  6. iButton devices are still heavily used in Fleet Management, for driver authentication, trailer identification, access control for heavier machines like scissor lifts etc. I’ve worked with heaps of different devices over the past.. 14 years (holy cow!) and almost all support reading this type of 1-wire device. An added bonus is the plethora of RFID/NFC card/tag readers available that also output scanned data using the same type of 1-wire interface.

  7. I have been to a resort in Turkey where all guests got a tag like this on a wristband and our bar tab was placed on it. I spent millions on beer that way (as a beer cost about a million Turkish Lira back then… go figure how long ago that was).

    As I was there to paraglide, I wore mine on the ankle instead of wrist, much to the amusement of hotel staff.

  8. Old-stock Java Cards have now been repurposed by NXP and ST Micro (at a markup) as “Secure Element” ICs used in the emerging CCC standard for vehicle entry via cell phone.

  9. Forget the Java button – the Thermochron is where it’s at. I had a need to log some temperatures over time a few years back, except all temp logger gadgets apparently cost five kidneys for some inexplicable reason. I was NOT in the mood to hack together something myself, but then I remembered Dallas made an iButton that was using its internal battery to work as a completely standalone temperature logger – you just had to “commission” it first, telling it how often to wake up and log etc. then remove from the reader, place at target location, retrieve later, and read out the temperature log (and turn off). And of course I had one of these in my drawer at work from the BeforeTimes when we actually considered using these for access control (I think?). Still worked fine, did the job…

    1. Ah, Thermochrons. We had been fighting with our building maintenance people over poor temperature regulation in our new office space and weren’t getting anywhere… until I used a few Thermochrons to log temperatures over several days in different cubicles. I imported the data into Excel and produced some nice graphs to prove the wild temperature swings we were complaining about. The building people finally gave in and spent the time to adjust the ductwork to fix the problem.

      I still have my Thermochrons but one or two have died – presumably when their batteries gave out – and one got lost somewhere in my car when I was trying to study how my windshield sun shade affected interior temperatures. I suppose one day I’ll find it buried under the seats along with spare change and old french fries. I wonder if the data will still be readable?

  10. I found one on the sidewalk outside Moscone Center in SF after a JavaOne Conference. Owing to it’s ungainly size & general unattractiveness, I always referred to it as a JavaĀ® Pimp Ring.

  11. There’s a little confusion evident in some of the comments. The Java Ring was just a wearable carrier for a Dallas Semiconductors Java iButton. I don’t fully understand the technology, but I think the idea was that a Java application could be loaded into the Java iButton and would run inside a secure, tamperproof processor inside the device itself. I suppose one could do other things with it, but the flagship app for the Java iButton was authentication.

    The Java Ring was probably mostly a marketing thing to put the technology into a familiar form for developers to play with.

    If I recall correctly, Sun Microsystems had a family of diskless workstations that incorporated an iButton port and the internal employees had cards – I don’t think it was a ring – with a Java iButton they could use for secure authentication. I don’t know if the product ever made it out into the wild in any significant way. If I recall correctly, Java iButtons weren’t exactly inexpensive – even outside the ring form factor – and as some have said they weren’t easy to program. Other than Sun’s internal workstations I’ve never seen one in actual use.

    The iButton form factor is used for plenty of other devices that aren’t Java iButtons, and some of the commenters here have encountered them. One of the big wins to the physical form factor is that they’re just about indestructible in normal use. No, they’re not hammer-, Dremel-, or steamroller-proof, but they’ll last forever hanging on a keychain or attached to a surface.

    Some Laser Tag places used them to identify their customers; you’d pay a couple of dollars the first time you played and they’d register your nickname and give you an iButton. Each had a guaranteed-unique serial number that identified you without having to sign in. These were inexpensive serial-number-only devices and no Java iButton was involved.

    The iButtons used by security patrols are likely the same thing. The security guards could prove they made their rounds by carrying a reader that they’d touch to a serial-number iButton at each required station to log the time when they were at the checkpoint. Again, no Java needed.

    Other iButtons had readable/writable memory, and there were applications where that could be useful.

    Thermochrons have a temperature sensor, a real-time clock, memory to hold 2000 samples, an internal battery, and a unique serial number (so you can tell multiple devices apart). You program the clock with the current time (they did drift a little bit) and then set them on a mission to take a sample at user-selectable regular intervals and save them into their memory. They can also save overtemp/undertemp events. The internal battery allows them to keep their time and do their sampling completely disconnected from any computer or source of power. I think the Thermochrons’ batteries were rated to provide a million temperature readings before running out. That sounds like a lot, but you had to be careful because logging the temperature once per second (saving only the last 2000) would wear your battery down within a couple of weeks. They were sealed inside the iButton can so once they’re dead… they’re dead.

    All of these products used the Dallas Semiconductor “1-Wire” protocol. 1-Wire, as in they used a single wire (plus a ground) to connect many (not sure the limit) iButton devices without having to have selection lines or multiplexors. The devices use draw parasitic power supplied on the single data in/out line.

    BTW, one common and inexpensive place where we see the 1-Wire protocol very much in use is with DS18B20 temperature sensors. These are available in (less bulletproof) TO-92 packages for under $1 each, or $2 each in a ‘probe’ format with a short cable and a steel shell. These generally have an third wire because they need a separate 3.3-5v supply. Although Dallas Semiconductor does allow some versions of the DS18B20 device to operate using parasitic power, I haven’t managed to make this work – either because mine aren’t the right parts, or because they’re cheap clones.

    Code to read these temperature sensors using Arduino, ESP32, and Raspberry Pi is really easy to implement, and I’ve used them extensively to monitor freezers and heat pumps for malfunctions. They’re highly recommended!

      1. Hah, and that points out a bit of a downside of using the supposedly-unique serial numbers of iButton/1-Wire devices. If you’re smart enough to be able to clone the serial number of a (non-Java) iButton used for simple ‘authentication’ (like in the Laser Tag example) or proof-of-physical-presence (the security guard example), then you can take someone else’s identity or make it look like you’re making your rounds when you’re actually napping under your desk.

        Which – to get back to the original topic – is why the Java iButton (on a Java Ring or not) made sense for more secure applications. All that extra tech inside a sturdy, tamperproof/tamper-evident device made it impossible (supposedly) to clone and ideal for its intended use.

  12. The badge won out as a wearable. Now and then NFC rings pop up, but I don’t really see anyone using them.

    For authentication these schemes are like keys, “something you have”. But that is not the primary method today. It’s “something you know”. Your bank should keep asking to the think in your head, even if, as XKCD pointed out, the $5 wrench might break that.

    I thought the iButton was also used to measure acceleration forces and temperature in packages? To make sure your shipment was handled correctly, not tossed around, transported upside down, overheated.

  13. I have an iButtonLink with “linkTH” connected to a raspberryPi zero2w, monitoring my basement temp and humidity. (Verifying performance of a dehumidifier bought last year).

    The company I work for has also included a 1wire-to-I2C converter in an industrial product we sell, in case customer requirements begin to include environmental monitoring.

    Java rings are no longer “a thing” but 1wire is still out there.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.