Re: electronic-ID and key-generation
From: Anne & Lynn Wheeler (lynn_at_garlic.com)
Date: 05/28/03
- Next message: Dann Corbit: "Re: Avoiding C++ Templates In Cipher Implementation"
- Previous message: Gregory G Rose: "Re: Triple AES (3AES)"
- In reply to: Peter Gullberg: "Re: electronic-ID and key-generation"
- Next in thread: Peter Gullberg: "Re: electronic-ID and key-generation"
- Reply: Peter Gullberg: "Re: electronic-ID and key-generation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 May 2003 17:30:59 GMT
"Peter Gullberg" <NOSPAM.peter_gullberg@hotmail.com> writes:
> must be generated inside the smartcard to achieve "true"
> non-repudiation etc., I agree on this for PKI-only applications.
basically forget all the witch doctor mumbo-jumbo you may have
heard associated with PKIs and certificates.
basically electronic-ID is authentication. authentication boils down
to one or more of:
* something you have (tokens)
* something you know (secrets)
* something you are (biometrics)
chips supposedly are used in tokens to allow verification of the token
to be done electronically ... and plausably also to make it harder to
counterfeit the token. The reason that gov. and financial institutions
specify things like EAL5-high certification is that they really want
it to be difficult to counterfeit tokens (also why they frequently
have armed guards during transport from chip fabrication to
personalization center).
the issue is, given the overall infrastructure, to what degree of
certainty can the institution really believe its you? this not only
involves things like exploits counterfeiting one or more of the three
authentication methods .... but also the whole infrastructure that
takes part in verifying the authentication information.
for instance, x9.84 standard for biometrics .... has issues with
biometrics values .... when they effectively are used in shared-secret
mode (aka central registrty, remote matching, etc) that they have the
highest level of security. evesdropping a biometric value and later
being able to electronically reproduce the biometric signal (as in
shared-secret) opens the infrastructure up to impersonation (aka it is
much easier to change a compromized PIN that it is to change a
compromized thumb print).
so a real issue with buying off-the-shelf card and doing your own key
generation ... has little or nothing to do with key gen ... it has to
do with how can the institution trust a user presented token as part
of "something you have" authentication (aka as in the key is suppose
to be a unique representation of the token ... as opposed to the key
having some unique intrinsic magically value of its own). This is in
the context of institutions that nominally require armed guards as
part of addressing exploits associated with copy/counterfeit chips
being injected into the environment.
past posts:
http://www.garlic.com/~lynn/2003i.html#29 electronic-ID and key-generation
http://www.garlic.com/~lynn/2003i.html#35 electronic-ID and key-generation
misc armed guards &/or counterfeit/copy chips
http://www.garlic.com/~lynn/aadsm3.htm#cstech12 cardtech/securetech & CA PKI
http://www.garlic.com/~lynn/aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature
http://www.garlic.com/~lynn/aepay3.htm#x959risk4 Risk Management in AA / draft X9.59
http://www.garlic.com/~lynn/2001j.html#54 Does "Strong Security" Mean Anything?
-- Anne & Lynn Wheeler | http://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
- Next message: Dann Corbit: "Re: Avoiding C++ Templates In Cipher Implementation"
- Previous message: Gregory G Rose: "Re: Triple AES (3AES)"
- In reply to: Peter Gullberg: "Re: electronic-ID and key-generation"
- Next in thread: Peter Gullberg: "Re: electronic-ID and key-generation"
- Reply: Peter Gullberg: "Re: electronic-ID and key-generation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
