One can have a lot of fun with key-wielding tokens, especially on
Windows. See:
J. Marchesini, S.W. Smith, M. Zhao.
"Keyjacking: the Surprising Insecurity of Client-side SSL."
Computers and Security.
4 (2): 109-123. March 2005.
http://www.cs.dartmouth.edu/~sws/pubs/msz05.pdf
--Sean
Sean W. Smith [EMAIL PROTECTED] www.cs.dartmouth.edu/~sws/
Department of Computer Science, Dartmouth College, Hanover NH USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
