>There is no such thing as a "tamper proof" device, and that goes >double for anything distributed to consumers and left in their sole >possession for indefinite periods Alice cannot be sure it is Bob if >Frank can spend time physically attacking the reader so that he can >send Bob's iris print whether Bob is there or not.
The lesson I learned from the excellent reverse engineering of various smartcards is this: if the device is in someone's possesion, *they* should be interested in not tampering with it. (E.g., When a bank's card is in a cracker's wallet, this is not the case.) Which party the sensor should belong to depends on the app. For some apps the other party may insist that you use their sensor; for some, you might insist on keeping your fingerprint (etc) in your smart card. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]