On Tue, Feb 05, 2002 at 11:16:40AM -0800, Bill Frantz wrote: > I expect you could initialize the random data in that memory during > manufacture with little loss of real security. (If you are concerned about > the card's manufacturer, then you have bigger problems. If anyone does, > the manufacturer has the necessary equipment to extract data from secret > parts of the card, install Trojans etc.)
"They say a secret is something you tell one other person" -- U2, "The Fly" While it is true that most users of smartcards will choose to simply trust the manufacturer, paranoid users could use a n choose m type of approach to achieve a certain level of assurance. In most cases verifying that a card is trojan free is a destructive process, so the user would test a relatively low percentage of cards and make the penalty for cheating high enough to ensure that the manufacturer stays honest. Having the manufacturer provide the random data changes the burden of proof drastically - there is no way for to _prove_ that they did not retain a copy of the random data, while it can be proved that they did not try to cheat simply by testing all the cards. Additionally, if the manufacturer is providing the secrets on the card it appers that one weakens the non-repudiation property of signatures derived from this secret. All in all, it seems like manufacturer provided secrets are not a Good Thing(tm). The whole idea with smartcards is that _nobody_ knows the secrets, right? -Ryan -- Ryan T. McBride, CISSP - [EMAIL PROTECTED] Countersiege Systems Corporation - http://www.countersiege.com PGP key fingerprint = 645D 30F3 6A3A A4FD 2B95 3EF3 10AD D8C8 834B 6CEE --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]