Interesting discussion. Conjecture I: Smart card software has more in common with cryptographic algorithms than with computer operating systems. None of us (I assume) would use a cryptographic algorithm without being provided every technical detail of the algorithm and assurance that the realization we planned to use faithfully implemented these details. Cryptographic security flows from key secrecy, not algorithm secrecy. There is a long history of smart card manufacturers and smart card issuers embedding backdoors in smart card software. Witness the weak algorithms and keys in GSM SIMs and http://www.parodie.com/humpich/home.htm/ Conjecture II: If you as a card issuer or cardholder can't analyze the source code of the smart card operating system in your card and insure that what is in the card you hold is exactly the code you have analyzed, you are playing at security. Over to you ... Cheers, Scott P.S. http://www.scdk.com/atsfaq.htm
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Fri 8/15/2003 8:06 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [Muscle] Re: SSP smart card
On Friday 15 August 2003 14:17, [EMAIL PROTECTED] wrote:
> I apologize for sending to the list what could certainly be construed
> as a commercial email.
Well, I for one am appreciative for the pointer, regardless of whether I
agree with the philosophy behind keeping that kind of information
secret or classified.
> It was *not* intended to suggest that the Forte card is at all a
> solution for the subject of this letter (and thread), a smart card
> with a replaceable OS. It most certainly is *not* that!
Okay! :-) That suggests to me that the manufacturer building the cards
for you is the one burning the roms before embedding them in the
plastic--seems to me those types don't particularly like doing small
batches--and I'm fine with that too. It would just mean that I would
have to gather together a group of like-minded smartcard developers (or
convince my friends locally to go with SSP) before making a purchase.
> > Does low-level documentation exist for the on-board components such
> > as the cryptographic processor, the DES engine, and the real-time
> > clock?
>
> Of course, but I highly doubt it's available publicly. Much of
> this is probably classified.
I'll assume you mean the way the hardware itself is put together and any
on-board asics, since most of the algorithms described on the website
refer to publically available ciphers that are (for the most part)
described even within Bruce Schneier's excellent (but aging) tome
"Applied Cryptography."
> > Are there voltage ranges, timings, etc that trigger it? What are
> > the results of tamper detection? Complete erasure and a reset of
> > the card's on-board circuitry?
>
> Some of this stuff I *know* is classified (and I don't mean company
> proprietary).
I'll save the list from the typical Slashdot/Bugtraq discussion about
security through obscurity and annoying government or military
interference. You're welcome. :-)
> If anyone wants more info I will have to refer them to someone else
> here, either technical or sales. Email me if you are interested.
> I must warn you though that as a small company with very limited
> resources, we're not interested in supporting the hobbyist (yet).
> We're looking for customers who want thousands to millions of these.
Provided that my local fellow hobbyists and myself remain interested in
using wallet-friendly smartcards instead of clunky hardware dongling,
we might eventually approach you when all is said and done anyway.
Thanks for the clarification at any rate!
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.musclecard.com/mailman/listinfo/muscle
<<winmail.dat>>
