[12756] in cryptography@c2.net mail archive
Re: Encryption of data in smart cards
daemon@ATHENA.MIT.EDU (John Kelsey)
Thu Mar 13 13:14:07 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Thu, 13 Mar 2003 13:13:23 -0500
To: Krister Walfridsson <cato@df.lth.se>, Werner Koch <wk@gnupg.org>
From: John Kelsey <kelsey.j@ix.netcom.com>
Cc: cryptography@wasabisystems.com
In-Reply-To: <Pine.GSO.4.44.0303122301001.9884-100000@igloo.df.lth.se>
At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote:
...
>This is not completely true -- I have seen some high-end cards that use
>the PIN code entered by the user as the encryption key. And it is quite
>easy to do similar things on Java cards...
With any kind of reasonable PIN length, though, this isn't all that
helpful, because of the small set of possible PINs. And smartcards don't
generally have a lot of processing power, so making the PIN->key mapping
expensive doesn't help much, either.
> /Krister
--John Kelsey, kelsey.j@ix.netcom.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
