[12764] in cryptography@c2.net mail archive
RE: Encryption of data in smart cards
daemon@ATHENA.MIT.EDU (John Kelsey)
Fri Mar 14 19:54:20 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
Date: Fri, 14 Mar 2003 01:13:28 -0500
To: "Trei, Peter" <ptrei@rsasecurity.com>,
Krister Walfridsson <cato@df.lth.se>, Werner Koch <wk@gnupg.org>
From: John Kelsey <kelsey.j@ix.netcom.com>
Cc: cryptography@wasabisystems.com
In-Reply-To: <F504A8CEE925D411AF4A00508B8BE90A04D4A667@exna07.securitydy
namics.com>
At 01:23 PM 3/13/03 -0500, Trei, Peter wrote:
>Every PINned SC I've seen has a very limited (typically 3) number
>of failed attempts before it locks itself up. Once it's locked up, it
>can only be reactivated by an administrator PIN, which is held
>at much higher security by the issuer, and not available to the
>card user.
Right. Which is good for the PIN-guessing-to-get-access attack, but not
much help for the decrypting the extracted data using the PIN-generated key
attack.
>Peter
--John Kelsey, kelsey.j@ix.netcom.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
