[12770] in cryptography@c2.net mail archive
Re: Encryption of data in smart cards
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Fri Mar 14 19:57:02 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: "Trei, Peter" <ptrei@rsasecurity.com>,
"Krister Walfridsson" <cato@df.lth.se>, "Werner Koch" <wk@gnupg.org>,
"'John Kelsey'" <kelsey.j@ix.netcom.com>
Cc: <cryptography@wasabisystems.com>
Date: Fri, 14 Mar 2003 11:14:27 -0500
> > With any kind of reasonable PIN length, though, this isn't all that
> > helpful, because of the small set of possible PINs. And smartcards
don't
> > generally have a lot of processing power, so making the PIN->key mapping
> > expensive doesn't help much, either.
> >
> > > /Krister
> >
> > --John Kelsey, kelsey.j@ix.netcom.com
> >
> Every PINned SC I've seen has a very limited (typically 3) number
> of failed attempts before it locks itself up. Once it's locked up, it
> can only be reactivated by an administrator PIN, which is held
> at much higher security by the issuer, and not available to the
> card user.
>
> Peter
Yes, but wasn`t the discussion about countermeasure to just reading
the contents of the smart card. If you can read the encrypted data,
and it`s encrypted under a key derived from a PIN, you have all
the time and chances you want to try all PINs. That`s the reason
why it doesn`t work.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
