[12777] in cryptography@c2.net mail archive
Re: Encryption of data in smart cards
daemon@ATHENA.MIT.EDU (Nikita Borisov)
Fri Mar 14 20:00:09 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
X-Envelope-To: cryptography@wasabisystems.com
To: cryptography@wasabisystems.com
From: Nikita Borisov <nikitab@cs.berkeley.edu>
Date: Fri, 14 Mar 2003 16:48:35 -0800
X-Complaints-To: news@abraham.cs.berkeley.edu
Trei, Peter wrote:
>>John Kelsey[SMTP:kelsey.j@ix.netcom.com]
>>At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote:
>>>This is not completely true -- I have seen some high-end cards that use
>>>the PIN code entered by the user as the encryption key. And it is quite
>>>easy to do similar things on Java cards...
>>
>>With any kind of reasonable PIN length, though, this isn't all that
>>helpful, because of the small set of possible PINs. And smartcards don't
>>generally have a lot of processing power, so making the PIN->key mapping
>>expensive doesn't help much, either.
>
> Every PINned SC I've seen has a very limited (typically 3) number
> of failed attempts before it locks itself up. Once it's locked up, it
> can only be reactivated by an administrator PIN, which is held
> at much higher security by the issuer, and not available to the
> card user.
I think John's point is still valid: encryption is only necessary to
protect against people who bypass the standard API and somehow extract
the data (microscopes, side channels?). In that case, the lock-out
feature is irrelevant, and a short PIN is not much of a barrier.
- Nikita
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
