[145071] in cryptography@c2.net mail archive
Re: Crypto dongles to secure online transactions
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Mon Nov 16 12:19:46 2009
Cc: Cryptography List <cryptography@metzdowd.com>
From: Jerry Leichter <leichter@lrw.com>
To: Matt Crawford <crawdad@fnal.gov>
In-Reply-To: <F5F1DF6B-2949-4B2A-B148-520FDE35E4EF@fnal.gov>
Date: Wed, 11 Nov 2009 21:42:21 -0500
On Nov 11, 2009, at 10:36 AM, Matt Crawford wrote:
>
> On Nov 10, 2009, at 8:44 AM, Jerry Leichter wrote:
>
>> Whether or not it can, it demonstrates the hazards of freezing
>> implementations of crypto protocols into ROM: Imagine a world in
>> which there are a couple of hundred million ZTIC's or similar
>> devices fielded - and a significant vulnerability is found in the
>> protocol they speak.
>
> Imagine a couple of hundred million devices with updatable firmware
> on them, and one or more rogue updates in the wild.
That's the flip side of the vulnerability - and it's exactly why I did
*not* suggest that the "fix" for vulnerable algorithms frozen into
silicon was to make them updatable.
Of course, there *are* situations in which that makes sense. If one
organization distributes the dongles, they could accept only updates
signed by that organization. We have pretty good methods for keeping
private keys secret at the enterprise level, so the risks should be
manageable.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
