[993] in WWW Security List Archive
RE: N$ SSL vs M$ PCT
daemon@ATHENA.MIT.EDU (maracchini_dave)
Thu Oct 5 17:10:37 1995
Date: Thu, 5 Oct 95 10:09:53 PDT
From: a-davem@ac.tandem.com (maracchini_dave)
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Virtually ALL protocols proposed for use in protecting commerce on the
Internet (e.g., S-HTTP) have holes have holes large enough to drive a truck
through PRECISLY because they do not limit key use to a specific purpose.
A key should NEVER be used for more than one purpose in order to minimize
the risk of key/data substitution attacks. This principal is one of the
necessary conditions for securing transactions and hold true for both
symetric (e.g., DES) and asymetric (e.g., RSA) crypto systems.
The dominant payment networks (i.e., Bank ATM, CIRRUS, INTERLINK, etc.)
have long ago recognized this fact - the key used to transmitt other keys
is different from the key used to encrypt PINs, is different from the key
used to authenticate the authorization request, is different from the key
used to authenticate the authorization response, etc.
Regards, Dave
