At 01:13 PM 3/13/2003 -0500, John Kelsey wrote:
At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote:
...
This is not completely true -- I have seen some high-end cards that use
the PIN code entered by the user as the encryption key. And it is quite
easy to do similar things on Java cards...
With any kind of reasonable PIN length, though, this isn't all that
helpful, because of the small set of possible PINs. And smartcards don't
generally have a lot of processing power, so making the PIN->key mapping
expensive doesn't help much, either.
/Krister
--John Kelsey, [EMAIL PROTECTED]
note however, that PIN could be possibly in infrastructure with real secret
key and encryption done with derived key. the derived key one-way function
is attempting to protect the infrastructure-wide secret key from brute
force key search on specific piece of data. The issue is how many bits in a
PIN is required to protect the secret key in a one-way function (involving
the secret key and the PIN). A simple derived key is sufficient using the
secret key and public account number. Adding a (privately known, card
specific) PIN to such a derived key function:
1) doesn't increase the ease of attack on the secret key
2) doesn't affect brute force attack on the derived key
3) makes it harder to use a lost/stolen card
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]