> Hadmut Danisch[SMTP:[EMAIL PROTECTED]] > > On Fri, Sep 20, 2002 at 12:07:38PM -0400, Perry E. Metzger wrote: > > > > http://www.nature.com/nsu/020916/020916-15.html > > > > An idea from some folks at MIT apparently where a physical token > > consisting of a bunch of spheres embedded in epoxy is used as an > > access device by shining a laser through it. > > > > On the surface, this seems as silly as biometric authentication -- you > > can simply forge what the sensor is expecting even if you can't forge > > the token. > > > Mmmh, assuming that this is really difficult to forge, it's not > silly and doesn't compare to biometric authentication. > [...]
> Hadmut > It appears to have replay resistance *between* readers - ie, the data from reader A would be useless to spoof reader B, since the two readers will illuminate the device at different locations and angles. I would worry about durability - they mention that a 0.5 mm hole can destroy the token. It would appear that dust, scratches, etc could also invalidate it. Sure, it can be encased, coated, etc, but that all raises the cost. Peter --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]