On Tue, 11 Mar 2003, Werner Koch wrote: > If you want to encrypt the > data on the card, you also need to store the key on it. And well, if > you are able to read out the data, you are also able to read out the > key (more or less trivial for most mass market cards).
This is not completely true -- I have seen some high-end cards that use the PIN code entered by the user as the encryption key. And it is quite easy to do similar things on Java cards... /Krister --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]