Re: Japan making RFID-trackable cash
--- begin forwarded text Status: U User-Agent: Microsoft-Entourage/10.1.1.2418 Date: Thu, 31 Jul 2003 09:08:39 +0100 Subject: Re: Japan making RFID-trackable cash From: David G.W. Birch [EMAIL PROTECTED] To: Digital Bearer Settlement [EMAIL PROTECTED] Cc: Bob Hettinga [EMAIL PROTECTED] On 31/7/03 3:41 am, Bill Stewart e-said: Japan's starting to add RFIDs to their 1-yen (~$100) bills. Notes will come with Hitachi's 0.3mm mew-chip To protect against cat-burglars? Regards, Dave Birch. P.S. It's Mu chip, as in the Greek letter. -- -- My own opinion (I think) given solely in my capacity -- as an interested member of the general public. -- -- mail dgw(at)birches.org, web http://www.birches.org/dgwb --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RE: Secure IDE?
Trei, Peter [EMAIL PROTECTED] writes: It's a move in the right direction, but I wish they had followed through and done the right things: * [AES | 3DES]/CBC I get the feeling they use ECB for speed (heavy pipelining) rather than cluelessness. with a good distribution of IVs Where would you store them? The feature of this is that it's fully transparent, so you can't store IVs anywhere. * User-generated keys (before initial disk setup, of course). That one's the only thing I can't find a good technical reason for... perhaps it's just commercial, since they see the dongles as a revenue source and will sell you software to set up n dongles yourself, where price is proportional to n. * Some kind of PIN or password protection on the dongle. How would you do this without a custom BIOS (remember that their general product is for dropping into any PC)? 40 bit DES is not secure against your kid sister (if she's a cypherpunk :-), much less industrial espionage. I'm more worried about key backup - it's bad enough having cheapest-possible- components IDE drives without complicating it further with a second point of failure. In the meantime a better option is still the triumvirate of: - Sensitive data saved only to RAM disk. - 3DES-encrypted volume mounted as a filesystem, which I can back up in encrypted form if necessary, and with all crypto done in software with per- sector random IVs, user-generated keys, and all the other stuff you asked for. - Encrypted swap. (Oh yeah, and a UPS so you're not tempted to temporarily save stuff to disk elsewhere in case the RAM drive goes away suddenly). 40-bit DES (US Data Encryption Standard) is adequate for general users Yeah. Right. If you're worried about Joe Burglar grabbing your laptop (for the value of the laptop) and your business data being leaked as collateral damage, or someone stumbling across your warez or pr0n, then it's probably adequate. Since this is what general users would be worried about, I'd agree with the statement. Anyone worried about more than that (probably about 0.01% of the market) isn't a general user any more. Peter.
Re: Digicash Patents
On Thursday, July 31, 2003, at 10:44 AM, R. A. Hettinga wrote: Since lots of the important bits are supposed to expire next year, the patents may or may not be useful. On the other hand, if they can be gotten clear, someone could get a running start, I suppose, especially if they made a partnership deal with First Data of some kind, and, if First Data was active in that partnership, leveraging their other connections in the funds-transfer business, that could be interesting. On the other other hand, :-), it's entirely clear that people could be developing code right now in anticipation of the patent expiration and go live with some kind of land rush when it's possible to do so. Some people expected a land rush when the main RSA patents expired several years ago. Parties were even thrown. The land rush never happened. --Tim May The only purpose for which power can be rightfully exercised over any member of a civilized community, against his will, is to prevent harm to others. His own good, either physical or moral, is not a sufficient warrant. --John Stuart Mill
RE: Secure IDE?
[EMAIL PROTECTED]:[EMAIL PROTECTED] wrote: Trei, Peter [EMAIL PROTECTED] writes: No info on chaining modes, if any, nor of IV handling. DES/ECB, originally with a 40-bit key, more recently with 56-bit and 3DES. Keys generated by the manufacturer onto a USB dongle. No easy way to make backups of the dongle. It's a messy tradeoff: If you want something like laptop/data-theft-protection (which will suit the majority of the market), then DES-40/ECB is fine, but you want to be able to back up the dongle because if that goes (and after multiple insertions and removals it will) you've lost all your data. OTOH if you want protection from the MIB the fragile nature of the key storage is probably a benefit, but then you want 3DES/CBC to go with it. At the moment you have laptop-theft-protection crypto and MIB-protection key storage. You can buy truckloads of these things on ebay for about $20 a pop if you want to play with one. Peter. Color me dissapointed. It's a move in the right direction, but I wish they had followed through and done the right things: * [AES | 3DES]/CBC with a good distribution of IVs * User-generated keys (before initial disk setup, of course). * Shutdown on dongle removal. * Some kind of PIN or password protection on the dongle. eNova claims not to keep a database of keys (they don't say that 'there is no database of keys', which is a little different), and to get a key copied you have to send it to them. They do seem to supply a spare. Back a few years ago, I calculated that with the DES key search software then available, a single 200MHz machine could search 40 bits of keyspace over a long weekend. Today it would take a few hours. 40 bit DES is not secure against your kid sister (if she's a cypherpunk :-), much less industrial espionage. Quote from http://www.abit.com.tw/abitweb/webjsp/english/mb_spec.jsp?pPRODUCT_TYPE=Moth erBoardpMODEL_NAME=SecureIDE : 40-bit DES (US Data Encryption Standard) is adequate for general users Yeah. Right. Peter
RE: Digicash Patents
On the other other hand, :-), it's entirely clear that people could be developing code right now in anticipation of the patent expiration and go live with some kind of land rush when it's possible to do so. Some people expected a land rush when the main RSA patents expired several years ago. Parties were even thrown. The land rush never happened. --Tim May True, but look at bitpass.com. $1.5 million in capital for a micropayments system with no innovations that amounts to... a stunted version of Paypal? The beauty of a marketplace is that many different parties get to try every which way of satisfying a need. Most will fail. Even the first several attempts can fail, disguising a real opportunity as a guaranteed failure. Patrick lucrative.thirdhost.com