Eugen Leitl wrote: > On Sun, Sep 11, 2005 at 06:49:58PM -0400, Scott Guthery wrote: >>1) GSM/3G handsets are networked card readers that are pretty >>successful. They are I'd wager about as secure as an ATM or a POS, >>particularly with respect to social attacks. > The smartphones not secure at all, because anything you enter > on the keypad and see on the display can be compromised, so > the tamper-proof cryptographic goodness locked inside the SIM > smartcard will cheerfully approve whatever the code running > on the smartphone will tell it to approve, regardless of > what is being displayed to the user. TBH I don't think the smartcard approach will work - really, everything needed to verify what you are signing or encrypting needs to be within your secure boundary, so the only sensible approach is for a mobile-sized cryptographic device to be autonomous, but accept *dumb* storage cards for reading and writing; that dumb card can then be used to transfer a unsigned document to the cryptographic device, which when inserted uses a relay or switch to assume control of the keyboard and screen; person wishing a digital signature stores the document to be signed onto the card; signer inserts into his device, uses the device's display to assure himself this is really what he wants to sign and then keys his access code. The device then produces a digital signature certificate (possibly deliberately adding some harmless salt value to the end before signing, which is noted in the detached certificate's details) and copies that to the dumb card, retaining a copy for the user's own records. by using a switch controlled by the cryptographic module, the display can be then used by an alternate system when not in use - for example, a mobile phone - while providing an airgap between the secure module and the insecure (and yes, this would mean if you received a contract via email, you would have to write it to a card, remove that card from a slot, insert it into a different slot, then check it. I can't see how the system can be expected to work otherwise....)
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]