| > If you think about this in general terms, we're at the point where we | > can avoid having to trust the CPU, memory, disks, programs, OS, etc., | > in the borrowed box, except to the degree that they give us access to | > the screen and keyboard. (The problem of securing connections that | > go through a hostile intermediary we know how to solve.) The keyboard | > problem is intractable, though it would certainly be a step forward | > if at least security information didn't go through there. This could | > be done either by having a small data entry mechanism on the secure | > device itself, or by using some kind of challenge/response (an LCD | > on the device supplies a random value - not readable in any way by | > the connected machine - that you combine with your password before | > typing it in.) Maybe HDMI will actually have some use in providing | > a secure path to the screen? (Unlikely, unfortunately.) | | Would it not be possible to solve the keyboard problem by allowing a | keyboard (e.g. USB) to be plugged directly into the device? Perhaps. Public systems usually don't have "unpluggable" keyboards. If I have to carry my own, I'm well on my way to just having my own portable system (which may be the way things end up anyway).
-- Jerry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]