Aram Perez wrote:
Not to defend the designers in any way or fashion, but I'd like to ask, How much security can you put into a plastic card, the size of a credit card, that has to perform its function in a secure manner, all in under 2 seconds (in under 1 second in parts of Asia)? And it has to do this while receiving its power via the electromagnetic field being generated by the reader.
we sort of saw that in the mid-90s when we were doing the x9.59 financial standard

and getting comments that it wasn't possible to have both low cost and high security at the same time. we looked at it and made the semi-facetious statements that we would take a $500 milspec part and aggresively cost reduce it by 2-3 orders of magnitude
will improving the security. along the way we got tapped by some in the
transit industry to also be able to meet the (then) transit gate requirements
(well under 1 second and do it within iso 14443 power profile).

part of it was having to walk the whole end-to-end process ... all the way back
to chip design and fab manufacturing process ... little drift about walking
fab in a "bunny suit"

we effectively did get it on close to the RFID chip (i.e. the one that they
are targeting for UPC) technology curve ... i.e. chip fabrication cost is roughly constant per wafer ... wafer size and circuit size have been leading to higher number of chips per wafer (significantly reducing cost/chip). As circuit size
shrank with a corresponding shrinkage in the size of chips (that didn't have
corresponding increase in number of circuits) there was a "blip" on the
cost/chip curve as the area of the cuts (to separate chips in the wafer)
exceeded the (decreasing) chip size.  Earlier this decade there was
a new cutting process that significantly reduced the "cut" area ... allowing
yield of (small) chips per wafer to continue to significantly increase
(allowing pushing close to four orders of magnitude reduction ... rather
than 3-4 orders of magnitude reduction).

aads chip strawman references

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to