> * Is there any standard cryptographic hash function with an output  
> of about 64 bits? It's OK for our scenario if finding a preimage for  
> a particular signature takes 5 days. Not if it takes 5 minutes.

This is a protocol designed for nasty guys who want to steal your car,
which would forcibly stop the car regardless of the wishes of the
driver, remotely from anywhere on the Internet?  And it's mandated by
the government?

These are not "tracking devices", as your subject line said; they
actively intervene in driving -- much more dangerous.

As usual, it sounds like a great tool when used responsibly -- against
stolen cars, though it will probably cause collisions, which could
hardly be called "accidents" since they are easily foreseeable.  And
it's a terrible tool when used any other way (by criminals against cop
cars, for example; or by Bulgarian virus authors against random cars;
or by breaking into the DENATRAN and stealing and posting all the
secrets; or by an invading army).

It reminds me of the RFID passport design process: One entity figures
out what would make ITS life easier (reading your passport while
you're in line at the border), mandates a change, and ignores the
entire effects on the rest of society that result.

Why would you limit anything to 64 bits, or think it's OK that with 5
days of calculation *anyone* could do this to your mother's or
daughter's car?

Shouldn't tracking or disabling the car require the active cooperation
of the car's owner, e.g. by the owner supplying a secret known only to
them, and not recorded in a database anywhere (in the government, at
the dealer, etc)?  That way, if the protocol is actually secure, most
of the evil ways to use it AGAINST the owner would be eliminated.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to