>we claimed we do something like two orders magnitude reduction in >fully-loaded costs by going to no personalization (and other things) >...
My concern with that would be that if everyone uses the the same signature scheme and token, the security of the entire industry becomes dependent on the least competent bank in the country not leaking the verification secret. For something like a chip+pin system it is my understanding that the signature algorithm is in the chip and different chips can use different secrets and different algorithms, so a breach at one bank need not compromise all the others. R's, John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
