Noon Silk wrote: > From: > http://blog.cryptographyengineering.com/2012/06/bad-couple-of-years-for-cryptographic.html > > "Here's the postage stamp version: due to a perfect storm of (subtle, > but not novel) cryptographic flaws, an attacker can extract sensitive > keys from several popular cryptographic token devices.
That "postage stamp" summary is incorrect. You can't extract keys from the devices. Suppose you have a key (or other small datum) encrypted in a blob outside the device. Then you can use the device to figure out the plain key. Mike _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
