Pieter Grobler <[EMAIL PROTECTED]> queried the Listocracy:
>What is a NTT acoustic Smart Card??
>
>Can it be used for hardware authentication for electronic transactions?
Never heard of an "acoustic smart card" from NTT, but the phrase
"acoustic smart card" is a generic misnomer, used like the vendors of
hand-held authentication tokens (e.g. SecurID) years ago used the phrase
"super smart card" to indicate that their tokens had a processor, but were
different from the traditional smart card (which, of course, requires a
reader, while the generic HHA token does not.)
The term "acoustic smart card" generally refers to a hand-held token
the size of a thick credit card, with a keypad. The device generates sounds
which can be transmitted over a POTS analog line: typically standard Dual
Tone Multi-Frequency (DTMF) tones, or pseudo-DTMF acoustic signals (faster,
with shorter intervals for pauses between tones than standard DTMF requires.)
"Acoustic smart cards" are typically used both to authenticate an
individual (with a user-memorized PIN, its a two-factor authentication),
and/or to transmit a brief encrypted transaction from a remote location over
analog POTS.
The technique can obviously be adapted transmit any kind of brief
message -- a crypto key, for instance, or a few fields of transaction data
-- over analog lines, or to any sound recorder, or CPU with a microphone and
IVR software.
In direct answer to your questions, with two-factor token-based
authentication, today's acoustic smart card is "hardware" which can
authenticate (with a PKC or symmetric-based digsig) and encrypt maybe a
couple of dozen characters or digits -- more than enough for transactions in
a dedicated e-commerce system.
The security and integrity of any given system would depend upon the
crypto and the implementation, of course, but the technology is adaptable
and chips used are likely to offer ever greater capacity over time.
Suerte,
_Vin
--------
"Cryptography is like literacy in the Dark Ages. Infinitely potent,
for good and ill... yet basically an intellectual construct, an idea,
which by its nature will resist efforts to restrict it to bureaucrats
and others who deem only themselves worthy of such Privilege."
_A Thinking Man's Creed for Crypto _vbm
* Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> *
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
