Dear List, pardon the "politics". Unless there is a big interst in this issue, I will refrain from further comments.
----- Original Message ----- From: "Peter Tomlinson" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 14, 2003 08:19 Subject: Re: [Muscle] PTDs vs. Smart Cards: The battle has begun >Only one corner of the device trusted, apparently, so overall system >security seems to have most of the same problems as at present. Is there any >evidence of any independent security analysis of the system architecture? To be honest, all security issues are not solved yet. Probably some securitry issues are not even fully known. But the principle is very simple: The basic software (OS etc) must be assumed to be trustworthy. Then it is really "only" to make sure that applications cannot erode this statement. This is done by using signed and certified software. Probably you also need a couple of levels here to not be too restricted. That is, private key-material should only be possible to use directly by the OS. API-level crypto-ops on the next level. And user-(GUI)oriented crypto at the app-level. >> This should be compared to inserting >> a smart card into an unknown slot running unknown software >> on a computer that the user may not be in control of. >A well-known problem, being addressed by the combined efforts of the >FINREAD/STIP/GP consortium. I wonder if ARM, or those who endorse its >TrustZone technology, intend to work with that consortium to provide a >common method for complete system security when the PTD is used as a >terminal to a network. I believe the FINREAD/STIP/GP consortium has more reasons to look into what others are doing as there around 2006 will be more than TWO BILLION RSA-capable mobile terminals in use. That does not automatically mean that the PTD usage will explode but it is not impossible that it actually does. I believe the on-line banks that currently have over a 100 million users could be interested to not have to deply SecurIDs, smart cards, soft certs if the customers already have a working solution in their hands. At least in Europe and and in South-east Asia, I believe this could happen. "In the US 'e-sign' is equivalent to hitting the OK button" as a leading security person of Bank of America told me recently... rgds Anders _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
