On Thu, 8 Jan 2004, Roberto Gassira' wrote: > > > On Thu, 8 Jan 2004, Jesse I Pollard wrote: > > > Not that fast - access to a serial interface will reduce your application > > startup to a MAXIMUM of one every 2 to 3 seconds. A USB interface should > > speed that up to about one every 1/2 second. > > Correct, but SmartK is modular, you can easily develop a IO module that > supports the USB port instead of the serial port. On the other hand, > the majority of readers communicate through the /dev/ttySBx devices, that > are handled by means of the "USB-Serial converter" feature.
The big problem remains - smart cards are SLOW. currently 300-600kips with data transfer rates to match (3k/sec for serial, and not much faster for USB since the card can't process it much faster - it is still serial when it gets to the card). If you are willing to reduce your processing to this point.. fine. It is too slow, and too small to maintain much in the way of security. That isn't what they were designed for (which was identity management). [snip] >3) The integration of a kernel-level architecture and a user-level > smart card interface is unsafe and unpratical. No more unsafe than putting it in the kernel. Any information the kernel can get to, the user process can also get to (if root). It IS equivalent. The big difference is that user mode can be compartmented. The kernel cannot be, since it must support the compartments. And the more things like this are thrown into the kernel, the more likely the kernel is to fail. > Moreover, verification of trusted kernel at BIOS-level also requires a > smart card framework necessaely smaller than the most widely used products > ( e.g. PC/SC). > William Arbaugh et al. proposed an architecture that features a > chain of verification of the integrity of the several levels of a system > starting from the BIOS [2] (including the system kernel). They also > improved this architecture allowing the usage of a smart card as key > storage [3]. And you will also find that it is too slow and too limited when the smart card contains all the keys, as did the author (I believe). It has been a while since I read his stuff, but I think a follow up showed that the current cards were too limited for practical use - now when the cards reach 8-15MIPS and support full parallel tasking, and 800K/sec to 2MByte/sec data transfer rates.. different story. By this time I suspect the speed differential between the card and host will be worse, and the problem still remain. What you are describing (I think) is a security reference monitor that resides in the card, and not on the host. Nice idea, but there is a MAJOR performance penalty for doing that. Even having a security reference monitor in a kernel imposes a significant (3-15%) performance penalty. The penalty for putting it on a card is likely to approach 50% at best. ------------------------------------------------------------------------- Jesse I Pollard, II Email: [EMAIL PROTECTED] Any opinions expressed are solely my own. _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.musclecard.com/mailman/listinfo/muscle
