"Symmetric keys can't scale to 2 billion users". Huh?
Symmetric keys have scaled to 1.2 billion users in the GSM system. I think the GSM
operators would love to try for 2 billion and I'll bet they don't plan to shift to
asymmetric keys in the mean time.
Cheers, Scott
-----Original Message-----
From: Anders Rundgren [mailto:[EMAIL PROTECTED]
Sent: Sat 9/18/2004 6:42 AM
To: MUSCLE
Cc:
Subject: Re: [Muscle] NFC - A killer technology
>Perhaps I used the wrong choice of words. Symmetric keys can't scale to
>2 billion users. Assymetric keys are necessary. I don't mean that a
>fully integrated PKI is necessary. But some infrastucture may be
>needed if one is going to trust a strange system.
Although desirable, such requirements can be prohibitive due to
costs. Also there is a problem with "trust" because trust and
authenticated are not equivalent. If I signed this mail I could be
PKI-wise be properly authenticated but that does not help you much
as you don't know me and I live a long way from you. This automatic
trust of things or people that you never had any previous contact with
is a "wet dream" that PKI promoters have pushed in vain. Things don't
work this way.
Of course you could subscribe to a TTP service that does this for
you but how much are we prepared to pay for that?
>If I approach a vending machine, an ATM, or a network access point,
>how can I be assured it's legitimate?
This is a good example.
To release money from an account in an on-line world the user
(account owner) should be strongly authenticated. For this PKI
works fine as the bank probably have issued the certificate as
well. So how do I know that this is a proper ATM? This is
how I see this operation could be performed:
Bad way: Having the user / card / device recognize the
authenticity of ATM. Using PKI that would require the
root(s) of ATM PKIs be carried around. Will not happen. Ever.
Better way: Let the financial trust network handle ATM-to-bank
authentication. This is probably how it is done today.
An ATM that is withholding money is like a merchant that only
sends you one item despite the fact you ordered three. I don't
see that cryptopraphy has much to offer here.
=============================================
Therefore I believe card to reader authentication is a generally
bad idea that only works for a very limited set of operations.
=============================================
Using NFC and mobile devices I can at least eliminate PIN-code
theft and "innovative background processing" that discrete smart
cards are highly vulnerable to.
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle
