Recognizing the Dance on the Dotted Line
http://www.nytimes.com/2003/03/13/technology/circuits/13next.html?tntemail0=pagewanted=printposition=top March 13, 2003 Recognizing the Dance on the Dotted Line By IAN AUSTEN IN the movies, biometrics can give a high-tech sheen to an ordinary task like establishing that someone is who he says he is. Lasers scan retinas or glass plates read fingerprints before hidden machinery will open doors, which invariably slide rather than swing. But a system to verify the identity of credit-card shoppers could soon be based on an old-fashioned, even ancient, piece of biometric information: the handwritten signature. Signatures are a biometric, said Thomas G. Zimmerman, a computer scientist at the I.B.M. Almaden Research Center in San Jose, Calif. The dance of your hand on the paper is unique to you. Biometric handwriting recognition could eventually free shoppers from carrying credit or debit cards. At the very least, proponents say, a signature system could make stolen cards useless and could reduce fraud in several other ways. Biometric handwriting systems have little in common with current methods, in which the signature a shopper scribbles on a paper receipt or a digital tablet is compared with the signature on the back of the card. It doesn't take a master forger to produce a signature that can pass muster with a harried cashier. Criminals who forge cards simply put their own signatures on the back. By contrast, in biometric systems the appearance of the signature matters little. Instead, it is the act of signing that counts. Decades of research at I.B.M. Almaden, Mr. Zimmerman said, have shown that signing is done almost unconsciously. When you sign your name, you are moving your hand two times faster than you can control it, Mr. Zimmerman said. But a forger is signing in a very controlled motion. They can't reproduce the cadence of the dance that your hand does. Shai Waisel, chief executive officer of WonderNet, a company in Israel, said development of its handwriting authentication system, now known as Penflow, began in part from a simple observation. You can sign your name without looking, Mr. Waisel said. People are signing their names without knowing what they're doing. The idea of using handwriting dynamics to authenticate signatures is not new. For several years, I.B.M. has sold a system based on the principle to banks and other financial institutions to authorize computer transfers of large amounts of money. But such systems use costly, specially made pens and require the transfer of relatively large amounts of data, making them impractical for retailers with thousands of cash registers. Two related factors, however, have prompted recent interest in developing dynamic signature systems for stores. Legislation passed in the fall of 2000 that gave electronic signatures the same legal validity as ones made with pen and paper prompted many retailers to install digital signature pads. Currently the electronic pads' main function is to provide a substitute for paper records of credit card sales. But I.B.M., WonderNet and the Communication Intelligence Corporation (the company behind Jot handwriting software for digital assistants) all say the pads can also be used to provide signature verification. While the three companies' systems vary in some details, they all take the same basic approach. Before using any of them, customers will have to create three to six sample autographs using a digital pad. Software will carefully time every movement and change of direction of the pen. When a customer signs a digital pad while making a purchase, the timing and pen direction will be matched against the stored record. (More sophisticated pads can add pen pressure and other factors into the comparison.) If such systems were widely adopted, Mr. Zimmerman said, it would be possible for people to abandon plastic credit cards. When making a purchase, a shopper would identify himself by typing a number (a telephone number, say) on a keypad at the cash register, then sign a digital pad. At the very least, Mr. Waisel of WonderNet said, credit card companies could eliminate the signatures and other personal details from cards, making them less attractive to thieves. Guido DiGregorio, chief executive of Communication Intelligence, said that online sales would be one of the first areas to realize security improvements from signature verification systems. A shopper could place a hand-held computer in a cradle connected to a PC and verify purchases by autographing its handwriting recognition area. Those with wireless Internet connections could bypass desk-bound computers altogether. Right now, the technology companies seem to be well ahead of retailers, at least in the United States. Richard Mader, executive director of the National Retail Federation's technical standards branch, said he had not heard the idea discussed within his industry. But at
Re: Scientists question electronic voting
Ed, The whole idea of photographing paper ballots is a straw man. It is akin to saying that people will just run through red lights anyway so we shouldn't place them at intersections. I agree that we need to improve voting systems, but the current trend toward self-auditing devices is going backward rather than forward in this regard. In 2002 it was electronic ballots (on cartridges) that were misplaced (to the tune of over 100,000 votes) in Florida. Apparently you neglected to read the newspapers last fall. I didn't see any improvement in what was purchased over what they had before, unless you want to call tens of millions of extra dollars in expenditures an improvement. The salient requirement of Democratic elections is that the voters must be assured that their ballots are recorded and tabulated as cast. If the process is such that it can only be understood by a team of scientists with Ph.D.'s, the average citizen can have no confidence that their voice is being heard. I have never said that the paper balloting solution is a perfect one, but it provides assurances in a human- accessible format that is a considerable improvement over both the black-box systems and the chad-based ones. If you can devise a system that is equally user- friendly and has the same ability for independent auditing, then please do so. Rebecca Mercuri. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Encryption of data in smart cards
At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote: ... This is not completely true -- I have seen some high-end cards that use the PIN code entered by the user as the encryption key. And it is quite easy to do similar things on Java cards... With any kind of reasonable PIN length, though, this isn't all that helpful, because of the small set of possible PINs. And smartcards don't generally have a lot of processing power, so making the PIN-key mapping expensive doesn't help much, either. /Krister --John Kelsey, [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Encryption of data in smart cards
John Kelsey[SMTP:[EMAIL PROTECTED] At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote: ... This is not completely true -- I have seen some high-end cards that use the PIN code entered by the user as the encryption key. And it is quite easy to do similar things on Java cards... With any kind of reasonable PIN length, though, this isn't all that helpful, because of the small set of possible PINs. And smartcards don't generally have a lot of processing power, so making the PIN-key mapping expensive doesn't help much, either. /Krister --John Kelsey, [EMAIL PROTECTED] Every PINned SC I've seen has a very limited (typically 3) number of failed attempts before it locks itself up. Once it's locked up, it can only be reactivated by an administrator PIN, which is held at much higher security by the issuer, and not available to the card user. Peter - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Diffie-Hellman 128 bit
I am looking at attacks on Diffie-Hellman. The protocol implementation I'm looking at designed their diffie-hellman using 128 bit primes (generated each time, yet P-1/2 will be a prime, so no go on pohlig-hellman attack), so what attacks are there that I can look at to come up with either the logarithm x from (a=g^x mod p) or the session key that is calculated. A brute force wouldn't work, unless I know the starting range. Are there any realistic attacks on DH parameters of this size, or is theoretically based on financial computation attacks? Thanks for your time. Lance James - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Encryption of data in smart cards
At 01:13 PM 3/13/2003 -0500, John Kelsey wrote: At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote: ... This is not completely true -- I have seen some high-end cards that use the PIN code entered by the user as the encryption key. And it is quite easy to do similar things on Java cards... With any kind of reasonable PIN length, though, this isn't all that helpful, because of the small set of possible PINs. And smartcards don't generally have a lot of processing power, so making the PIN-key mapping expensive doesn't help much, either. /Krister --John Kelsey, [EMAIL PROTECTED] note however, that PIN could be possibly in infrastructure with real secret key and encryption done with derived key. the derived key one-way function is attempting to protect the infrastructure-wide secret key from brute force key search on specific piece of data. The issue is how many bits in a PIN is required to protect the secret key in a one-way function (involving the secret key and the PIN). A simple derived key is sufficient using the secret key and public account number. Adding a (privately known, card specific) PIN to such a derived key function: 1) doesn't increase the ease of attack on the secret key 2) doesn't affect brute force attack on the derived key 3) makes it harder to use a lost/stolen card -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Microsoft: Palladium will not limit what you can run
The following comes from Microsoft's recent mailing of their awkwardly named Windows Trusted Platform Technologies Information Newsletter March 2003. Since they've abandoned the Palladium name they are forced to use this cumbersome title. Hopefully this will shed light on the frequent claims that Palladium will limit what programs people can run, or take over root on your computer, and similar statements by people who ought to know better. It is too much to expect these experts to publicly revise their opinions, but perhaps going forward they can begin gradually to bring their claims into line with reality. === An Open and Interoperable Foundation for Secure Computing By John Manferdelli, General Manager, Windows Trusted Platform Technologies Microsoft Corporation The Next-Generation Secure Computing Base (NGSCB) is part of Microsofts long-term effort to deliver on our vision of Trustworthy Computing. We are pleased that independent observers and many journalists continue to show interest in NGSCB and what it will enable. While much of the response has been positive, especially among analysts, security experts and people concerned with privacy, we recognize that there are still questions about NGSCB, and still a great deal of misunderstanding and speculation around our intentions. In this newsletter Id like to set the record straight on one of the more common and persistent concerns, specifically that the NGSCB architecture will limit the things that people can do with computers by forcing them to run only approved software, or software that is digitally signed. In fact, NGSCB intends to do no such thing. It is important to understand that NGSCB is operating system technology. Just as anyone can build a program to run on Windows today using widely-published APIs, they will be able to build new programs tomorrow that take advantage of the NGSCB architecture when it is included in a future version of Windows. How these new programs are built and what they will require of the user are questions for the application developer to answer. But NGSCB inherently has no requirements forcing approval of code, digital signatures, or any other such qualifying mechanism. NGSCB will run any software that is built to take advantage of its capabilities, and it will only run with the users approval. Moreover, even when NGSCB is running, programs that are not using NGSCB features will operate just as they do today. It is true that NGSCB functionality can be used by an application (written by anyone) to enforce a policy that is agreed to by a user and a provider, including policies related to other software that the application can load. Such a policy could, for example: - Govern how private information is used by software - Prevent malicious code from snooping private information, stealing keys, or corrupting important information (i.e., banking transaction data) - Govern how intellectual property running inside the application can be used Policies like these could be set by the user at his or her sole discretion, or they could be set in a manner mutually agreed to by a user and one or more parties. However, NGSCB does no screening of application components or content, and if any screening took place, it would be within the isolated bounds of an application running under NGSCB. Moreover, no NGSCB application can censor content played by another NGSCB application. Policy in the Hands of the User The extent to which the NGSCB will be beneficial will largely depend on the wisdom of the policies that people choose to embrace. We are designing NGSCB to give individuals visibility to the policies available to them in the programs they run, as well as control over how they proceed. By offering new features to enhance privacy, security and system integrity, we can foresee NGSCB enabling a wide range of beneficial scenarios, including the following: - Helping to protect personal medical information - Preventing a bad application from interfering with a banking transaction - Preventing viruses from harming programs or data - Preventing unauthorized people or applications from accessing a computer remotely and carrying out unauthorized actions My colleagues and I appreciate your interest in the work we are doing. We know we still have a lot of work to do, and value the beneficial influence that discussion and debate provide as we strive to deliver trustworthy computing technologies. - John Manferdelli - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Microsoft: Palladium will not limit what you can run
On Thu, 13 Mar 2003, Hermes Remailer wrote: The following comes from Microsoft's recent mailing of their awkwardly named Windows Trusted Platform Technologies Information Newsletter March 2003. Since they've abandoned the Palladium name they are forced to use this cumbersome title. Hopefully this will shed light on the frequent claims that Palladium will limit what programs people can run, or take over root on your computer, and similar statements by people who ought to know better. It is too much to expect these experts to publicly revise their opinions, but perhaps going forward they can begin gradually to bring their claims into line with reality. The Xbox will not boot any free kernel without hardware modification. The Xbox is an IBM style peecee with some feeble hardware and software DRM. A Palladiated box is an IBM style peecee with serious hardware and software DRM. So, a fortiori, your claim is false. oo--JS. An Open and Interoperable Foundation for Secure Computing By John Manferdelli, General Manager, Windows Trusted Platform Technologies Microsoft Corporation The Next-Generation Secure Computing Base (NGSCB) is part of Microsofts long-term effort to deliver on our vision of Trustworthy Computing. We are pleased that independent observers and many journalists continue to show interest in NGSCB and what it will enable. While much of the response has been positive, especially among analysts, security experts and people concerned with privacy, we recognize that there are still questions about NGSCB, and still a great deal of misunderstanding and speculation around our intentions. In this newsletter Id like to set the record straight on one of the more common and persistent concerns, specifically that the NGSCB architecture will limit the things that people can do with computers by forcing them to run only approved software, or software that is digitally signed. In fact, NGSCB intends to do no such thing. It is important to understand that NGSCB is operating system technology. Just as anyone can build a program to run on Windows today using widely-published APIs, they will be able to build new programs tomorrow that take advantage of the NGSCB architecture when it is included in a future version of Windows. How these new programs are built and what they will require of the user are questions for the application developer to answer. But NGSCB inherently has no requirements forcing approval of code, digital signatures, or any other such qualifying mechanism. NGSCB will run any software that is built to take advantage of its capabilities, and it will only run with the users approval. Moreover, even when NGSCB is running, programs that are not using NGSCB features will operate just as they do today. It is true that NGSCB functionality can be used by an application (written by anyone) to enforce a policy that is agreed to by a user and a provider, including policies related to other software that the application can load. Such a policy could, for example: - Govern how private information is used by software - Prevent malicious code from snooping private information, stealing keys, or corrupting important information (i.e., banking transaction data) - Govern how intellectual property running inside the application can be used Policies like these could be set by the user at his or her sole discretion, or they could be set in a manner mutually agreed to by a user and one or more parties. However, NGSCB does no screening of application components or content, and if any screening took place, it would be within the isolated bounds of an application running under NGSCB. Moreover, no NGSCB application can censor content played by another NGSCB application. Policy in the Hands of the User The extent to which the NGSCB will be beneficial will largely depend on the wisdom of the policies that people choose to embrace. We are designing NGSCB to give individuals visibility to the policies available to them in the programs they run, as well as control over how they proceed. By offering new features to enhance privacy, security and system integrity, we can foresee NGSCB enabling a wide range of beneficial scenarios, including the following: - Helping to protect personal medical information - Preventing a bad application from interfering with a banking transaction - Preventing viruses from harming programs or data - Preventing unauthorized people or applications from accessing a computer remotely and carrying out unauthorized actions My colleagues and I appreciate your interest in the work we are doing. We know we still have a lot of work to do, and value the beneficial influence that discussion and debate provide as we strive to deliver trustworthy computing technologies. - John Manferdelli - The Cryptography Mailing List Unsubscribe by