Lexar Media has come up with a Compact Flash card that won't actually work until you do a nonstandard, proprietary handshake with it. They worked with a couple of camera makers (and built their own CF reader and Windows software) to implement it. Amazingly, it doesn't actually store the photos encrypted on the flash; it just disables access to the memory until you do something secret (probably answer a challenge/response with something that shows you have the same secret key that those cameras do). I don't know of anyone competent who's taken one apart and figured out what the actual security properties are.
http://www.lexar.com/dp/workflow/pro_cf_lt.html http://www.robgalbraith.com/bins/content_page.asp?cid=7-6465-7655 They also have "Active Memory" which appears to be another idea for what can be done by making a separate memory on the CF card that can't be accessed by the standard protocols. Idle hands are the devil's work. They haven't figured out anything useful for it to do: at the moment their custom software copies copyright notices off the secret memory onto the photos, after you transfer them to a PC. Of course, the software could've done that WITHOUT the secret memory, just keeping the copyright info in a file in the standard flash file system. What Lexar gets out of it is to charge twice as much for these CF cards, raising them out of the commodity market. (Assuming anybody buys.) They're pitching it to cops, who are spending somebody else's money. John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]