On Sun, Sep 11, 2005 at 06:49:58PM -0400, Scott Guthery wrote:
> 1) GSM/3G handsets are networked card readers that are pretty
> successful. They are I'd wager about as secure as an ATM or a POS,
> particularly with respect to social attacks.
The smartphones not secure at all, because anything y
I believe smartcards (and trusted computing platforms too, btw) aim to solve
the following problem:
"How to enforce your own security policy in a hostile environment, not
under your own physical control?"
Examples:
- Smartcard: electronic purse: you cannot increase the amount on
your e-pu
Alexander Klimov wrote:
On Sun, 11 Sep 2005, Ben Laurie wrote:
Alexander Klimov wrote:
ECC is known since 1985 but seems to be absent in popular free
software packages, e.g., neither gnupg nor openssl has it (even if the
relevant patches were created). It looks like the main reason is some
p
On Sun, 11 Sep 2005, Ben Laurie wrote:
> Alexander Klimov wrote:
> > ECC is known since 1985 but seems to be absent in popular free
> > software packages, e.g., neither gnupg nor openssl has it (even if the
> > relevant patches were created). It looks like the main reason is some
> > patent uncert
On Mon, 12 Sep 2005, Sidney Markowitz wrote:
Does anyone know of an open source crypto package written in perl that is
careful to try to clear sensitive data structures before they are released to
the garbage collector?
[...]
Securely deleting secrets is hard enough in C, much less high leve