VaultID

2008-01-24 Thread Leichter, Jerry 

Anyone know anything about these guys?  (www.vaultid.com).  They
are trying to implement one-time credit card numbers on devices
you take with you - initially cell phones and PDA's, eventually in
a credit card form factor.  The general idea seems good, but their
heavy reliance on fingerprint recogition is troubling (though it may
be appropriate in their particular application).

-- Jerry

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Typex

2008-01-24 Thread Steven M. Bellovin 
A knowledgeable colleague (but who is nevertheless not a crypto expert)
thinks he's seen something about Typex (the WW II British rotor
machine) having been cracked.  Does anyone know anything about that?  A
quick Google found nothing of the sort, but did find references showing
that it was used as late as 1970.


--Steve Bellovin, http://www.cs.columbia.edu/~smb

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: patent of the day

2008-01-24 Thread Dirk-Willem van Gulik 

On Wed, 23 Jan 2008, Leichter, Jerry wrote:

 well be prior art, but the idea of erasing information by deliberately
 discarding a key is certainly not completely obvious except in
 retrospect.  If you look at any traditional crypto text, you won't

Hmm - it is commonly mentioned that (early) hardware based trusted
computer environments store a small key (or part thereof, the other part
beeing some PIN, etc) in their tamperproof environment (wired as to be
ereased when any tampering, xraying, temp shock, etc is detected) which is
during normal operations used to decrypt some flash or disk based larger
bit of key material inside the secure environment.

The other senario is that of using a multitude of public keys (with some
organisational semantic) which are used to encrypt a backup; destruction
of a specific private key then selectively takes out a certain set of
file(s) from the backup tape without having to drag that tape out of the
vault and having to erase a small piece of it.

Dw

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]