Re: [fc-discuss] Financial Cryptography Update: On Digital Cash-like Payment Systems

2005-10-20 Thread David Alexander Molnar

On Thu, 20 Oct 2005, cyphrpunk wrote:

system without excessive complications. Only the fifth point, the
ability for outsiders to monitor the amount of cash in circulation, is
not satisfied. But even then, the ecash mint software, and procedures
and controls followed by the issuer, could be designed to allow third
party audits similarly to how paper money cash issuers might be
audited today.

One approach, investigated by Hal Finney, is to run the mint on a platform 
that allows remote attestation. Check out - he has a working 
implementation of a proof of work payment system hosted on an IBM 4758.

-David Molnar

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

FasTrak information

2004-07-13 Thread David Alexander Molnar

Back in Fall 2003, David Wagner and I were looking at the FasTrak
transponders used in the San Francisco Bay Area. We were more interested
in the privacy aspects than in security, but we found some basic
information that may be of interest given the current discussion about
EZPass issues.

* FasTrak transponders use a spec called Title 21, so called because
it is specified in Title 21 of the California Code. You can find a copy

- 915Mhz band
- Protocol includes a 16-bit Agency ID and a 32-bit Reader ID
in the message from reader to transponder. (Unfortunately, neither
appear to be authenticated in any way.)
- 32-bit transponder ID

* In principle, anyone can manufacture Title 21 compliant equipment. In
practice, SIRIT Technologies is a major vendor of Title 21 transponders
and readers in the Bay Area. You can find them at
(includes data sheets - check the reader controller card)

Another such vendor is TransCore (aka AmTech)

We looked into purchasing a reader controller card and antenna from SIRIT,
but were informed
a) such a kit would cost $7K+
b) they would not sell to anyone w/o CalTrans authorization.

We asked CalTrans about b) and were told that they would not authorize
SIRIT to sell transponders to us, but we were free to build our own. They
also suggested we talk to the university's transportation department to
come up with a research proposal acceptable to CalTrans.

We then became occupied with library RFID and didn't come back to FasTrak.
I don't have the EE skills to build FasTrak readers, and right now don't
have the time to spend acquiring them. If anyone out there feels like
building this sort of thing, though, please let me know.

* Automatic number plate recognition (ANPR) has apparently improved
greatly in recent years. I gather this from reading recent articles in
transportation magazines and journals -- do not have the references on me
but can look them up this weekend.  Unfortunately I didn't find any hard
data on how much, exactly, it has improved.

From what I understand, the London congestion charging scheme relies
entirely on automatic plate recognition. See also this web page on police
uses of ANPR in the UK:

Also interesting is this list of cities with congestion pricing, which has
some information on the technologies they use for vehicle identification:


We were interested in the setting where a 3rd party has FasTrak readers,
but not access to the database mapping ID to account. This seems like the
weakest reasonable threat model, but there are still some interesting
things you can do. For example, you could set up a device that takes
photographs of cars and associates them with FasTrak IDs. Then buy a lot
of pop-under ads, put the photos on them, and offer people a prize if they
identify the make of car correctly. (You could use something like the ESP
Game framework of Blum and Von Ahn to make sure the answers are right, or
at least right more often.)

Now filter out everything but the expensive (or easy to steal) cars. This
gives you the FasTrak IDs of expensive cars. Place a few readers in
parking garages, and then you know when expensive cars have been left
alone and where they are. That might be useful.

By the way, a friend mentioned that someone at ATT had some recent
work on EZPass privacy issues. Does anyone know more?

-David Molnar

The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: EZ Pass and the fast lane ....

2004-07-11 Thread David Alexander Molnar

On Sat, 10 Jul 2004, Perry E. Metzger wrote:

 another purpose -- preserving the privacy of drivers by using more
 complicated protocols. However, as the benefit of such systems is to
 people who are unlikely to have much voice in the construction of the
 system, and who are also unlikely to be willing to pay more money to
 gain privacy, I think the implementation of such tags is unlikely.

I think it would be easier to provide drivers with a simpler method of
turning off their transponder. Recently ordered FasTrak tokens come with a
mylar bag for this purpose, which is too unwieldy. A switch, however,
might be enough.

This would not prevent an adversary from recording the IDs of cars that
pass through toll gates. It would, however, prevent reading those IDs at
other times.


The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]