Re: fyi: On-card displays
Steve Schear wrote: I have a Mondex card from years ago that used a separate reader with LCD. we were asked to do the design/sizing/cost for mondex infrastructure in the us. one of the things that turned up was much of the mondex infrastructure was based on float (initially essentially all going to mondex international) ... cards were almost incidental. somewhere along the way, mondex international even started offering to split the float with national organizations as an inducement to sign up. somewhere along the way a group was also formed to try and map mondex to the internet ... which eventually morphed into IOTP. misc. past posts that mention mondex http://www.garlic.com/~lynn/aepay6.htm#cacr7 7th CACR Information Security Workshop http://www.garlic.com/~lynn/aadsm6.htm#digcash IP: Re: Why we don't use digital cash http://www.garlic.com/~lynn/aadsm7.htm#idcard2 AGAINST ID CARDS http://www.garlic.com/~lynn/aadsm18.htm#42 Payment Application Programmers Interface (API) for IOTP http://www.garlic.com/~lynn/aadsm20.htm#7 EMV http://www.garlic.com/~lynn/aadsm21.htm#1 Is there any future for smartcards? http://www.garlic.com/~lynn/aadsm23.htm#23 Payment systems - the explosion of 1995 is happening in 2006 http://www.garlic.com/~lynn/2002e.html#14 EMV cards http://www.garlic.com/~lynn/2002e.html#18 Opinion on smartcard security requested http://www.garlic.com/~lynn/2002g.html#53 Are you sure about MONDEX? http://www.garlic.com/~lynn/2002g.html#54 Are you sure about MONDEX? http://www.garlic.com/~lynn/2004j.html#12 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento http://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento http://www.garlic.com/~lynn/2005i.html#10 Revoking the Root http://www.garlic.com/~lynn/2005v.html#1 Is Mondex secure? - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: fyi: On-card displays
[EMAIL PROTECTED] wrote: From: Ian Brown <[EMAIL PROTECTED]> Subject: On-card displays To: [EMAIL PROTECTED] Date: Wed, 20 Sep 2006 07:29:13 +0100 Via Bruce Schneier's blog, flexible displays that can sit on smartcards. So we finally have an output mechanism that means you don't have to trust smartcard terminal displays: http://www.cr80news.com/library/2006/09/16/on-card-displays-become-reality-making-cards-more-secure/ So, when do we see the combined chip/fingerprint reader/display on a payment card :) Doesn't of course address the requirement that we want evidence (such as a signed paper receipt) that can later be adjudicated by a court with higher evidential standards than a bank statement that their systems work perfectly... for a decade or so ... i've made comments that the increasingly powerful smartcards are obsolete because they are really pda(/cellphone) wannabes (after some of the gov. technology transfer legislation in the early 90s, we did some consulting for one of the gov. agencies on attempting to move some smartcard chip based technology into the commercial sector ... and we could already see it was rapidly becoming obsolete). the smartcard target of portable computing device from 70s/80s required various kinds of iso standards because of the lack of appropriate portable input/output capability so there would be standardized, fixed input/output stations that could be used with the portable smartcards. that market niche for smartcards became obsolete with the appearance of pda/cellphone portable input/output capability sometime in the early to mid-90s. possibly part of the problem was that there was significant investment in various kinds of smartcard technology during the 80s and 90s ... and when they became obsolete ... there was some amount of scurrying around attempting to obtain some/any return on the original investments ... even if it was only a few cents on the dollar. they are now contending with various kinds of cellphone/pda payment delivery operations. there is some paradigm discontinuity tho. there is a tradition grown up where the institutions issue the card (payment, identification, etc) ... to some extent smartcard activities are attempting to capitalize on that legacy momentum. an individual's cellphone/pda tends to break that institutional centric issuing paradigm ... since it can involve an individual taking their cellphone/pda (that they already have) and registering it for various activities/transactions/identification ... aka another form of "something you have" authentication ... but it is possibly a personal device rather than an institution issued device. so there are already various kinds of pda/cellphones with display, input capability ... and some of them even have their own biometric sensing capability. the issue with "electronic signature" is demonstration of intent ... we got into that when we were asked to help word-smith some of the cal state (and later federal) electronic signature act. various past postings mentioning issue of establishing intent http://www.garlic.com/~lynn/subpubkey.html#signature - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: fyi: On-card displays
and for a whole lot of drift with respect to smartcards being pda/cellphone wanabees Storm building over RFID-enabled passports http://www.networkworld.com/news/2006/092106-rfid-passports.html from above: The chip, which is embedded inside the cover of the passport, contains only a duplicate copy of the passport photograph and the printed data. The digital data is intended to prevent forgeries by allowing inspectors to compare the printed and digital data. ... snip ... the article mentions that integrity of the electronic data is protected by a digital signature (preventing tampering and/or forgeries). At some level, the digitally signed data can be considered a electronic credential that is extremely difficult to counterfeit. posting with number of references about cloning (electronic) passport data http://www.garlic.com/~lynn/aadsm25.htm#11 And another cloning tale from three factor authentication model http://www.garlic.com/~lynn/subpubkey.html#3factor * something you have * something you know * something you are ... frequently hardware tokens (chips) are implemented as "something you have" authentication (i.e. the chip supposedly contains some unique information ... which differentiates it from every other chip). some recent posts mentioning "something you have" authentication. http://www.garlic.com/~lynn/aadsm25.htm#30 On-card displays http://www.garlic.com/~lynn/aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design http://www.garlic.com/~lynn/aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story however, taking the passport chip data as an electronic credential, cloning the information doesn't (directly) represent a vulnerability ... since it is more analogous to digital certificates ... which are readily assumed to be widely distributable. the passport chip data as an electronic credential containing a digital photograph ... and matching a person's face to the digital photograph then represents "something you are" authentication (as opposed to assuming the chip ...or even a cloned chip ... represents any sort of "something you have" authentication). in theory, an electronic credential would be considered valid, regardless of any specific chip container that it might be carried in. one might then make the assertion, that a passport electronic credential could be carried in any device capable of reliably reproducing the correct bits. going back to the issue raised in http://www.garlic.com/~lynn/aadsm25.htm#30 On-card displays that most smartcards/chips are really pda/cellphone wanabees ... one might suggest that you could then even carry your electronic credential/passport in your pda or cellphone ... as opposed to needing a separate physical device. the issue that then is raised are there any significant privacy considerations similar to privacy issues raised with x.509 identity digital certificates from the early 90s (having large amounts of privacy information in x.509 identity digital certificates widely distributed all over the place). by the mid-90s, many institutions considered that the privacy and liability problems with x.509 identity digital certificates were so significant that they retrenched to "relaying-party-only" certificates. lots of past posts mentioning rpo-certificates http://www.garlic.com/~lynn/subpubkey.html#rpo these were digital certificates that effectively only contained some sort of database index or account number. the relying party then used the account number to retrieve the actual information of interest (w/o having to widely expose it in any way). the analogy for an electronic passport infrastructure would be just needing to present the passport number. the actual credential data (and any photos or other information necessary for "something you are" authentication) is retrieved from secure online repository. as repeatedly pointed out in the "RPO" digital certificate scenario ... it isn't even necessary to include the account/passport number in a digitally signed document ... since there is no information that needs integrity protection. the person just makes an assertion as to their correct account/passport number. the appropriate information is then retrieved from the online infrastructure and used for authentication (and whatever other required purposes). asserting the wrong account/passport number presumably retrieves information that fails to result in valid authentication. needing (some certification authority) to digitally sign the passport/account number (in the RPO scenario) for any possible integrity purposes, is then redundant and superfluous (one of my oft repeated comments). - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: fyi: On-card displays
Steve Schear <[EMAIL PROTECTED]> writes: >I have a Mondex card from years ago that used a separate reader with LCD. Oh, so you were the Mondex user! I've always wondered who that was. Peter. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: fyi: On-card displays
At 02:45 PM 9/20/2006, [EMAIL PROTECTED] wrote: Via Bruce Schneier's blog, flexible displays that can sit on smartcards. So we finally have an output mechanism that means you don't have to trust smartcard terminal displays: http://www.cr80news.com/library/2006/09/16/on-card-displays-become-reality-maki ng-cards-more-secure/ I have a Mondex card from years ago that used a separate reader with LCD. Steve - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
fyi: On-card displays
From: Ian Brown <[EMAIL PROTECTED]> Subject: On-card displays To: [EMAIL PROTECTED] Date: Wed, 20 Sep 2006 07:29:13 +0100 Via Bruce Schneier's blog, flexible displays that can sit on smartcards. So we finally have an output mechanism that means you don't have to trust smartcard terminal displays: http://www.cr80news.com/library/2006/09/16/on-card-displays-become-reality-maki ng-cards-more-secure/ So, when do we see the combined chip/fingerprint reader/display on a payment card :) Doesn't of course address the requirement that we want evidence (such as a signed paper receipt) that can later be adjudicated by a court with higher evidential standards than a bank statement that their systems work perfectly... - -- Blogzilla --> http://dooom.blogspot.com/ -- - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]