Heya, Gosh, are we off-topic or what? Anyway, I can't resist... ;-)
On 2/17/13 1:09 PM, Don Cooper wrote: > The basic RFID system is a simple transponder. > All it does is enables the chip to transmit a number when scanned. > That number is essentially an indexing string of data which contains > no personal information. I consider my credit card number (actually, the whole information that's present on the magnetic stripe as well as via the RFID chip if a card has it) personally identifiable information. Especially if somebody can use it to clone my card and buy stuff with my card. It can also be more than "a" number, as in a bunch of numbers that encode my passport photo, etc. And I certainly don't want to put my RFID-enabled PII into the close proximity of readers that aren't authorized to read that information, easy to hide, and fitting into everyone's pockets. > Out of the context of the process of the read - the number has no > significance. Plus - that context has deeply embedded encryption > algorithms based on time, location and date - which are called "one > way ciphers". I'm not sure what the definition a one way cipher or deeply embedded encryption algorithm would be? A hash? Passport information on RFID is encrypted with some sort of key, afaik, but obviously those keys need to be shared with those who are supposed to read the information (multiple times, and for more than one passport holder without having a unique key for each of them, presumably). One time passwords are something different, certainly not employed in this context... Cheers, David -- David Ochel -=> http://blog.ochel.net <=- --------------------------------------------------------------------- Visit our website: http://texascavers.com To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
