[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DigiCash Ecash - 2 security topics
-----BEGIN PGP SIGNED MESSAGE-----
An entity calling itself "Marcel van der Peijl"
<[email protected]> is alleged to have written:
>
>
(I wrote:)
> > E.g. has there been a DigiCash response to Ian Goldberg's
> > publication of a denial-of-service attack which operates by
> > spending a coin with the same serial number as your victim's
> > coin?
> After discussing things with Ian we came up with several solutions.
> One is encrypting more messages (which we will do in a next revision
> of the protocol), the other is enabling ecash to work over ssl
> servers. You may not see the answer directly in the list, but you
> will see it in the next protocol revision.
What kind of performance hit does this new encryption entail?
(No additional performance hit if SSL does it, I know.)
Are you considering having different protocols for SSL-protected
transactions versus unprotected ones?
Let me repeat something I said a couple of weeks ago: I suspect
that the weakest point in DigiCash security is on the end-user's
own harddrive. A malicious cracker could write a Trojan horse
or even a virus which would steal the user's coins and send them
to himself.
Hm. Now that I think about it, if the user has a back-up copy
of those coins then he can reveal their blinding factors to the
bank after the theft, thus catching the thief! So the thief
program would have to deposit those coins with the bank, make a
new withdrawal (ouch!) and then steal the new coins.
I'm not sure that anything can be done by DigiCash or by Ecash-
issuing banks to prevent this, but I thought I'd mention it.
(Hm. The program also has to steal the user's password in order
to make the withdrawal.. This is getting to be a pretty smart
program!)
Regards,
Bryce
"Toys, Tools and Technologies"
<a href="http://www.c2.org/~bryce/Niche.html"> the Niche </a>
New Signal Consulting -- C++, Java, HTML, Ecash
<a href="mailto:[email protected]"> Bryce </a>
PGP sig follows
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Auto-signed under Unix with 'BAP' Easy-PGP v1.01
iQCVAwUBMQPWs/WZSllhfG25AQHv2gQAuJsZqQh+IF0vk8C2OY9zsvMlbqN0+GxN
LinbZhWRDlqcRJ69dtzYDhbuvDphHuQYdNUJka5r3Bzplj5tim3sJ+wvEF2eiXTO
vUSXrJ8DvnZPji+qEuv1Zs5D8gXdFs2ALsUbsDxQxVrVlcTbDKnz2EQel0apzqld
VTV8CFvHaRY=
=i3hX
-----END PGP SIGNATURE-----