[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Dallas Semiconductor turns on Internet commerce at the touch of a button
At 11:13 AM 10/7/96 -0400, Robert Hettinga wrote:
>Dallas Semiconductor turns on Internet commerce at the touch of
>a button; wearable computer chip generates uncrackable codes using public
>key cryptography
>----------------------------------------------------------------------
> DALLAS--(BUSINESS WIRE)--Oct. 7, 1996--
>...
> Unlike a loose plastic card, the iButton stays attached even
>while communicating, making misplacement less likely. Messages or
>transactions are authorized only after the PIN is validated by the
>iButton, the same technique automatic teller machines use to
>dispense cash.
What bothers me about such schemes is this: What happens if the insecure
machine which accepts your PIN and transfers it to the iButton then
performs a transaction which you have not authorized. E.g. it transfers
$10 rather than $.01. You can collect quite a bit by repeating the scam.
I have not heard of a trust protocol which does not require some form of
input and/or output on the iButton itself. All the ones which can be used
by normal humans (e.g. do not require the user to do public key
cryptography in his/her head) require both a small display and a
approve/disapprove button. I think the credit card calculator form factor
is attractive for this application.
-------------------------------------------------------------------------
Bill Frantz | "Cave softly, cave safely, | Periwinkle -- Consulting
(408)356-8506 | and cave with duct tape." | 16345 Englewood Ave.
[email protected] | - Marianne Russo | Los Gatos, CA 95032, USA