[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SET

To: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: SET
From: [email protected]
Date: Wed, 12 Nov 1997 11:22:21 -0500
Reply-to: [email protected]
Sender: [email protected]


[email protected] wrote:

>At Doug Tygar's talk at Harvard last week, he claimed to have found a way
>to crack it. I, um, forgot to press him on this. Has anyone heard about
>this, or what it might be?

Actually, I did not claim to break SET.  What I said was:

(a)  because SET is such a complicated protocol, I am certain that it
     does have flaws;
(b)  SET does not have a clear design philosophy -- for example, it has
     modes in which a consumer's credit card number is hidden from a
     merchant and modes when it is given to a merchant.  These ambiguous
     design points in the protocol make the protocol vulnerable to misuse.

I have not made a serious effort to crack SET, yet.

-- Doug Tygar

Follow-Ups:
- Re: SET
  - From: Robert Hettinga <[email protected]>
- Re: SET
  - From: Eric Murray <[email protected]>

Prev by Date: Re: Scared of US; Where to relocate?
Next by Date: Re: Br'er Tim and the Bug Hole
Prev by thread: Re: Databasix conspiracy theories
Next by thread: Re: SET
Index(es):
- Date
- Thread