[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cybercash security

To: [email protected], [email protected]
Subject: Cybercash security
From: "David Klur" <[email protected]>
Date: Tue, 26 Dec 95 15:28:11 CST
Sender: [email protected]

     
     What are the major security risks of the Cybercash system?  
     I can't really find any, other than someone cracking the consumer's 
     Cybercash client s/w password and using the victim's account to order 
     something, or someone cracking RSA!.  The following features seem to 
     mitigate other risks...
     
     
     - The merchant never sees the credit card number
     
     - The Cybercash server does not store any credit card numbers (only 
     temporarily while it is waiting for an authorizatino for a specific 
     card purchase)
     
     - The consumer's credit card number is stored on his hard disk 
     encrypted w/DES
     
     - The consumer sends his credit card number across the Internet 
     encrypted w/DES and signed w/ 768-bit RSA

Prev by Date: Re: New release (v.1.3.2) of CFS Unix encrypting file system available
Next by Date: Fwd: Re: Fwd: Re: FH radios [Dave Emery] [Vaughan Pratt]
Prev by thread: Re: New release (v.1.3.2) of CFS Unix encrypting file system available
Next by thread: Re: Cybercash security
Index(es):
- Date
- Thread