[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Australian "calculatorcard"



-- [ From: amp * EMC.Ver #2.3 ] --

-----BEGIN PGP SIGNED MESSAGE-----

From: Cees de Groot            \ Internet:    ([email protected])
To:   cypherpunks              \ Internet:    ([email protected])

Subject: Australian "calculatorcard"

Hi everybody,

CG> Yesterday, on UK Discovery, there was an item in the programme
CG> Beyond 2000 about an Australian card which implements a
CG> challenge-response protocol and can be used for banking, etcetera.
CG> Basically, you give your card number (over the phone), get a
CG> challenge number, enter your pin and the challenge, and then give the
CG> response. All in CC format...

sounds like the card i use for remote dialup to certain non-public
systems i use at work. it has a six digit number on the front that
changes every 60 seconds. the card is registered to me. when i enter
my username/password i'm prompted for the number. it's Pretty Good
(tm) security, but like anything not biometric, it is vulnerable to
black-bag attacks. physical possession being all that is required. if
you know the algorithm and the serial number of the card and the
time, even that isn't necessary.


CG> Can anybody provide me with pointers to more in-depth information
CG> about this device and the algorithm(s) behind it ?

i don't know if there are any net sources for them, but i'd be
suprised if not. my card references "security dynamics" of cambridge
massachusetts.

amp
<[email protected]> (since 10/31/88)
<[email protected]>
PGP Key = 57957C9D
PGP FP = FA 02 84 7D 82 57 78 E4  E2 1C 7B 88 62 A6 F9 F7 
December 30, 1995   23:29

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMOYRtIdTfgZXlXydAQGengf9EH07ubUAH43THj3l+6kWUjnXDYfe2DFj
CvpEKlFoDkxwllDcIX0KfWK+ENr3YzyQp/yuWU+ZAw/ogci3y5r4IF+oJ4ItrVD6
pZ4AzF5NvXb2KWcnSaQoVsfo3yIt0bfRknuQjGyirntNhLpTkObVygbUmSSNeT8S
hrpGB85IkEoy/km3pntCMfrfA0BrED3GCnNLxVYupY7jM7AxbD+mjHvS8to63bPv
68xjB93b+78ld/O0FPsOP7GQMbUZyTJMiLoNwiMhbgEi8Y4dFTlZ6mF6NMHsDxDy
p/ocbp2dOj0Vy/BFbfbBqCgdjY3FoExRRHpgav8b0Xd4qNydkFDelg==
=MSp2
-----END PGP SIGNATURE-----