[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Weaknesses in Smart Cards? (Re: FLA_wed)

Its worse than that. The Bellcore piece was presented as being
about a possible weakness in MONDEX. In fact MONDEX does not use the
cryptographic technique investigated. Its a symmetric key (DES)
based system. I would immagine they would keep a symmetric 
component even if they go for a public key system.

BTW if you think carefully about MONDEX you will note that a
public key system does not improve security. The system 
depends on private keys embedded in the devices. There is
no value in having the devices use public key signatures over 
symetric ones.


PS whats the betting that anyone at a high profile site who
happens to be offline for a few hours to (say) change 
service providers will be reported as having been "hacked"?