[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Smartcards and Physical Security

On Wednesday 03 December 2003 15:32, Manoj Srivastava wrote:
> 	An even better security guideline is "something you are" -- so
>  should we not spring for retinal scanners/fingerprint readers/other
>  buiometrics? I mean, we _are_ talking about other peoples money. :P

However 'something you are 'always gets turned into 'something you are 
not' (in electronic form) which can be copied, and be re inserted between the 
end point and the biometric device. One advantage to smart cards that i think 
may have been missed in the discussion (correct me if im wrong) is that not 
all the information leaves the device, they actually do processing on the 
smart cards themselves and it is physically difficult (i.e cant be done in a 
non detectable way) to read the keys protected in this manner. Its more 
complicated than this in reality but that kind of gives the jist of why smart 
cards are _much_ better than magnetic strips for instance.


 ^__^            | Tom Badran
 (oo)\______     | Imperial College
 (__)\       )\/\| Department of Computing
    ||----w |    | -----------------------
    ||     ||    | Using Debian SID

Attachment: pgpfXlBkZcwsW.pgp
Description: signature

Reply to: