Re: OT: Smartcards and Physical Security [Was: Re: Backport of the integer overflow in the brk system call]
On Wed, 3 Dec 2003 12:34, Don Armstrong <don@donarmstrong.com> wrote:
> Smartcards are not a magical panacea either.
True.
> The problems associated
> with them aren't too terribly different from those associated with
> keys or other forms of physical security, notably, that they can be
> stolen, or the output from them duplicated.
Using a smart-card means that logging in does not merely require "something
you know" but also "something you have". All the good security guides say
that security should depend on "something you know and something you have",
smart-cards plus a password meets this criteria.
> Refer to the ongoing saga
> between DirectTV and satelite pirates for a trivially applicable
> example.
That's a case of a smart-card used to decode distributed content (IE something
like DECSS in principle). Encryption of one to many is a very different
problem to individual encryption/authentication. The problem we are trying
to solve is easier. Also in the DirectTV saga cracking the cards allegedly
cost $25M.
GPG smart-cards are entering the market. If GPG is crackable then we have
lost regardless. If GPG is secure then GPG smart-cards will do as long as
they are not stolen. Having revokation proceedures for stolen cards and DD's
reliable enough to follow them should deal with this.
> From my perspective, Smartcards do little to raise the bar. They
> merely move the bar sideways.
I think that they raise the bar a lot. They raise it from something that can
be cracked by any script kiddie to something that requires a lot of money and
expertise. That is a significant benefit.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: