[3445] in cryptography@c2.net mail archive
RE: IP: State Govt Will Use Datakey Smart Cards
daemon@ATHENA.MIT.EDU (Lucky Green)
Sat Oct 10 17:28:06 1998
From: "Lucky Green" <shamrock@netcom.com>
To: "Rick Smith" <rick_smith@securecomputing.com>
Cc: <cryptography@c2.net>
Date: Sat, 10 Oct 1998 00:11:45 -0700
In-Reply-To: <3.0.3.32.19981008163246.0098a100@mailhost.sctc.com>
Rick,
There are two different religions when it come to keys generated in
hardware. I used to be a believer in that the "the key should be generated
in hardware and never leave the hardware". I don't believe that anymore. Now
I believe that the key should never be generated in hardware you didn't
design and build yourself. There is just too much room for virtually
undetectable design errors, be they accidental or deliberate, that will
dramatically reduce the keyspace.
YYMV,
--Lucky Green <shamrock@netcom.com>
PGP 5.x encrypted email preferred
> -----Original Message-----
> From: owner-cryptography@c2.net [mailto:owner-cryptography@c2.net]On
> Behalf Of Rick Smith
> Sent: Thursday, October 08, 1998 14:33
> To: Ed Gerck; Robert Hettinga
> Cc: cryptography@c2.net; dcsb@ai.mit.edu
> Subject: Re: IP: State Govt Will Use Datakey Smart Cards
>
>
> >On Mon, 5 Oct 1998, Robert Hettinga wrote:
> >
> >>State Government Agency Will Use Datakey Smart Cards
>
> At 02:55 PM 10/5/98 -0200, Ed Gerck asked:
>
> >Can you comment since you are reporting on it, or someone else could
> >perhaps comment, what exactly Datakey means when they use the word
> >"true" regarding non-repudiation? Is is "true" as "fully realized"
> >(exemplified by "dreams come true"), or as "narrow" (exemplified by
> >"in the truest sense")?
>
> I can't speak for DataKey, though I've talked to their people about their
> products and know a little about them.
>
> I suspect (and this an informed conjecture, not fact) their assertion of
> "true nonrepudiation" is derived from a technical detail: their cards can
> run in a mode where they generate the public/private key pair onboard and
> they never, ever emit a copy of the private key. So this ties usage of the
> private key to custody of the corresponding card, and the card probably
> requires some sort of PIN activation. So you "know" the private key can
> only be used by the card's custodian and the custodian can't argue that
> someone else has copied the key.
>
> This seems related to the notion of nonrepudiation, and in some sense
> captures an ultimate technical implementation of private key control.
> However, I don't think anything can guarantee "true nonrepudiation" in the
> sense that people occasionally speak (in hushed or haughty tones) of being
> "Truly Secure." The real world is too complex to support the concept, and
> the limitations aren't technical ones.
>
> Regardless of the marketing terms being used, I personally find it
> interesting to think about PK cards that never emit the private
> key. I like
> the clean notion of tying the private key so completely to a single piece
> of tangible hardware. However, I suspect that some existing protocols will
> get a bit squirrely if particular private keys become irrecoverable due to
> a hardware failure.
>
> Rick.
> smith@securecomputing.com
>
>
