[3487] in cryptography@c2.net mail archive
Re: IP: State Govt Will Use Datakey Smart Cards
daemon@ATHENA.MIT.EDU (EKR)
Fri Oct 16 11:58:44 1998
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: "Enzo Michelangeli" <em@who.net>, <cryptography@c2.net>
From: EKR <ekr@rtfm.com>
Date: 15 Oct 1998 09:27:40 -0700
In-Reply-To: "Arnold G. Reinhold"'s message of "Thu, 15 Oct 1998 12:05:23 +0100"
"Arnold G. Reinhold" <reinhold@world.std.com> writes:
> At 3:26 PM -0700 10/14/98, EKR [Eric Rescorla ekr@rtfm.com] wrote:
> >"Arnold G. Reinhold" <reinhold@world.std.com> writes:
> >Except that there's some special message you can send the card which
> >puts it into spy mode where it starts leaking. So it shows up fine
> >under testing but the spooks can compromise it.
> >
>
> One could have a number of nodes set up with smart cards driven by
> deterministic pseudo-random bit streams and compare the outputs with a
> software implementation of the smart card algorithm. Any attempt to turn on
> "spy mode" on these nodes would be caught immediately. Risk of detection
> would be a serious deterrent to a smart card manufacturer.
Each card would have a unique key that sent it into Spy Mode,
so you'd have to have one of your operational machines
(along with it's secret data) duplicated in software, which seems
to rather defeat the purpose of having your PRNG in (presumptively
tamperproof) hardware.
> I am not saying bootstrapping trust is easy, but I believe that it is
> possible and that it is very important work.
To be blunt, I believe it's next to a complete waste of time.
We've got an enormous number of security problems right now
that we know how to solve in a pretty good way. Those solutions
aren't perfect, but they're a hell of a lot better than what
we've got now. But deployment of those solutions keeps getting
bogged down because people want to make them perfect. (Those
of you on this mailing list who have been part of the IPSEC
effort will be sensitive to this issue).
I consider the probability of an attack along the lines we're
discussing to be vanishingly small. By contrast, we know that the
systems we use are riddled with unintentional holes that get exploited
all the time. Our effort would be better spent fixing those holes.
The phrase "the good is the enemy of the best" ccmes to mind.
-Ekr
[Eric Rescorla ekr@rtfm.com]
