Welome to the Internet, here's your private key
Bill Frantz
frantz at pwpconsult.com
Tue Feb 5 14:16:40 EST 2002
At 6:37 AM -0800 2/5/02, Arnold G. Reinhold wrote:
>I'd argue that the RSA and DSA situations can be made equivalent if
>the card has some persistent memory.
I expect you could initialize the random data in that memory during
manufacture with little loss of real security. (If you are concerned about
the card's manufacturer, then you have bigger problems. If anyone does,
the manufacturer has the necessary equipment to extract data from secret
parts of the card, install Trojans etc.)
Note that if the card generates its own keys, it needs the same kind of
memory to store the keys as it needs to store a random seed.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
frantz at pwpconsult.com | fair use. | Los Gatos, CA 95032, USA
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list