CFP: PKI research workshop

lynn.wheeler at firstdata.com lynn.wheeler at firstdata.com
Tue Jan 1 12:59:28 EST 2002


somewhat as an aside ... the requirement(s) given the X9A10 financial
standards working group for the development of the X9.59 standard was

* to preserve the integrity of the financial infrastructure for all retial
electronic payments without the use of encryption

"ALL" didn't just mean internet or just mean credit .... it met "ALL" ...
all environments ... all types of transactions, etc.

"Without the use of encryption" didn't mean that  information hiding wasn't
precluded (say for privacy reasons) but weren't required to preserve the
integrity of the financial infrastructure (aka that complete clear-text
could be made available and it wasn't possible to do a fraudulent
transaction based on everybody in the world potentially having the
cleartext of that payment transaction).

Implied in the requirement was that it had to also be extremely lightweight
in order to be applicable to some of the existing electronic payments
environments. Again "ALL" met "ALL" ... including a large number of
existing electronic environments. Frequently "from scratch" protocol
definitions are faster to do if you don't have to take into account any
existing infrastructure (and/or only addressing an extremely small subset
of the total end-to-end problem)..

To meet the requirements we eventually settled on a very lightweight,
end-to-end authentication definition (strong authentication of every
transaction had to flow completely through from the consumer all the way
through to the consumer's financial infrastructure).

x9.59 references:
http://www.garlic.com/~lynn/index.html#x959




nelson at crynwr.com on 12/31/2001 8:32 pm wrote:


to which I would add:

3. Cryptography, and therefore PKI, is meaningless unless you first
define a threat model.  In all the messages with this Subject, I've
only see one person even mention "threat model".  Think about the
varying threat models, and the type of cryptography one would propose
to address them.  Even the most common instance of encryption,
encrypted web forms for hiding credit card numbers, suffers from
addressing a limited threat model.  There's a hell of a lot of known
plaintext there.






---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list