crypto question
David Jablon
dpj at theworld.com
Thu Mar 21 10:33:08 EST 2002
Systems that split a password among N nodes, such that no less than N
can collaborate to verify guesses, are described in:
www.integritysciences.com/links.html#FK00 and
www.integritysciences.com/links.html#Jab01
For N=1, some kind of special hardware embedded solution seems
to be required. Think smartcards, TCPA, and initiatives to build
this general capability into standard PC BIOS such as:
www.phoenix.com/Security/products/index.html
-- David
At 10:24 PM 3/20/2002 -0500, Pat Farrell wrote:
>At 01:45 PM 3/21/2002 +1100, McMeikan, Andrew wrote:
> >Question. Is it possible to have code that contains a private encryption
> >key safely? Every way I look at it the answer seems no, yet some degree of
> >safety might be possible by splitting an encrypting routine across several
> >nodes. Can someone give me a pointer to any work in this area?
>
>I don't believe so, but maybe someone else on the list has a better answer.
>Secret splitting will clearly make it harder for Mallet to gather the key.
>
>In the past Atalla (later Compaq, now HP) and Harris sold hardware boxes that
>kept keys in tamper proof boxes. They worked because opening the box lost the
>key. Banks used them heavily in the late 1990s.
>
>The usual good solution is to make a human type in a secret.
>The usual bad solution is to store it in a secret place, or encrypted with
>a key kept elsewhere (source, secret file, LDAP, etc.)
>
>The old CyberCash wallet, which used strong RSA keys, used simple 56bit DES
>to protect the private key on the local PC's hard disk. The thinking was
>that user won't use more entropy in their keys to really justify 3DES,
>and once one has physical access to the computer and hard drive, there
>are simpler attacks than breaking the crypto on the key: keystroke
>sniffers being
>one obvious example.
>
>I'd also love to hear of real solutions to protecting a key stored on
>local disk
>
>Pat
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list