unforgeable optical tokens?
Hadmut Danisch
hadmut at danisch.de
Fri Sep 20 16:38:02 EDT 2002
On Fri, Sep 20, 2002 at 02:17:11PM -0400, Trei, Peter wrote:
> >
> It appears to have replay resistance *between* readers - ie, the data
> from reader A would be useless to spoof reader B, since the two readers
> will illuminate the device at different locations and angles.
Not really. Illuminating the device at different locations and
angles is certainly not as good as a cryptographical challenge.
Since the location and angle is done by some mechanical device,
the numers of locations and angles is certainly "small", and
once you are in posession of the token (e.g. as a clerk in the
shop), it might be possible to generate a complete table of
all location/angle/response triples.
Another question is how the reader verifies the token. There
must be some description of the token which allows to verify
the token. Is it possible to generate the token respones without
actually having the token? (are token and verfication information
a public/private key pair?).
I see the reader as a weak point, a second one is that the device
does not provide a signature. Even if the device was replay proof,
it's not possible to distinguish between payment of 20 or 40 Euro.
There are plenty of good applications for such a token, but credit
cards and payment are certainly not.
Hadmut
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list