Encryption of data in smart cards
Anne & Lynn Wheeler
lynn at garlic.com
Thu Mar 13 16:08:04 EST 2003
At 01:13 PM 3/13/2003 -0500, John Kelsey wrote:
>At 11:08 PM 3/12/03 +0100, Krister Walfridsson wrote:
>
>...
>>This is not completely true -- I have seen some high-end cards that use
>>the PIN code entered by the user as the encryption key. And it is quite
>>easy to do similar things on Java cards...
>
>With any kind of reasonable PIN length, though, this isn't all that
>helpful, because of the small set of possible PINs. And smartcards don't
>generally have a lot of processing power, so making the PIN->key mapping
>expensive doesn't help much, either.
>
>> /Krister
>
>--John Kelsey, kelsey.j at ix.netcom.com
note however, that PIN could be possibly in infrastructure with real secret
key and encryption done with derived key. the derived key one-way function
is attempting to protect the infrastructure-wide secret key from brute
force key search on specific piece of data. The issue is how many bits in a
PIN is required to protect the secret key in a one-way function (involving
the secret key and the PIN). A simple derived key is sufficient using the
secret key and public account number. Adding a (privately known, card
specific) PIN to such a derived key function:
1) doesn't increase the ease of attack on the secret key
2) doesn't affect brute force attack on the derived key
3) makes it harder to use a lost/stolen card
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list