Encryption of data in smart cards
John Kelsey
kelsey.j at ix.netcom.com
Fri Mar 14 01:13:28 EST 2003
At 01:23 PM 3/13/03 -0500, Trei, Peter wrote:
>Every PINned SC I've seen has a very limited (typically 3) number
>of failed attempts before it locks itself up. Once it's locked up, it
>can only be reactivated by an administrator PIN, which is held
>at much higher security by the issuer, and not available to the
>card user.
Right. Which is good for the PIN-guessing-to-get-access attack, but not
much help for the decrypting the extracted data using the PIN-generated key
attack.
>Peter
--John Kelsey, kelsey.j at ix.netcom.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list