RPOW - Reusable Proofs of Work
Anne & Lynn Wheeler
lynn at garlic.com
Mon Aug 16 18:50:13 EDT 2004
At 12:36 PM 8/15/2004, R. A. Hettinga wrote:
>This is what creates trust in RPOWs as actually embodying their claimed
>values, the knowledge that they were in fact created based on an equal
>value POW (hashcash) token.
the issue in the "yes card" exploit is that you migrate the financial
business rules out into hardware tokens (of any kind) and then do
peer-to-peer operations between tokens.
the threat model is you attack the belief in a valid hardware token ...
once you have that you have the mechanism for creating counterfeit tokens
that can convince other tokens that they are valid. These counterfeit
tokens don't tell the truth ... they are programmed to say whatever will
convince other tokens that can be trusted.
and as per previous post ... i got hit in a sci.crypt thread with the claim
that even 4758 can be succesfully attacked.
misc. posts discussing token attacks that 1) result in being able to
fabricate counterfeits 2) which are acceptable in offline, peer-to-peer
operations:
http://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?
http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
http://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI
International Consortium
http://www.garlic.com/~lynn/aadsm17.htm#42 Article on passwords in Wired News
http://www.garlic.com/~lynn/2003o.html#37 Security of Oyster Cards
http://www.garlic.com/~lynn/2004g.html#45 command line switches [Re:
[REALLY OT!] Overuse of symbolic constants]
http://www.garlic.com/~lynn/2004j.html#12 US fiscal policy (Was: Bob Bemer,
Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#13 US fiscal policy (Was: Bob Bemer,
Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer,
Computer Pioneer,Father of ASCII,Invento
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list