Crypto dongles to secure online transactions

Jerry Leichter leichter at lrw.com
Wed Nov 11 21:42:21 EST 2009


On Nov 11, 2009, at 10:36 AM, Matt Crawford wrote:

>
> On Nov 10, 2009, at 8:44 AM, Jerry Leichter wrote:
>
>> Whether or not it can, it demonstrates the hazards of freezing  
>> implementations of crypto protocols into ROM:  Imagine a world in  
>> which there are a couple of hundred million ZTIC's or similar  
>> devices fielded - and a significant vulnerability is found in the  
>> protocol they speak.
>
> Imagine a couple of hundred million devices with updatable firmware  
> on them, and one or more rogue updates in the wild.
That's the flip side of the vulnerability - and it's exactly why I did  
*not* suggest that the "fix" for vulnerable algorithms frozen into  
silicon was to make them updatable.

Of course, there *are* situations in which that makes sense.  If one  
organization distributes the dongles, they could accept only updates  
signed by that organization.  We have pretty good methods for keeping  
private keys secret at the enterprise level, so the risks should be  
manageable.

                                                         -- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list