Crypto dongles to secure online transactions

Jerry Leichter leichter at
Mon Nov 16 23:20:27 EST 2009

On Nov 16, 2009, at 12:30 PM, Jeremy Stanley wrote:
>> If one organization distributes the dongles, they could accept
>> only updates signed by that organization. We have pretty good
>> methods for keeping private keys secret at the enterprise level,
>> so the risks should be manageable.
> But even then, poor planning for things like key size (a la the
> recent Texas Instruments signing key brute-forcing) are going to be
> an issue.
I'm not sure that's the right lesson to learn.

A system has to be designed to work with available technology.  The  
TI83 dates back to 1996, and used technology that was old even at the  
time:  The CPU is a 6MHz Z80.  A 512-bit RSA was probably near the  
outer limits of what one could expect to use in practice on such a  
machine, and at the time, that was quite secure.

Nothing lasts forever, though, and an effective 13 year lifetime for  
cryptography in such a low-end product is pretty good.  (The  
*official* lifetime of DES was about 28 years, though it was seriously  
compromised well before it was officially withdrawn in 2005.)

                                                         -- Jerry

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list