Crypto dongles to secure online transactions
Jerry Leichter
leichter at lrw.com
Mon Nov 16 23:20:27 EST 2009
On Nov 16, 2009, at 12:30 PM, Jeremy Stanley wrote:
>> If one organization distributes the dongles, they could accept
>> only updates signed by that organization. We have pretty good
>> methods for keeping private keys secret at the enterprise level,
>> so the risks should be manageable.
>
> But even then, poor planning for things like key size (a la the
> recent Texas Instruments signing key brute-forcing) are going to be
> an issue.
I'm not sure that's the right lesson to learn.
A system has to be designed to work with available technology. The
TI83 dates back to 1996, and used technology that was old even at the
time: The CPU is a 6MHz Z80. A 512-bit RSA was probably near the
outer limits of what one could expect to use in practice on such a
machine, and at the time, that was quite secure.
Nothing lasts forever, though, and an effective 13 year lifetime for
cryptography in such a low-end product is pretty good. (The
*official* lifetime of DES was about 28 years, though it was seriously
compromised well before it was officially withdrawn in 2005.)
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list