Crypto dongles to secure online transactions

Jerry Leichter leichter at lrw.com
Sat Nov 21 17:56:03 EST 2009 

On Nov 18, 2009, at 6:16 PM, Anne & Lynn Wheeler wrote:
> ... we could moved to a "person-centric" paradigm ... where a person  
> could use the same token for potentially all their interactions ...
> we claimed we do something like two orders magnitude reduction in  
> fully-loaded costs by going to no personalization (and other  
> things) ... and then another two orders magnitude reduction in  
> number of tokens by transitioning from institutional-centric  
> paradigm to person-centric paradigm (compared to proposed smartcard/ 
> dongle replacing every pin/password).
>
> we then came up against that the bank marketing departments have  
> taken advantage of the requirement for institutional  
> personalization ... to put their brand and other stuff on every  
> token....
It goes deeper than that.  Oh, sure, marketing loves having a presence  
- but their desire fits into corporate cultural biases.

When I go to work, I have to carry two key cards - one for the  
building, one for my employer.  They use the same technology - if you  
use the wrong one, the reader beeps in recognition but of course won't  
unlock the door.  In fact, they interfere with each other - you have  
to make sure to keep the "wrong" one a couple of inches away from the  
reader or it will usually be confused.  It's a pain, actually.

Now, it's certainly possible that there's something proprietary on one  
card or the other - though as we've discussed here before, that's only  
true on badly designed systems:  It's no big deal to read these cards,  
and from many times the inch or so that the standard readers require.   
So all that should be on the cards is an essentially random number  
which acts as a key into the lock systems database.  It's just that  
the owners of each system insist on assigning that random number  
themselves.  Does it give them any additional security?  Hardly.  If  
you think through the scenarios, you confirm that quickly - a direct  
consequence of the lack of any inherent value in the card or its  
contained number in and of themselves:  The real value is in the  
database entry, and both institutions retain control of their own  
databases.

What's needed is some simple cooperation and agreement on how to  
assign unique numbers to each card.  There already has to be  
cooperation on the issuance and invalidation of building cards.  But  
institutions insist on their sense of control and independence, even  
when it has no real payoffs for them (and, in fact, raises their costs).
                                                         -- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list