Crypto dongles to secure online transactions

Anne & Lynn Wheeler lynn at
Sat Nov 21 18:06:59 EST 2009

On 11/21/2009 05:56 PM, Jerry Leichter wrote:
> On Nov 18, 2009, at 6:16 PM, Anne & Lynn Wheeler wrote:
>> ... we could moved to a "person-centric" paradigm ... where a person
>> could use the same token for potentially all their interactions ...
>> we claimed we do something like two orders magnitude reduction in
>> fully-loaded costs by going to no personalization (and other things)
>> ... and then another two orders magnitude reduction in number of
>> tokens by transitioning from institutional-centric paradigm to
>> person-centric paradigm (compared to proposed smartcard/dongle
>> replacing every pin/password).
>> we then came up against that the bank marketing departments have taken
>> advantage of the requirement for institutional personalization ... to
>> put their brand and other stuff on every token....
> It goes deeper than that. Oh, sure, marketing loves having a presence -
> but their desire fits into corporate cultural biases.
> When I go to work, I have to carry two key cards - one for the building,
> one for my employer. They use the same technology - if you use the wrong
> one, the reader beeps in recognition but of course won't unlock the
> door. In fact, they interfere with each other - you have to make sure to
> keep the "wrong" one a couple of inches away from the reader or it will
> usually be confused. It's a pain, actually.
> Now, it's certainly possible that there's something proprietary on one
> card or the other - though as we've discussed here before, that's only
> true on badly designed systems: It's no big deal to read these cards,
> and from many times the inch or so that the standard readers require. So
> all that should be on the cards is an essentially random number which
> acts as a key into the lock systems database. It's just that the owners
> of each system insist on assigning that random number themselves. Does
> it give them any additional security? Hardly. If you think through the
> scenarios, you confirm that quickly - a direct consequence of the lack
> of any inherent value in the card or its contained number in and of
> themselves: The real value is in the database entry, and both
> institutions retain control of their own databases.
> What's needed is some simple cooperation and agreement on how to assign
> unique numbers to each card. There already has to be cooperation on the
> issuance and invalidation of building cards. But institutions insist on
> their sense of control and independence, even when it has no real
> payoffs for them (and, in fact, raises their costs).
> -- Jerry

We went thru all the scenarios with the objections on why they wanted institutional-centric paradigm ... part of the scenario was putting the assurance level of the chip on level with assurance level of your fingerprint or iris pattern ... and asking when institutions were going to start issuing individual, institutional-specific fingers for people to use.

this is various person-centric claims here and there  (assigned and still having activity after we've been gone for yrs)

there is specific granted patent here:

40+yrs virtualization experience (since Jan68), online at home since Mar1970

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list