Crypto dongles to secure online transactions

Anne & Lynn Wheeler lynn at
Wed Nov 25 10:16:42 EST 2009

On 11/21/2009 06:31 PM, Jerry Leichter wrote:
> Well, my building card is plain white. If anyone duplicated it, there'd be nothing stopping them from going in. But then the actual security offered by those cards - and the building controls - is more for show (and I suppose to keep the "riffraff" out - than anything else.
> My work card has my photo and name on it, but there's nothing to correlate name with underlying ID in normal operation. Snap a photo of the card while you clone it, make up a reasonable simulacrum with your own picture and name, and walk right in.
> Not really more or less secure than the old days when you flashed you (easily copied) badge to a card who probably only noticed that it was about the right size and had roughly the right color. But it's higher tech, so an improvement. :-)
> Physical security for most institutions has never been very good, and fortunately has never *needed* to be very good. Convenience wins out, and technology gives a nice warm feeling. A favorite example: My wife's parents live in a secured retirement community. The main entrance has a guard who checks if you're on a list of known visitors, or calls the people you're visiting if not. Residents used to have a magnetic card, but that's a bit of pain to use. So it was replaced by a system probably adapted from railroad freight card ID systems: You stick big barcode in your passenger side window, and a laser scanner on a post reads it and opens the door.

Simplest card/token is basically (single-factor) "something you  have"  authentication

the "cheapest" RFID proximity card is just some static data ... that can be trivially copied and reproduced ... think of it somewhat akin to a wireless magstripe. that has also the "YES CARD" point-of-sale "contact" card vulnerability. Compromised POS terminal that recorded the "static data" from card transaction and trivially used to produce a counterfeit card (little or no difference from compromised POS terminal that records magstripe data). What made it worse than magstripe was that POS terminals were programmed to ask a validated chip three questions 1) was the entered PIN correct, 2) should the transaction be done offline, and 3) is the transaction within the account credit limit. A counterfeit "YES CARD" would answer "YES" to all three questions (it wasn't necessary to even know the correct pin with counterfeit "YES CARD" ... and deactivating the account ... as in magstripe ... wasn't sufficient to stop the fraud). A counterfeit "YES CARD" was also some other counterme
asures that had been built into the infrastructure:

a little more secure is two-factor token that requires both the token and possibly "something you know". However, two-factor authentication is assumed more secure is based on single factor authentication is based on
the different factors having independent compromises. In the case of the "YES CARD" (supposedly two-factor) ... it was only necessary to compromise the token's static data ... and it wasn't even necessary to know the correct PIN. In the case of pin-debit cards ... skimming compromises of ATMs or point-of-sale terminals can collect both the PIN and the magstripe data at the same time (invalidating assumption about independent compromises).

we had somewhat been asked in the mid-90s to participate in the x9a10 financial standard group (which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments) because of having worked on this stuff now frequently called "electronic commerce". This was *ALL* as in debit, credit, ACH, internet, point-of-sale, low-value, high-value, face-to-face, unattended, and/or transit. Transit-turnstyle has similar requirements to building access ... although the contactless power limitations and contactless elapsed time requirements can be more stringent than building access.

Somewhat as a result ... the related work on the AADS chip strawman, had all sorts of requirements ... form factor agnostic, very-very fast, very-very low-power, contactless capable ... but for high-value ... had to no have *NO* "static data" and very difficult to counterfeit ... but at the same time ... for low-value ... had to have as close to zero cost as possible.

Most of the alternatives from the period ... tended to only consider a very small subset of those requirements ... and therefor created a solution that had a single, specific operation and were ill-suited for a general purpose use. A simple issue was having the same token that was multi-factor authentication agile ... operate with single-factor (something you have) at a transit turnstyle (no time to enter PIN) ... but works the same way at a high-security building access turnstyle that requires multi-factor authentication ("something you have" token in conjunction with PIN "something-you-know" or palm "finger length" something-you-are). The same token then also works the same way at point-of-sale ... where low-value may just be single-factor authentication ... but increasing value transaction may have increasingly complex authentication.

Many of the above issues were also part of the prerequisite for being able to move from an "institutional-centric" paradigm (that also tended to only meet a small subset of possible authentication requirements) and a generalized "person-centric" paradigm.

The requirements to address *ALL* retail-payments in the mid-90s (in the x9a10 financial standard group) ... then were large factor in driving the AADS chip strawman by the the late-90s ... that had the features necessary for satisfying a *person-centric" paradigm.

40+yrs virtualization experience (since Jan68), online at home since Mar1970

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list