[Cryptography] Phishing Attacks - Alice, HAL and Bob

Phillip Hallam-Baker phill at hallambaker.com
Fri Aug 19 09:42:10 EDT 2016 

On Fri, Aug 19, 2016 at 12:54 AM, Jerry Leichter <leichter at lrw.com> wrote:

> Coins could be made out of glass. Flaws like tiny bubbles would be
> difficult to position during manufacture. As such imperfections would make
> each coin unique and impossible to replicate. Whatever process is used to
> draw a picture and a coin value could be used to add a unique serial
> number. Authentication would involve authenticating the physical properties
> like refractive index and examining the coin's unique physical flaws i.e.
> Fingerprint. Finally the central bank, for that currency, can authenticate
> that 'serial number -   fingerprint' combination.
>
> There is a great deal of published work in this direction.  One extreme
> example (first page only; the paper should be around somewhere)
> http://link.springer.com/chapter/10.1007%2F978-3-642-04431-1_15#page-1.
>  (A "PUF" is a Physically Uncloneable Function" - this search term will
> lead you to some of the published work.  The particular paper - which I
> haven't read - uses a "PPUF" - a Public PUF).
>
> Ideas of this sort go *way* back.  Bennett et al used quantum mechanics in
> a (thought experiment) design for "unforgeable subway tokens" back in 1983 (
> https://static.aminer.org/pdf/PDF/000/120/546/quantum_
> cryptography_or_unforgeable_subway_tokens.pdf).
>
> An actual fielded system - to which I don't have a reference; this is from
> memory - was used to make tamperproof seals:  It's possible to pull a
> length of many fiber-optic strands.  The individual strands assort and mix
> themselves quite randomly, unpredictably, and uncontrollably.  Pick some
> number of them at one end and light them; record which ones are lit at the
> other.  Thread the glass through a hasp controlling access to something.
> If it's cut, there's no known way to repair or replace it such that the
> resulting strand will reproduce the pattern.
>
> There's even a science fiction book I remember reading, probably dating
> from the 80's, of a society in which everyone got an ID card that had a
> random, unpredictable value manufactured into it by some physical process
> that could not be reproduced afterwards.  The minor but significant plot
> point centered around a way of hacking this "unhackable" system.  As best I
> can recall, the attacker couldn't clone a card - but was able to break in
> at the point where a new card was bound to a person's identity, roll the
> process back, and create a second identity bound to the same brand new card.
>                                                         -- Jerry
>

​When I was looking into turning a Raspberry Pi into a crypto processor, I
was planning to pot it in two coats of epoxy resin, an opaque inner coat
and a transparent outer coat with a mix in of glitter.​

​I know from my experience with props that it is pretty much impossible to
match grain surfaces even when the surviving photographs are hilariously
low resolution. People went to ridiculous lengths to clone Star Trek
communicator props, but even if you have the correct period Kydex, aligning
it in a vacuum press to get precisely the right positioning is essentially
impossible. There are props we can be very confident are authentic as they
continued to match after work was done to remaster the series for DVD.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160819/4a88696b/attachment.html>

More information about the cryptography mailing list