[Cryptography] Response to weak RNGs in Taiwanese and Estonian digital ID cards?
Ondrej Mikle
ondrej.mikle at gmail.com
Tue Oct 24 10:41:55 EDT 2017
Hi,
there was similar case with Taiwanese cards in 2013 (batch GCD+Coppersmith
- https://smartfacts.cr.yp.to/smartfacts-20130916.pdf). However I can't
seem to find how they handled it eventually. There was recent news that
they will replace the ID cards for some unspecified reason -
http://embeddedsecuritynews.com/2017/10/taiwan-to-issue-electronic-id-cards-in-a-year-minister/
Same goes for Estonian cards - no idea what mitigation or response was
announced. It also seems that the news broke for Estonian cards one month
sooner than for Slovak eID cards (source, but in Slovak:
https://www.rtvs.sk/televizia/archiv/11580/139321#489).
Slovakia finally announced shutting down all e-government services and
that's it for now. Not sure whether they plan on reissuing/repgramming the
cards.
Regards,
OM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171024/47e15351/attachment.html>
More information about the cryptography
mailing list