[Cryptography] Anti-counterfeiting microchip

Tom Mitchell mitch at niftyegg.com
Wed Sep 6 18:29:38 EDT 2017 

On Wed, Sep 6, 2017 at 5:33 AM, Camille Harang via cryptography <
cryptography at metzdowd.com> wrote:

> Le 06/09/2017 à 01:29, Jerry Leichter a écrit :
> > Hmm. A couple of years back, when Intel proposed to add a unique ID to
>
.....

> Hello Jerry, thanks for your reply. Yes indeed there are serious
> tracking issues with this kind of technologies. My motivation is to make
> transportable goods usable as cash,


Cash has serial numbers but they cannot be read from a distance.
OCR tech would allow a dispenser to log all the serial numbers dispensed
on any transition.   Cashregister tech could also read serial numbers.

The important thing to look at is the cost of the first transaction.
A reader and computer with connectivity have a cost.

Cash transactions have no cost beyond the risk of theft (taxation can
apply).

Barter transaction have no cost beyond the risk of theft (taxation can
apply).

Currently cash transactions are under pressure to vanish.  The merchant
does not
risk theft at the point of sale (hacking at Target).   Transactions
involving 10,000 in
the US are to be reported.

It seems the entry at the low end is a barrier and law enforcement would
want to
play in the $10,000 and above range.

I can see an RFID device that has a fuse link key that cannot be inspected
and could be challenged with a random sequence to return a good hash
of that challenge.   If the owner of the key in involved and keeps track of
challenge keys
it will never submit the same key twice to eliminate replay spoofing as an
authoritive
attack.   Power in an RFID device limits so much that this may collapse to
something too
simple to be secure.

Hard wire the device in a board so it can be read when power is on and
the Intel push back would replay.

There may be special cases where this notion has value and tomorrow is
a new day.


-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170906/4f9cd652/attachment.html>

More information about the cryptography mailing list