[Cryptography] Anti-counterfeiting microchip

Camille Harang mammique at garbure.org
Thu Sep 7 09:11:36 EDT 2017 

Le 07/09/2017 à 00:29, Tom Mitchell a écrit :
> On Wed, Sep 6, 2017 at 5:33 AM, Camille Harang via cryptography
> <cryptography at metzdowd.com <mailto:cryptography at metzdowd.com>> wrote:
>
>     Le 06/09/2017 à 01:29, Jerry Leichter a écrit :
>     > Hmm. A couple of years back, when Intel proposed to add a unique
>     ID to
>
> ..... 
>
>     Hello Jerry, thanks for your reply. Yes indeed there are serious
>     tracking issues with this kind of technologies. My motivation is
>     to make
>     transportable goods usable as cash, 
>
>
> Cash has serial numbers but they cannot be read from a distance.
> OCR tech would allow a dispenser to log all the serial numbers dispensed
> on any transition.   Cashregister tech could also read serial numbers.

Hello Tom, thank you for your reply and all this pertinent extra
information. Yes low or high tech tracking is a big issue! But I think
that the first threat towards privacy is central banking, tracking is an
extension of this initial power they have with their monopoly over money
creation. So I think that privacy issues regarding these technologies
should be addressed and mastered, instead of preventing us to act. The
question here is decentralization, these techs will be deployed anyway,
the question is will they be deployed by the people for the people, or
by central powers. If it is by central powers we will have no control on
privacy, nor monetary independence. If it is by we the people, we will
have monetary independence, and imperfect but IMHO manageable control
over privacy abuse.

On the Checkoin specs (https://checkoin.org/) there is an extra layer of
reputation system, it is optional, but it can help in many privacy case.
Because it's Open Source and decentralized the users have the freedom to
chose their tech (or make their own), so they will likely choose to use
the apps, coins, cashiers, stores, etc. that will display the best
privacy score on their screens (because they are being audited for that
by third party services), this freedom of choice would never happen if
such technologies are forced upon us in a coercive manner by central
powers, they would force the most intrusive technologies upon people, as
always. IMHO we have no choice but to take the bull by the horns.

I agree with you about central powers will to get rid of cash, that's
also why I believe that if cash is a problem for them, it's a solution
for us (if we control it). The $10000 limit you mention is a clear
signal about this war on cash, they will lower it until its use become
worthless, until it vanishes. Here in Europe it's even worth, the limit
has been lowered so many times that it's under €300 in Italy now IIRC.

Yes indeed access cost to be able to use such technologies will always
be higher than with cash. But I don't see how we can make something
dencentralized and secure without tech :-/

This RFID device you mention is very interesting, does it exist or did
you invent it? Yes indeed in case of NFC/RFID with cryptographic checks,
there must be power supplied, that's why I suggested a battery that
could be charged with standard micro-USB plugs, if it can last few month
I think it can remain convenient, otherwise people wont use it. Or
power+communication be done via USB, then we get rid of power problems
and distant spying, if the act of plugging the device is not too
difficult (not harder that scanning a banknote under a blacklight as
cashiers already do), I think it can be useful. Here is a fictional
printed circuit microchip that was originally designed for Checkoin:
https://checkoin.org/home/#printed-circuit-with-a-a-hrefcoin__public_keykey-signing-microchipa

Yes indeed I also believe that there must be special cases where this
notion has value. Thanks for your feedback, thanks to get involved or
spread the word if you believe this can be useful, I'd really like to
see this tech in the hand of the people.

Bests,

Camille.

>
> The important thing to look at is the cost of the first transaction.
> A reader and computer with connectivity have a cost.
>
> Cash transactions have no cost beyond the risk of theft (taxation can
> apply).
>
> Barter transaction have no cost beyond the risk of theft (taxation can
> apply). 
>
> Currently cash transactions are under pressure to vanish.  The
> merchant does not
> risk theft at the point of sale (hacking at Target).   Transactions
> involving 10,000 in
> the US are to be reported.
>
> It seems the entry at the low end is a barrier and law enforcement
> would want to 
> play in the $10,000 and above range.   
>
> I can see an RFID device that has a fuse link key that cannot be inspected
> and could be challenged with a random sequence to return a good hash
> of that challenge.   If the owner of the key in involved and keeps
> track of challenge keys
> it will never submit the same key twice to eliminate replay spoofing
> as an authoritive
> attack.   Power in an RFID device limits so much that this may
> collapse to something too
> simple to be secure.
>
> Hard wire the device in a board so it can be read when power is on and 
> the Intel push back would replay.   
>
> There may be special cases where this notion has value and tomorrow is 
> a new day.
>
>
> -- 
>   T o m    M i t c h e l l


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170907/67f25a03/attachment.html>

More information about the cryptography mailing list