On Tue, Sep 03, 2002 at 09:03:40PM -0400, Yannick Gingras wrote: > This make me wonder about the relative protection of smart cards. They have > an internal procession unit around 4MHz. Can we consider them as trusted > hardware ? The ability to ship smart cards periodicaly uppon cashing of a > monthly subscription fee would not raise too much the cost of "renting" the > system. Smart card do their own self encryption. Can they be used to > decrypt data needed by the system ? The input of the system could me mangled > and the would keep a reference of how long it was in service. > > This sounds really feasible but I may be totaly wrong. I may also be wrong > about the safety of a smart card. > > What do you think ? That's similar to using hard-locks (either the old parallel, or the new usb). The problem is that that piece of hardware is trustworthy, but the rest of the PC isn't, so a cracker just needs to simulate the lock/smart card, or peek at the executable after the lock has been deactivated. Regards, Luciano Rocha -- Consciousness: that annoying time between naps.
This archive was generated by hypermail 2b30 : Wed Sep 04 2002 - 13:04:37 PDT