From: Nathaniel Borenstein <nsb@nsb.fv.com>
To: jirib@cs.monash.edu.au
Message Hash: 39ac4241cd390d89e0699b8ccb6b04aa97085654190ea3979a8580bf41ad2d35
Message ID: <UkMehqWMc50e0Eb0xP@nsb.fv.com>
Reply To: <199509220137.LAA12354@sweeney.cs.monash.edu.au>
UTC Datetime: 1995-09-22 12:29:28 UTC
Raw Date: Fri, 22 Sep 95 05:29:28 PDT
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Fri, 22 Sep 95 05:29:28 PDT
To: jirib@cs.monash.edu.au
Subject: Re: first virtual "security" (!!) (was Re: Security Flaw Is Discovered InSoftware Used in Shopping)
In-Reply-To: <199509220137.LAA12354@sweeney.cs.monash.edu.au>
Message-ID: <UkMehqWMc50e0Eb0xP@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain
Excerpts from mail.fv: 22-Sep-95 Re: first virtual "security.. Jiri
Baum@sweeney.cs.mon (1560*)
> > >financial insecurity never was a problem as
> > >long as it remains under a small %.
> >
> > This is an amazing statement, Laurent.
> It's not an amazing statement. As long as the cost of insecurity is
> less than cost of security, there's no problem.
I think the basic confusion here is precisely about the cost.
The cost of having one credit card stolen is small.
The cost of having millions stolen at once is *astronomical*. It really
could bring down the whole credit card system, if that was the
criminal's goal.
My concern is about schemes in which the compromise of the cryptographic
algorithms or software leads to a scenario in which one criminal steals
millions of credit cards. In such a scenario, the cost of insecurity is
unacceptably high.
> Okay, so what's stopping you from starting right now with PGP?
> You could simply have that as an alternative to the current system
> (on a per-ID basis, ie new customers specify PGP or not).
> Quite a few people both have PGP and would think well of you if you
> started using it.
> How about "The safest Internet payment system just got safer."?
We're definitely moving in this direction. It's more complicated than
you make it sound, though. Personally, I don't want to use any
cryptography without an explicit, clear, policy and mechanism for key
expiration and key lifetimes. The risk of key compromise is directly
proportional to the key lifetime. PGP today -- which we use very
heavily internal to FV -- is not well-equipped for dealing with key
management issues on a scale of millions of users.
Now, having said that... we're currently planning to deploy FV version
2 before the end of the year. Version 2 *will* include the first use of
PGP in the FV system, but it will NOT work the way you probably expect.
Stay tuned! -- Nathaniel
--------
Nathaniel S. Borenstein <nsb@fv.com> | When privacy is outlawed,
Chief Scientist, First Virtual Holdings | only outlaws will have privacy!
FAQ & PGP key: nsb+faq@nsb.fv.com | SUPPORT THE ZIMMERMANN DEFENSE FUND!
---VIRTUAL YELLOW RIBBON-->> zldf@clark.net <http://www.netresponse.com/zldf>
Return to September 1995
Return to ““NSB’s Portable (via RadioMail)” <nsb@radiomail.net>”