From: norm@netcom.com (Norman Hardy)
To: cypherpunks@toad.com
Message Hash: 6651564e0bc38c8be33c8be7f108a8d6ce7ff9a7870ead5b9856a9d99c02a82b
Message ID: <ae778e7901021004910d@[192.0.2.1]>
Reply To: N/A
UTC Datetime: 1996-10-02 06:32:00 UTC
Raw Date: Wed, 2 Oct 1996 14:32:00 +0800
From: norm@netcom.com (Norman Hardy)
Date: Wed, 2 Oct 1996 14:32:00 +0800
To: cypherpunks@toad.com
Subject: Re: Weaknesses in Smart Cards? (Re: FLA_wed)
Message-ID: <ae778e7901021004910d@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain
At 2:21 AM 9/26/96, Timothy C. May wrote:
...
>Strip-back of the outer packaging is possible, of course. I'd need to know
>a lot more about the packaging used by VISA and other smartcard makers to
>know how economical this would be. (Breaking any single card is not
>necessarily a financial windfall, if the card has a limit, for example.
>This puts a limit on how much $$$ can be spent on cracking a chip.)
As best I can figure, extracting the secret from a Mondex card gives you not
merely the money from the card, but the "digital plates" with which to mint
arbitrarily much more money. I only say this because the only protocol the
I can think of that fits what we do know of Mondex has this problem. This fault
does not plague Chaum cash.
I don't know how to code the card application so that a transient errors
won't just occasionally cause the secret to be exported. Then again that
may be possible to code it for "fail safe". If it were my money backing
the Mondex cards, I would want to know how it worked.
Return to October 1996
Return to “norm@netcom.com (Norman Hardy)”