1996-10-02 - Re: Weaknesses in Smart Cards? (Re: FLA_wed)

Header Data

From: Lucky Green <shamrock@netcom.com>
To: Norman Hardy <norm@netcom.com>
Message Hash: ce5b178f274d9d94fd7a2f25fe6734d32cfbe9e09b52ed365b3238428a47391b
Message ID: <Pine.3.89.9610012138.A15603-0100000@netcom9>
Reply To: <ae778e7901021004910d@[192.0.2.1]>
UTC Datetime: 1996-10-02 08:46:15 UTC
Raw Date: Wed, 2 Oct 1996 16:46:15 +0800

Raw message

From: Lucky Green <shamrock@netcom.com>
Date: Wed, 2 Oct 1996 16:46:15 +0800
To: Norman Hardy <norm@netcom.com>
Subject: Re: Weaknesses in Smart Cards? (Re: FLA_wed)
In-Reply-To: <ae778e7901021004910d@[192.0.2.1]>
Message-ID: <Pine.3.89.9610012138.A15603-0100000@netcom9>
MIME-Version: 1.0
Content-Type: text/plain


> As best I can figure, extracting the secret from a Mondex card gives you not
> merely the money from the card, but the "digital plates" with which to mint
> arbitrarily much more money. I only say this because the only protocol the
> I can think of that fits what we do know of Mondex has this problem. This fault
> does not plague Chaum cash.

There is no way to know for sure, since Mondex won't release the specs, 
but just about everybody I talk with that knows at least something about 
their system agrees that if you crack a Mondex card, you will likely be 
able to mint money. Since Mondex allows transfers from card to card to 
card, it may be a long time indeed before the breech is disovered. If I 
were a Mondex issuer, I would be worried. Very worried.

--Lucky





Thread