cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1998-09-21 - Re: ArcotSign (was Re: Does security depend on hardware?)

Header Data

From: Douglas Hoover <doug@arcot.com>
To: coderpunks@toad.com
Message Hash: 580d1698b244c3973f66a25dc8bd0345878a17236101dea7e5f0d709b97be971
Message ID: <3606F570.FFFDDA3C@arcot.com>
Reply To: <199809211030.FAA05159@mixer.visi.com>
UTC Datetime: 1998-09-21 11:56:02 UTC
Raw Date: Mon, 21 Sep 1998 19:56:02 +0800

Raw message

From: Douglas Hoover <doug@arcot.com>
Date: Mon, 21 Sep 1998 19:56:02 +0800
To: coderpunks@toad.com
Subject: Re: ArcotSign (was Re: Does security depend on hardware?)
In-Reply-To: <199809211030.FAA05159@mixer.visi.com>
Message-ID: <3606F570.FFFDDA3C@arcot.com>
MIME-Version: 1.0
Content-Type: text/plain

In response to the interest indicated by the discussion on coderpunks/cipherpunks
mailing lists, we have put a technical note about the Arcot key container
("software smart card") on our site at:

        http://www.arcot.com/camo2.html

We would appreciate your comments.

This note doesn't tell everything about our method--we *are* developing a
commercial product, after all--but we hope that it will suffice to show
knowledgeable readers our main ideas and convince them that a software key
container that provides protection similar to that of a smart card is in fact
possible.

I should remark that:

- Arcot key protection does not depend on making client-side
  software complicated or on keeping the algorithms secret.  It
  depends on making it hard for an attacker to tell when he has
  cracked it, by keeping information that the attacker might use
  to identify the private key out of his reach (such as the
  public key).

- Consequently, there are significant restrictions on the
  situations in which Arcot key protection works.  For example:

  - It isn't useful for encryption.
  - It isn't good for stranger-to-stranger authentication.
  - It is good for authenticating yourself to your bank, an
    online merchant with whom you have an account, or to your
    employer.

- Like smartcards, it provides two-factor authentication--you
  need to have the key container and know the password in order
  to authenticate.  Its key protection is slightly weaker because
  it is easier to steal (just copy) a card without the theft being
  noticed.

- Of course, the crypto has to be done in software.  If your
  application warrants that level of paranoia, then maybe you
  really should be using hardware--but are you sure that your
  smart card is really signing the document you think it
  is?   Most commercial applications don't warrant this level
  of paranoia.  And hardware costs money.


Regards,

Doug Hoover



begin:          vcard
fn:             Douglas Hoover
n:              Hoover;Douglas
org:            Arcot Systems
adr:            2197 Bayshore Rd;;;Palo Alto;CA;94303;US
email;internet: doug@arcot.com
tel;work:       650 470-8203
tel;fax:        650 470-8208
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
version:        2.1
end:            vcard

Thread