two factor authentication

Jefferson Ogata Jefferson.Ogata at noaa.gov
Wed Jul 26 09:55:34 EST 2006


On 2006-07-25 21:41, William Ahern wrote:
> On Tue, Jul 25, 2006 at 09:14:42PM +0000, Jefferson Ogata wrote:
>> The thing to remember is that those assertions are true in theory, but
>> because of the closed nature of a smartcard, such assertions are
>> actually much harder to test than equivalent assertions about other systems.
>>
>> Smartcards are a bit like closed DRE voting machines in this respect.
>> And just as in election systems, the target market--high-security
>> applications--is inherently one which someone could benefit greatly by
>> exploiting.
> 
> I disagree. IBM researchers and others have published how-to's for breaking
> smart cards, and the design of smart cards themselves is fairly open.

No howto can tell you whether there's a secret signaling sequence that
will modify the behavior of the smartcard. Again this is just like
DREs--you can test them all you like, but it just takes one person who
knows the sequence of touches to invoke a modified behavior and swing an
election.

> However, so far the only way to break into a smart card inevitably destroys
> the card itself.

Which is exactly the problem. It's thus very difficult to tell whether
there's a hardware back door because if you crack it open to check you
may destroy it.

-- 
Jefferson Ogata <Jefferson.Ogata at noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt at noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service



More information about the openssh-unix-dev mailing list