On Sat, 13 May 2000, Linda Walsh wrote:
>Some people expressed uncertainty about the value of 'paper' certifications
>that provide no increase in the security of the product in the real world.
>
>I read an article
>(http://www.fcw.com/fcw/articles/2000/0508/web-fips-05-11-00.asp)
>that talked about a "smart card" that was the first to be certified to a
>particular standard (FIPS 140-1). Having the features of the card vs. being
>certified is worth an estimated $1 billion dollar contract to this
>company. These Smart Cards could be used, as I understand them, as the
>"authenticate user" part of the CAPP or LSPP requirements.
>
>I dunno about anyone else...but that's the type of marketshare and money
>that gets my attention. Having Linux compete in the billion $$ contract
>space is...well, somewhat "seductive" (not that I'm at all affected by base
>considerations of such a sum of money, of course, purely from a marketshare
>POV :-) ). Having that type of money trickle into the Linux space seems
>like a good thing for all Linux developers (higher demand for services,
>engineers, Linux software, etc). Tres cool!
It remains to be seen if the card is any good.
The goal is the "protect and isolate keys and data" - BUT:
1. How does the card know who is using it.
without some form of PIN, the card can be used by anyone possesing the
card, not just the "owner" of the card.
2. If the PIN is entered into a interface box then the PIN can be stolen.
3. If the PIN is entered into a computer, see #2
4. The card cannot be used for general encryption (I've heard that it is
~ 0.5 mips cpu). It can, however, be used to encrypt keys used to encrypt
data. You still have the problem of #2 since the key can be intercepted
before being encrypted by the card.
One of the goals I've seen have the card storing X.509 certificates. The
major problem is bandwidth. If the card transfers the certificate to the
host system for use, then the certificate is no longer secure. If the
card does the encryption itself then the bandwidth problem rises. This
limitation applies to nearly all uses of smart cards; E-mail certificates,
SSL certificates, other certificates or access codes.
The level 2 certification itself only refers to the card detecting mechanical
attack. All other certifications refer to the "goodness" of the encryption
used.
The card can easily be destroyed by a low level EMP, generating a DOS
attack.
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@cats-chateau.net
Any opinions expressed are solely my own.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:24 EST