[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: non-repudiation vs. revocation
-----BEGIN PGP SIGNED MESSAGE-----
At 08:46 AM 11/6/97, Peter Gutmann wrote:
>>It is not clear at all to me that non-repudiation is possible, given the
>>state of consumer OS and H/W development (and the Radar O'Reilly attack).
>
>What is the Radar O'Reilly attack (or at least, why is it called that)? I
>assume he got the colonel (or whoever) to sign something other than what he
>thought he was signing, but more precise details would be useful.
>
>I've sent this question as private mail, but other members of the SPKI list
>may like to know as well.
Sorry -- it's M*A*S*H trivia. Yes, Radar would get Col. Blake to sign
things by slipping them in under things that were legitimately signed and
then flip pages. With private key in a smart card, once you activate the
card for one thing, you can't be sure that that's what really got signed.
To be sure of that, you need the card itself to display to you what it's
signing -- not just a hash.
The problem is so difficult that we're forced to fall back on trusting our
H/W and OS as if it were a TCB -- which it isn't. Therefore,
non-repudiation is really out of the question.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNGDOVhN3Wx8QwqUtAQHaywP/UBNOP21nNeChf+aH4F/pAyWx+cJ6OtBq
x2ulEF/sdDkmrIIlmXYzFZ7tSCczIwqBXm3UCf9z4WidrhCJ1FHAiek6azJ04PXF
8Lg/dDuK2ypeLfXT+0LkDQlCkHeSKB5luvAkKXcuEn6/3QEg3Odk2gUd6rrHGgGx
FmNDq9CDFnY=
=DnXw
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups: