Jeremy,
Here are some comments to the article.
PTDs vs. Smart Cards: The battle has
begun
PTD = Personal Trusted Device (usually in the
form of a mobile phone)
The smart card manufacturers have had ample of
time to establish a (de-facto) standard PKI card. But they have not.
Instead they are engaged in never ending standards wars making OS support
cumbersome and expensive.
In another camp people have been toiling with
PTDs for years without much success. One of the stumbling blocks
has been where to keep private keys etc. The SIM-card (which only applies
to GSM) has been thought as an appropriate place but it suffers from a serious
limitation: It is "owned" by an operator. But a user is likely to
need certificates from multiple independent "operators" (issuers).
In
addition there is a need to improve the security in the entire mobile computing
platform.
Apparently a remedy will relatively soon come to the world
consisting of billions of (for the users) precious mobile phones: http://www.arm.com/news/TrustZone270503
PTDs
compared to smart cards, are likely to reduce the complexity of integration with
Windows, Linux and Mac OSes as the "reader" is replaced by Bluetooth/WI-FI and
the cryptographic operations are high-level dittos.
Do PTDs have usage
advantages over smart cards? Absolutely. The main "ingredient"
making PTDs potentially extremely versatile and secure, is the fact that user
keys are controlled by a trusted device containing an Internet browser, a
powerful CPU, lots of memory, a keyboard, and supporting a wide range of
connectivity options. This should be compared to inserting a smart card
into an unknown slot running unknown software on a computer that the user may
not be in charge of. A PTD platform among many things, opens the door
to convenient uses of "indirection" like featured in VISA's 3D Secure and in the
Liberty Alliance authentication framework. That the very same device can
be used in three completely different situations also helps:
- Remote (connected over GSM/GPRS/3G/WLAN)
- Slave (connected to a user's desktop
computer)
- Local (ad-hoc connected to POS terminals
etc
I believe the moment has come to start establishing
PTD platforms using SW-based security that will be easy to migrate to use
HW-based security in 3-4 years from now.
Anders Rundgren
Consultant, PKI and secure e-business
----- Original Message -----
Sent: Thursday, May 29, 2003 11:59
Subject: [pki-tc] Fw: SV: Article of Le
Monde.fr / Hans Nilsson
FYI
Jeremy
----- Original Message -----
Sent: Saturday, May 31, 2003 3:10 PM
Subject: Re: SV: Article of Le Monde.fr / Hans Nilsson
On behalf of the Dutch government PKI taskforce I am right now
looking into the interoperability (or better mobility) issues related to
the use of different smartcards on diferent card accepting points (reader
+ drivers + middleware). If this issues can not be resolved, we are not
going to be able to roll out any kind of generic purpose smartcard be it
a PKI card or other, We can not live with a single-type/vendor-for-all
situation.
We know of a (=ONE) vendor of middleware that supports
multiple cards on multiple platforms. This may be ok for the nearest
future, but we need more than that if we want to survive the comming
years.
We are looking into Finread as well as Area K
deliverables. But what is the real support of these standards? Do they
really resolove (some of) the issues?
If some of us is also facing
this challenge (in a practical way), maybe we should discuss our
problems and findings somehow. Maybe a meeting?
If you are dealing with
this issue now, especially from a user perspective, feel free to contact
me personally or via this list.
Edward Hardam
Tor-Hjalmar.Johannessen@telenor.com
heeft geschreven:
>The article http://www.lemonde.fr/imprimer_article_ref/0,5987,3244--321098,00.html >should
concern us all, as it (among other issues) adresses the growing awareness of
compatibility problems for executing PKI-elements such as the support and
combinations of: >- SmartCard vs. >- Smart Card Reader vs.
>- OS (Windows / MAC / Unix / Linux /etc etc) vs. >- Browser
(Netscape / Explorer / Opera etc & variations between the
versions) > >A page showing an incomplete but scaring matrix
revealing some combination issues is presented by
FinEid: >http://www.fineid.fi/default.asp?path=4%2CTechnical+information%2F4%2CSmart+card+readers&template= > > >Another
issue concerning SmartCard solutions and SCCP EAL4+ requirements: >Will
a smartcard solution satisfy the CWA EAL4/EAL4+ requirements if the smartcard
reader is of the normal cheap type (i.e without dedicated key pad / display
etc.)where parts of the signature information (PIN-code, document display
etc.) must be routed over OS'es (WIN2000 / NT etc,)which decline to support
higher CC evaluation levels than EAL3 ? (Check any CC Evaluated Product
List) > >Regards >Tor Hjalmar Johannessen >Telenor
R&D >Norway > >------------------------------------------------------------------------------------------- >A
BabelFish (incomplete of course) translation of the LeMonde article is
enclosed below: > >Why the electronic signature remains dead
letter the WORLD | 22.05.03 | 13h57? UPDATED the 22.05.03 | 13h58
> >Three years after the law which conferred the same force as
with the handwritten signature to him, the electronic paraph and the functions
of coding which are associated for him are long in spreading. The complexity
of the organization necessary to its installation rejects the industrialists.
Deserted spans, cancelled conferences, dés?uvrés exhibitors... The environment
of the Show Infosec 2003, specialized in the computer security, which has been
just held from the 20 to May 22 at the CNIT in Paris, slices with the
effervescence of the last years. Three years after the adoption of the law on
the electronic signature, this one is long in entering the m?urs. Admittedly,
the industrialists must have patience so that the decrees of application
(2001) and the ministerial decrees (2002) specify the technical and legal
conditions giving to the electronic signature the same convincing value as
with the handwritten signature. Admittedly, "bubble Internet" burst in the
interval, tarin! g! > the financings. For as much, one is badly
explained the lack of enthusiasm with respect to a technology - the
infrastructure with public keys (ICP) - which was presented at one time like
the average ideal to establish confidence on Internet. It would allow,
announced one, to control the identity of the Net surfers, to guarantee the
confidentiality and the integrity of the messages forwarding on the network
and to keep the proof that the exchange of documents had taken place well. In
short, to use the open network to make circulate significant information, to
place from the orders, to sign documents, all expensive things in time and
silver in the real world. In the middle of the years 1990, most optimistic
counted on a market generated by the ICP of 3,5 billion dollars in 2005.
However, in 2002, it would not have exceeded 350 million dollars. BRITISH
SECRET SERVICE In theory, the ICP are a tool without rival. They rest on the
principle of coding known as asymmetrical, invente! d! > into 1973
within the British secret service, then rediscovered by > Helmann, which
in 1976 state the principle of it: to use a pair of keys, of which one is
public and makes it possible all to sign or quantify a document, while the
other is secret and makes it possible to its only owner to proceed to the
opposite operation. In 1978, academics, Ronald Rivest, Adi Shamir and Leonard
Adleman, proposed an algorithm allowing to carry out this prowess using prime
numbers. Their system, baptized RSA, is with the c?ur solutions ICP suggested
today, which rest on attribution with the users of indentity cards numerical,
the certificates, standardized and recognized by the majority of the software
of navigation or transport. It was enough to increase the length of the keys
to put them at the shelter attacks of computers increasingly more powerful and
able, from now on, to work in network on all planet. Technology is thus not in
cause.C' is its setting in?uvre which poses problem. The regulation envisages
a pyramid of actors. It includes/understands dis! t! >ributors of
certificates (in France, primarily Certplus and Certinomis) approved by
authorities of certifications (generally of the banks) which, themselves, are
the subject of procedures of qualification. One needs also validateurs able to
hold up to date the directories of certificates and to withdraw from them
those which arrived to expiry or which were revoked. The end-user must finally
be duly identified, which supposes sometimes a meeting physique."Le more
complicated, it is to organize confidence and to maintain it twenty-four hours
out of twenty-four ", underlines Richard Pirim, architect system safety and
network of the general direction of the taxes, which could judge complexity of
the problem at the time of the installation of téléprocédures for the payment
of the VAT by the large companies and the declaration in line of income tax,
to which 608 000 people proceeded in 2003. It is - with the chart of health -
only uses of scale IPC in France. Still the ministry
for! ! >finances it had to make compulsory the home-bankings of
the VAT fo >lion euros of sales turnover which is forced to buy
electronic certificates, The electronic signature however remains
confidential. Some start-up try to make it more convivial or attractive. It is
the case, for example, of E-picture-Certification.com, which proposes, except
ICP, a software making it possible to join an electronic signature with the
image of a handwritten signature. The young company Cryptolog ambitionne, for
its part, to make the economy of the deployment of key USB or card readers to
chip, the usual supports of the certificates to replace them by virtual
certificates stored on a distant waiter and protected by algorithms with null
knowledge. Others, like Audiosmartcard, sell sound smart cards which avoid the
recourse to expensive card readers, since they call upon the microphone of the
ordinateurs.Reste to knowing if the market is ripe. The authorities have, on
the matter, a major capacity of incentive. The project of indentity card to
chip of the ministry f! o! >r the interior could be used as free
certificate. Minefi considers several projects of téléprocédures calling upon
the electronic signature. But it cannot be allowed to propose an application
which would force the users in the choice of the material - certain software
does not envisage the storage of the certificates, Mac do not manage the
encryption algorithms and certain versions of Windows do not accept the Java
applications. To find a solution universal thus concerns the challenge. "a
complexity to make quiver the developers", notes Richard Pirim. Minefi plans
to call upon the large schools to develop an application of signature which
could be versed in the public domain. What has supposed new times... Herve
Morin an indentity card to chip is with the étudeLe ministry for the interior
board, for several months, on a new generation of indentity card, equipped of
a microchip. The working groups of the Beauvau Place did not rule yet
officially on the type and the quantity of! ! >personal
information which could be stored there. Biometric inform >, in
particular, the fingerprints. Such a possibility could cause the
emergence of new card readers to chip able to authenticate their carrier
formally. And justice the Ministers of Interior Department of G8, which met in
Paris, Monday May 5, committed themselves besides resorting to biometrics like
method of identification of their citizens. The United States already fixed,
indeed, at October 2004 the date from which controls resorting to the
biometrics of the identity and transport documents will be necessary for the
entry on the American territory. > > > >
>
|