Crypto with Epoxy Tokens, Glass Balls and Lasers

Anonymous Coward writes "Scientists from MIT and ThingMagic have collaborated and developed an innovative crypto mechanism using epoxy tokens, glass spheres and lasers. They have actually created a physical one-way function that cannot be tampered, copied or faked! The full scoop can be found at MSNBC, and also at Nature, & TOI."

Great!!

[Unknown+Poltroon]

Let me just install that on my laptop.....

And this is humor, not a troll, lets see if youre smart enough to mod it that way.

Remember the SGI Patent? #@ +1; Informative @#

for random numbers with

Lava Lamps? Now there is Lava lamp cryptography.

Read about it at:

LavaLamp

Thanks and have a weekend !

Re:Remember the SGI Patent? #@ +1; Informative @#

[lukegalea1234]

I remember a story some time ago about a linux application that rendered ansi text from an image.

There was talk of pointing a web cam out a window onto a busy street or point it at a lava lamp in order to generate a constant stream of seed data for encryption.

Re:Remember the SGI Patent? #@ +1; Informative @#

[cant_get_a_good_nick]

or point it at a lava lamp in order to generate a constant stream of seed data for encryption.

They did this, it used to be on lavarand.sgi.com, but that server is no more. It baically would have a digital image of multiple lava lamps, take the numbers from the digital image, run it rhough some hash like MD5 and then use those as random numbers. Lavarnd.org seems to be the closes spiritual successor.

Re:Remember the SGI Patent? #@ +1; Informative @#

[Simon+(S2)]

i'ts called aalib.

from the site:
AAlib is an portable ascii art GFX library. If you wish to see some examples of AAlib technology, please browse AA-project homepage.

and here are some *pics* generated from the library.
i think it was intended to play doom over a network on a console, but what lukegalea1234 sad, is equally valid.

Re:Remember the SGI Patent? #@ +1; Informative @#

[DevNova]

How is this related? From what I'm understanding, the crystal method is highly random and STATIC. Static making it repeatable. The webcam idea is good for randomness, but it could never be duplicated.

Re:Remember the SGI Patent? #@ +1; Informative @#

[micromoog]

the crystal method is highly random and STATIC

Yeah, I agree. That band sucks.

Re:Remember the SGI Patent? #@ +1; Informative @#

I do not see this being a patentable technique,
since there is a lot of previous art that exists
in the forensic labs to identify lost jewelry,
where the glittering jewelry(containing diamond,
other precious stones/metals) being photographed
with a polarized light such as ultraviolet light
to produce a pattern that resembled a unique
signature for the jewelry. I do not think that
it is much different from the crytal ball approach.

Epoxy tokens, glass spheres and lasers.

[nob]

Geez people, can't we at least get some frickin sharks too?

Re:Epoxy tokens, glass spheres and lasers.

We tested a shark with a token embedded in its head, but it kept attacking the girl who was ringing up the purchase.

Old Technology, new twist

[lynx_user_abroad]

IIRC, something similar to this (very low tech) was used to create tamper-evident seals on things like the boxes guarding equipment monitoring nuclear sites, etc.

I think the process involved mixing a bunch of little tinfoil sparkles into a clear epoxy resin, applying the resulting glue as a seal, and photographing it from several angles. Simple to create, yet darn near impossible to duplicate a second time. If the blob is missing or different, something fishy is going on.

Re:Old Technology, new twist

[still_sick]

So remember, the next time a nuclear scientist asks to borrow your elbow macaroni and glue-on sparkles, he might not be making a birthday card for his mom - he might be ensuring the security of the world!

Re:Old Technology, new twist

The Japanese went patent mad, with much the same thing.
Their improved solution was paper ticket, with random splattered ink spots with speckled fibres, cheaper and forgeproof. Just dont doodle or drip tomato sauce on it.
Then color photocopers were invented.

Re:Old Technology, new twist

[Phil+Wherry]

A very similar technology been used for the identification of gems for quite a while. The idea is pretty much the same: shine a laser beam into the gem, then record the pattern generated by internal reflection/refraction. The technique has been around for at least twenty years, I believe. Still, the idea of a physical one-way hash function is interesting and quite likely useful.

Re:Old Technology, new twist

[LordMcD]

These devices seem to be deriving all their randomness by the natural (and intentional) "imperfections" of the creation process. This means that they only become secure when the devices are first analyzed -- *after* they are made. There is an inherent benefit and weakness to creating things in this hit-and-miss way.

Because the manufacturers are not trying to create pseudo-randomness themselves (invariably according to some algorithm, like creditcard numbers), it really is much harder for blackhats to reverse the one-way function. However, because there are no rules governing what a "valid" key looks like (they're just supposed to be unique), someone could very carefully create a number of these token that are, instead of random, very similar. Because practical implementations of this scheme are likely to scan these keys from pre-determines angles, the amount of difference allowed between these similar keys may be large enough to create "duplicates".

Note that this doesn't mean that blackhats can duplicate your key, but they may be able to create a matching pair and swap yours with theirs in the middle of the night...

Re:Old Technology, new twist

[dr_dank]

An even older application involved wax seals for letters.

Candles of different colors were dripped onto the envelope to create a swirl of color that can't be as simply duplicated as a single color wax seal can. The picture of the multi-colored seal was sent ahead to verify the authenticity of the seal.

Re:Old Technology, new twist

[Ralph+Wiggam]

Signet rings have been used to imprint wax seals on important communications for a long long time.

Very few things are actually new.

Re:Old Technology, new twist

[mwjlewis]

IIRC, something similar to this (very low tech) was used to create tamper-evident seals on things like the boxes guarding equipment monitoring nuclear sites, etc. I think the process involved mixing a bunch of little tinfoil sparkles into a clear epoxy resin, applying the resulting glue as a seal, and photographing it from several angles. Simple to create, yet darn near impossible to duplicate a second time. If the blob is missing or different, something fishy is going on.

Break the old seal, make your changes and replace the seal with your seal. Then take pictures of the new seal, and replace the old seal pictures, and forge the time stamp. Yes, it requires access to the location of the pictures. However, You would THINK, that it would also require a certin level of access to the Nuclear monitoring sites as well?

No encryption method, security process etc, is 100% secure. (period)

Re:Old Technology, new twist

[GigsVT]

create pseudo-randomness themselves (invariably according to some algorithm, like creditcard numbers)

How are credit cards even pseudo-random? There is a checksumming algorithm that all card numbers conform to, which is mostly to prevent typos, but they cannot be generated from a pseudo-random algorithm directly since there must be zero chance of a duplicate. I guess to avoid issuing them in predictable sequences, a pseudo-random algorithm is used to choose which number out of the pool of numbers that complies with the checksum is used, but calling them pseudo-random numbers is kind of inaccurate.

As far as engineering matching pairs... that seems like it would be as difficult as duplicating a known key. If you can generate a matching pair that is a non-trivial example, then you can duplicate a key.

The only advantage to matching pair is if you could create keys with very little randomness, which increases the chance of a matching pair forming. I'm sure the software to do the checking would require a key to have a certain amount of randomness, either that or the key would appear different to the naked eye, if it wasn't anywhere near as random as a normal key.

Re:Old Technology, new twist

[radish]

Just a question - how did they make the picture accurate enough without cameras? Did some guy sit there drawing it?

Re:Old Technology, new twist

Note that this doesn't mean that blackhats can duplicate your key, but they may be able to create a matching pair and swap yours with theirs in the middle of the night...

Blackhats ATE MY BALLS!

Re:Old Technology, new twist

[patniemeyer]

I believe nuclear materials are safeguarded using a similar system. A bundle of fiberoptic cables is used as a "chain", with the ends somehow twisted and locked. The twisting has the effect of breaking some of the cables in a random pattern that can be verified or monitored continuously by shining a light through the bundle. Presumably any attempt to remove the cable (or cut it) would alter the pattern.

Neat.

Pat Niemeyer

Re:Old Technology, new twist

[Kwil]

While the use of wax seals has died out quite a bit, it is not completely dead.

So they took a polaroid.

Re:Old Technology, new twist

[David+Roundy]

How are credit cards even pseudo-random?

I think the correct term would be quasirandom. A quasirandom sequence is one that fills a space in a sort of random manner while observing some constraints. For example, when performing a monte carlo integration, you would rather avoid sampling data points that are very close, so a quasirandom sequence can give better convergence. On the other hand (in the case of the integration) you sacrifice the rigorous error estimation that is possible using true pseudorandom numbers.

Re:Old Technology, new twist

[cheese_wallet]

if they trust the polaroid enough to not be tampered, they should just take a picture of the letter itself.

Re:Old Technology, new twist

[theCat]

In the Middle Ages when you made a contract with someone it was written twice on the same parchment, at the top and at the bottom. Then the parchment was torn in half unevenly between the two versions of the contract and each party took one of the halves. In the future should the terms of the contract come into question they could verify that the contract each held was in fact the original by realigning them along the tear; the originals would of course match exactly and the veracity of the copy contained therein could be verified.

The jagged edge of the contracts looked like teeth, Latin dent IIRC, and whoever held such a contract was said to be indentured

Didn't require lasers, of course, but did require that the two parts be physically present and visually verified, so it is remarkably similar in principle. The fibers and surface imperfections of the parchment (thin leather) would have taken the place of the glass beads in this case.

So, does the MIT patent fail due to prior art? ;-)

Re:Old Technology, new twist

[God!+Awful]

The disadvantage of this approach is that for these devices to be useful at say a supermarket, the master key still has to be stored on a server somewhere. If someone hacks the server, they can then impersonate you.

The advantage of this approach over other physical authentication techniques such as biometrics is that you don't have to trust the scanners. With fingerprint readers, once they scan you they can then store your fingerprint and impersonate you. That doesn't seem possible with this new approach.

Of course for pure theoretical security, it still doesn't match a smartcard with an RSA key encrypted with a strong 128 bit password that the user has to type in every time he wants to use the card. Unless you want to embed the smartcard inside a refractive epoxy for the best of both worlds.

-a

Re:Old Technology, new twist

[Kwil]

You forget that the object is not just to prevent tampering, but to keep it hidden from prying eyes.

Re:Old Technology, new twist

So, does the MIT patent fail due to prior art? ;-)

I think you would have a very good case, regarding the principle at least. However, MIT patented this specific method, not the principle itself.

Re:Old Technology, new twist

[Darby]

In the future should the terms of the contract come into question they could verify that the contract each held was in fact the original by realigning them along the tear;

So say you and I enter such a contract where you agree to give me $5.00 right now, and I agree to give you a pile of grain in a week. A week later , you bring your half of the contract to collect, and I say, "match what? You must be smoking crack"

Obvious circumvention scheme

[Mysterious]

Great. They use a laser to convert the 3D arrangement of glass spheres in an epoxy matrix to a 2D 'light/dark' pattern.

A crummy piece of film exposed at the sensor plane, then developed, could be used to get around this. Lay the film on the 2D sensor, and voila - the 2D pattern is duplicated!

Re:Obvious circumvention scheme

[forsetti]

Simple man-in-the-middle attack, so to speak. Capture your 2D token, relay it on on your behalf......

Re:Obvious circumvention scheme

[lynx_user_abroad]

Lay the film on the 2D sensor, and voila - the 2D pattern is duplicated!

Unless they shine several lasers on several different spots at different times in quick succession.

Re:Obvious circumvention scheme

[Remus+Shepherd]

I thought of that also. But I read the article more closely, and they mention that different view angles would be used to generate different speckle patterns.

A one-angle view of this token would not be secure, but a security mechanism that scanned the token through multiple angles would be very difficult to recreate. I don't know if they should be throwing around the word 'impossible', however.

Re:Obvious circumvention scheme

[brunes69]

It is impossible to re-create the crystal that generates the data, not the data itself. You are looking at this object which is used for physical security from a purely software standpoint. The data istelf (the pattern resulting from the laser through the crystal) is useless if you cant create the crystal which generated the data in the first place, because then you can't duplicate the card.

Re:Obvious circumvention scheme

[gsfprez]

if the pattern output is much larger than the diameter of the laser beam at the POS system.. and it looks like that is the point, and you put your film in lieu of the token, all you'd get would be a dark or light spot at the sensor.. because the laser wouldn't spread properly - it would just go right thru the film at some dimished value.

if you were to build a practical (read: a forged credit guitar pick to by a hard drive at Fry's) forgery, you'd have to come up with a way to force the ultra-thin laser beam to spread into that pattern...

what would you do? Bring a lens with you to spread the laser evenly over the film?

i can't think of an obvious way to make a practical forgery - but i'm not saying it can't be done. But your notion of using film is bogus.

Re:Obvious circumvention scheme

[Cheetahfeathers]

It's not impossible. Anything that can be created can be recreated. We just don't _currently_ have the engeneering skills needed to recreate it. Give it time... this kind of scheme will be broken too.

Re:Obvious circumvention scheme

This general method was discussed way back in 1997 by Tony Jenkins and David Perell. Basically they concluded that if it was implemented combining with current crypto methods, that one could effectively disguise the firsts methods in a criss-cross pattern.

Interesting stuff.

Re:Obvious circumvention scheme

[Mysterious]

You are absolutely correct - I missed that. But, how's this - a hologram of the epoxy/glass composite?

Granted they claim to address this in the article, I think their claim is bogus. In principle, using an optical probe a hologram is indistinguishable from the original, at least at the plane where the hologram is made.

Any informed comments?

Re:Obvious circumvention scheme

[ajs]

This falls into the catagory of "the analog would is hard to simulate" area of cryptography. These range from the wildly useful (e.g. radioactive decay sensors) to the "whoops, I though it was secure" (e.g. the example in Cryptonomicon of the woman who peeks at the bingo balls and "makes it more random").

Mostly it's a great way to come up with one time pads and otherwise feed random number needs in various crypto applications. Not terribly useful as a means of crypto per se.

Re:Obvious circumvention scheme

[Jobe_br]

While they do say it isn't currently possible to generate the crystal fobs using available techniques, they also say that reversing the pattern of dots to create a fob *is* prohibitively hard - this is the key. What they're going for here is something that is as easy to manufacture as credit cards, but a few orders of magnitude more difficult to forge/copy/etc. Anyone who's been paying attention over the past few years realizes that magnetic stripe cards are pathetically easy to forge and magnetic stripes are easily read using devices that can be had on the grey market. Once you've read a magnetic stripe, you can recreate the credit card that originated it with ease.

This is what this technology is meant to prevent. First, you'd need the laser equipment to read the fob to get the dot pattern. Then, to be sure, you'd need to make sure that you illuminate the fob from all sides, since the dot pattern is different depending on where the laser is shown from. Next, you need a fabrication facility to create these crystal fobs (currently not available, I imagine that'll change, too) and finally, you need a boatload of math to figure out what set of microscopic bubbles works together to form the set of dot patterns you scanned previously.

This last bit, the forcing function, if you will, is the clincher. I imagine that the reversal of the dot patterns to a layout of microscopic bubbles in the fob is an f(x) that's particularly difficult to reverse, at least on the order of factoring the product of large primes (if not more difficult).

Possible? Maybe - eventually, certainly. More secure than credit cards? You betcha. Especially since credit card fraud/theft is amazingly low-tech these days ... this type of technology would greatly raise the bar.

Cheers.

Re:Obvious circumvention scheme

[micromoog]

Well aren't you smart, coming up with an "obvious circumvention scheme" that the original expert researchers never thought of. Brilliant.

Oh wait, what's this? Oh, there's an ARTICLE to read? One which discussed exactly that, and how the laser can be shone through the fob at multiple angles, requiring the correct 3D structure? Hmm.

Re:Obvious circumvention scheme

[anonymous_wombat]

Great. They use a laser to convert the 3D arrangement of glass spheres in an epoxy matrix to a 2D 'light/dark' pattern. A crummy piece of film exposed at the sensor plane, then developed, could be used to get around this. Lay the film on the 2D sensor, and voila - the 2D pattern is duplicated!

The MSNBC article seemed to have the most details. They said that the outputs did not have to be reused. It sounds like a challenge-response system, where the server sends input patterns, and the reader sends back the output patterns. If they really don't have to be reused, then the above criticism is not valid.

Presumably, the server stores some finite number of input-output patterns, and then can send some subset of input patterns to be checked. By using different combinations of input patterns, even if some output patterns were intercepted, it would not be enough information to compromise this.

For example, if the server stored 100 different input-output patterns, and sent 5 input patterns to be verified for a transaction, then the total number of unique checks would be 100!/(95! * 5!), or about 75 million.

Of course, if different crooked merchants stole output patterns and pooled their knowledge, or if a customer made repeated purchases from the same crooked merchant, then it could possibly be broken. More information is needed about the system to understand its vulnerability to this type of threat.

Re:Obvious circumvention scheme

[whovian]

I tend to think of this like solving a many-body problem: you cannot obtain an exact solution. Analytic or numerical approximations, yes perhaps to an exent, but it's still not exact.

Re:Obvious circumvention scheme

[jetmarc]

> they mention that different view angles would be used to generate different
> speckle patterns.

The obvious circumvention technology for this is the hologram. It generates
different (programmable) patterns for different view angles.

jetmarc

Re:Obvious circumvention scheme

No. What you need is your own light source instead. Use a bunch of tiny photodiodes or such. I doubt that those readers would be extremely high-tech, high-res to precisely measure dot size, wavelength, etc, etc.

As a matter of fact, I would expect it'd be as difficult to bypass as fingerprint readers (take a gummibear)...

Re:Obvious circumvention scheme

So what? They will use how many, ten angles? To minimize the storage, computing power and hardware needed to read the card. I doubt there would be billions of possible angles to make "check out all angles" reverse engineering impossible.

It's a neat idea, but so are fingerprint / iris readers. Unfortunately, because businesses want cheap devices, you can fool them with household equipment.

Re:Obvious circumvention scheme

don't know if they should be throwing around the word 'impossible', however.

It all depends whether you're Cameron Diaz in a leotard.

Re:Obvious circumvention scheme

[micromoog]

All the device would need to do is check at least two angles simultaneously. No 2D forgery can bypass that.

Re:Obvious circumvention scheme

[p3d0]

Cool! Good thinking.

Re:Obvious circumvention scheme

[brandorf]

But you'd have to do some serious number crunching to produce a hologram that produced the same speckle pattern as the fob.

Re:Obvious circumvention scheme

Now read the article. The idea, if implemented properly, is not vulnerable to playback attacks, not practically.

Re:Obvious circumvention scheme

[onomatomania]

The articles weren't clear on this, but I got the impression that the "input angle" was constantly changed. That's the whole point, the device encrypts the input data (whatever angle the laser enters the thing) to the output of a specle pattern. To cheat you would need to have a mapping of "input X equals output Y" for however many different inputs are possible. That was what they meant about "storing terabytes of data in a small place" I believe.

The downside of course is that since you can only create one copy of each fob, you have to first record a number of input/output pairs in a database somewhere before you send it to the user. This is the real killer I believe, because for this to be useful you would need a very large large number of possible inputs, and each one would take up storage space at the database. But, storage is cheap, especially as time advances. Security of this database, however, would be an issue.

This also explains why "reversing" the device would be hard. Sure, it might be mathematically possible to take an output speckle pattern and come up with an arrangement of spheres to produce that pattern. Suppose you could even manufacture that resultant device (which they say is currently impossible.) This doesn't help you, though, since it would have to respond with the correct pattern not only to the one input agle you designed it for, but any arbitraty input angle (to the limit of however much data is recorded in the database.) So the problem is not finding a configuration that successfully maps A to B, it's finding one that maps A1 to B1, A2 to B2, A3 to B3, etc, which is much harder -- especially since it seems that changing the sphere coordinates even the slightest would alter the output significantly. Think about it, the amount of information in a speckle pattern is a lot less than the amount of information stored in the precise number and locations of the spheres. In other words, a given speckle pattern maps to a very large number of possible sphere configurations. The great challenge of breaking this would be finding a single configuration common to a number of speckle patterns, to the limit of the amount of data stored in the database. Their paper probably demonstrates that this is theoretically equivalent to brute-forcing hard crypto.

If only a single input laser angle were used, I don't see the point of this.

Re:Obvious circumvention scheme

[Darby]

difficult to reverse, at least on the order of factoring the product of large primes (if not more difficult).

Umm.... there is almost nothing easier than factoring any prime. Large, small, medium, they're all the same: 1 and itself.

Tokens, glass balls and lasers?

Sounds like a kinky high-tech peep show.

Evading the lameness filter

[Scoria]

They have actually created a physical one-way function that cannot be tampered, copied or faked!

At this moment in time, of course. :)

hmm...

[Quasar1999]

Can't be tampered with? Give me a hammer, I'll tamper with it... If I can't have the data, no one can!!!

Re:hmm...

[NeMon'ess]

kinda like cutting up a credit card or breaking a CD

Where can I get one

[doublem]

So, when will this baby be Available in CompUSA?

When will the Linux drivers come out?

Everybody knows that

[WetCat]

Glass ball and Extrasensory Medium is all we need
for 100% perfect encryption!

To clarify the story submission

[brunes69]

One thing know once you read the article(s), that really should have been included in the story submisstion, is this technology is more geared toward replacing things such as magnetic stripes on credit cards, and em cards, and whatnot. The tiny crystals that will replace these stripes produce a one-way function that is currently impossible to duplicate, so if widely adopted this would (at least temporailiy) make card couterfitting impossible. It is not describing a new encryption mechanism for your PC, or any software for that matter.

Interesting applications for storage

[ites]

"We have about a terabit -- a one followed by twelve zeros -- of information contained in a penny's worth of material," said Gershenfeld.

Re:Interesting applications for storage

[Corporate+Drone]

...except that they aren't controlling the information, just recording it for future verification...

Re:Interesting applications for storage

The information they're talking about is random and nonsensical. It's about as useful for replacing current data storage mediums as a jar filled with white and black sand-grains would be.

Hey.. wait.. I may be on to something!

Re:Interesting applications for storage

"a one followed by twelve zeros"

but that's only 13 bits...

Re:Interesting applications for storage

[Glamatron]

Hmm.. what if they turn out about sixteen trillion of them, and then use diff to figure out if the bead matches your data. The million-monkey theory can work, I know it!

Impossible to Compromise?

[Corporate+Drone]

Great... just one question, though...

how is stealing speckle patterns gonna be any different from stealing credit card numbers from "secure" servers?

Re:Impossible to Compromise?

[catfood]

With credit cards, the credit card number is the secret, the whole secret, and nothing but the secret.

With the new gizmo, the speckle pattern is not the secret. The secret is the arrangement of crystals, which isn't shared with anyone. Steal a copy of the speckle pattern and you have nothing.

Re:Impossible to Compromise?

[Salamander]

Because stealing the speckle pattern does you no good. You need to create a device that makes that pattern, when light is shone through it and an inaccessible air gap onto a sensor. You can't just lay something on top of the sensor itself because, in any even half-way sensible design, you couldn't get to the sensor itself without disabling the entire reader.

I actually think this idea is extremely clever, but I don't know if I'd consider it a method of encryption. Even if you had an LED grid representing cleartext on one side, so you could read the "ciphertext" speckle pattern on the other side, how do you decrypt that? What kind of resolution, frequency and loss ratio are we talking about? This seems like it might be a really good authentication mechanism, where a known input will only be converted to a known output in the presence of a unforgeable secret, but I don't see how it can work for encryption where the input varies.

Re:Impossible to Compromise?

I believe, that despite the words used in this article, that this is really more of a CRYPTOGRAPHIC HASH algorithm rather than an encryption algorithm.

A cryptographic hashing algorithm (for those of you who haven't taken basic crypto) is something that given a variable-sized input creates a unique output (of fixed size IIRC). It is not meant to be decrypted. The other end needs to have the original plaintext too. This is only a way to make sure that you know the same thing. Think MD5.

That's my take on it. believe what you want.

Re:Impossible to Compromise?

[lynx_user_abroad]

If I give you all of the information from my credit card, you have (in theory) everything you would need to know to charge purchases to my account. If you're sharp, you might even be able to keep the card number and expiration date in your head.

If several challenge/response rounds are requiired to make a purchase, you would only get a subset of the information with each purchase. Even if you had long-term access to the card, and could issue all possible queries, you'd need a rather large hard disk to store the info, and a rather fast computer to perform the lookup, and you've only managed to compromise one card.

Re:Impossible to Compromise?

[Dr.+Spork]

You're right that it's secure in cases where you use one of these cards in a retail store--in the sense that no one without your card can pose as you. However, what is to prevent the stores from saving your diffraction pattern (not the speckle pattern on the card but instead the resulting image) and then "using" your card as much as they want?

Also, if the connection between a store and the pattern validation server is ever intercepted, a hacker could just save your patterns and re-send them whenever they want to purchase pr0n or something. So I think the original poster was right: this is just like stealing credit card numbers. As long as validation is done by passing around a bunch of digital data, that will always be the point of weakness. Even now, the vast majority of credit card fraud happens not because somebody's magnetic strip gets duplicated, but because somebody's credit card numbers get stolen. It seems like making the physical cards harder to duplicate is barking up the wrong tree.

The only solution I can see is this: There wouldn't be a unique resultant diffraction pattern that gets passed around, but rather a two-way conversation between the validation server and the card reader. The server would ask three random questions of the sort "what pattern is produced when the laser shines from angle 1, what about angle 2, etc. The problem with this is that the validation server would have to know what the right answers are to all of the possible questions, and that creates a problem: either there would be waay too much data stored for each card, or there would only be a limited number of "questions" the server could ask. In the latter case, a thief's computer could just memorize all the answers to the few questions, and produce them without the card whenever the validation server actually asks.

Re:Impossible to Compromise?

[Salamander]

Your analysis seems right on target to me. Any system that's not challenge/response is vulnerable to replay by anyone who can intercept the messages involved, and this system only allows for a limited number of challenge/response exchanges.

I think the "validation server" approach might be problematic, though, since it allows new avenues for compromise. It might actually be better to store challenge/response pairs on the card itself, such that each use of a pair also erases that pair. Each card would then be good for a finite number of non-repeatable transactions, with server communication only necessary to "recharge" the card with new pairs. If the storage on the card and the challenge space are quite large, this is something the consumer would only have to do every N months or years, so it might actually be a decent convenience/security tradeoff even if recharging requires going to a service center or something.

Re:Impossible to Compromise?

[Dr.+Spork]

I really like this idea of storing challenge/response pairs on the card and deleting them after the transaction. This is basically a one-time pad idea, and it is truly secure, as long as the "recharging" of the card is never compromised, and as long as there is no way to steal question/response pairs from the card itself and then "fake it," posing as the card.

Unfortunately, I think the system proposed will not be compatible with this, because I don't think it's overwritable/erasable in the way it would need to be for this sort of validation. The traditional "smart cards" would make more sense for this purpose. However, their problem is different: their chips can be read and duplicated, something that appears much harder to do in this system.

Here is my understanding of how credit card transactions work today. After your card is scanned, your account number gets encrypted and sent to the MasterCard servers, where they look in a database to check whether it's a valid account and whether your balance is high enough to make the purchase. If it is, they send back an OK.

If the card sent a query-response pair to the bank, how would the bank be sure that the pair is coming from the card? How would it know that it's not coming from some data server that previously read your card and saved all the card's query-response data in memory? It seems that if we want to avoid this, the query must come from the bank itself, a sort of check like: "are you the real card?" What question would be asked would not be known to the card; only the answer would.

One way to get it to work, I suppose: first make the card, then read it at the bank to see how it responds to 1000 different queries. Save that at the bank. Then, send out the card to the customer. When the customer makes the first purchase, send out the first query during card validation. If it's the right card, it will answer in the same way it did at the bank when it was initially scanned. So on for the next 999 queries. Once you get to transaction 900 or so, the bank might just send you a new card. I guess it does require a lot of data archiving, but the system really does very safe.

Re:Impossible to Compromise?

[Salamander]

You're right that storing both values on the card forces you to assume that the sensor is not compromised and is reporting actual observed (rather than recorded) speckle patterns, and that's a bad thing. On the other hand, I don't think your suggestion really protects the vendor either, because the bank is still not authenticated to the vendor. Maybe we both need to go think about this some more.

Re:Impossible to Compromise?

[arkanes]

You put your little fob in the reader. The store reads your id, sends a challenge to the server. The server responds with a pair(or more) of angles to shoot from. The store does so and sends the resulting key pattern. Anyone saving and storing patterns will have to get ALL the ones stored on the server, which can be an arbitrary amount, and could be changed and/or added to at any time by the keyholder from certain trusted offices (maybe your bank).

Re:Impossible to Compromise?

[skeedlelee]

Insightful! Yes... I went in and read the actual article (in Science, with subscription, sorry), as a result, here's a rather verbose response. You're pretty close to what the original authors actually propose in the article. Essentially, the fob is just a rugged, cheap, light weight way of carrying around a zillion answers of ridiculous complexity to a whole bunch of simple questions. Before you're given a fob they would scan it at every angle, position and wavelength of interest, generating an enourmous number of possible questions to ask. Then they store the answer to all the questions. When you actually use the thing to make a purchase, a question is asked (ie. what do i get if I illuminate at X angle, Y position on the resin and with Z wavelength). A particular answer is given and compared to the stored answer. If it agrees, great. If not, try another. If it fails again, then it doesn't validate. The key thing though is that questions are never asked twice! As a result, the questions and the answers could be intercepted and stolen one by one and it wouldn't matter, as they could never be used again! When they run out of questions to ask (or get close) they have you get another 1 cent fob. The only real security problem I could imagine would be if someone cracked a reader and had it try to read all possible combinations while you were standing there. This would probably take too long to make it worth it. A partial read, well the theif doesn't control which question gets asked and if you have too many bad verifications, ie you're trying to use a partial read, they might drop by to check out your reader... Two other problems, if it gets stolen, you're SOL. Second, the reader is likely to be expensive, making it hard to use this to allow purchase authorization at home. So your problem... The problem with this is that the validation server would have to know what the right answers are to all of the possible questions, and that creates a problem: either there would be waay too much data stored for each card, or there would only be a limited number of "questions" the server could ask. The answer, a limited number of questions. This would probably be fine tuned to balance out the replacement cost, anticipated number of validations during the lifetime of the thing etc. Seems like storage might be an issue though. As far as the half baked work around everyone else seems to be proposing, reading the article helps. The only one which actually might work, reproducing the resin using the paired laser/heat harden resin approach might actually work at some point. But it would require having the fob in the theif's possession for so long that the original would probably have noticed as missing, canceled the old one and gotten a new one by the time it was ready.

Re:Impossible to Compromise?

[skeedlelee]

Ick-

should have used preview

clearly I'm a newbie

Re:Impossible to Compromise?

[Dr.+Spork]

Hey, thank you for this great response. This stuff is interesting!

Minority report

[knownsense]

reminds me of Minority report...

Re:Minority report

[briglass]

I agree. That's what I thought of when I first read it. We got a victim ball.

Well holy shit.

[Burgundy+Advocate]

They've discovered the one-time pad!

This is just fucking revolutionary. Somebody dust off the Nobel prize.

Re:Well holy shit.

[squaretorus]

I think you're missing the point with your sarcastic response. They did much more than you say! They made the one-time pad SPARKLEY!!

Re:Well holy shit.

[gazbo]

Do they use it only once? No. They use it every time verification is needed. Hence, not a one time pad, retard. (Different angles give different patterns, but since they need to be known about beforehand there is only a finite number, so the same patterns will be repeated)

Also, one time pads are for reversible cryptography. You know, when you write a message and someone has the audacity to expect to be able to read it at the other end. This is not reversible. It is a one way function, 'tard. You would be better comparing this with an md5 than a one time pad.

Jesus, do you actually know anything about cryptography, cock gobbler?

Re:Well holy shit.

I don't think what they did is great enough to get excited about. But you incorrectly surmise they have recreated the one time pad. The idea of the one-time pad is typically to make TWO and only TWO identical copies ... one for receiver and one for sender. The can share the pad, but in typical configurations there are two copies. They have a pseudo-one-way mechanical function.

Re:Well holy shit.

[Scarblac]

They've discovered the one-time pad!

No, they have not. That would mean that whoever receives a message sent with this data had the same pad, and that isn't the case.If it were, a 12-terabit stamp-size one-time pad would still be rather good.

I'm a bit unclear how this works in practice though. They say they can check the patterns the thing makes against a "secure" database. They can't store all the 12 terabits there.

So, I assume, they pick some number (say, 100) of ways to shine a laser at it at random, and store those in the server. When it's time for identification, the server tells the token reading gadget which position(s) the laser should be in, it sends the pattern back, and it can be checked.

One possible attack is obvious, it may be possible to find out which random spots for the laser have been stored for this token by asking for a verification enough times. However, that gives you the task of making an object that fits into a reader, that gives the right patterns for all the 100 ways... And that's Hard. So it may not even be necessary to randomize the laser positions, just check some number of standard patterns, and it will be too hard to make an item that can fake them all.

Thanks for listening to my train of thought. I think I get it now :)

Durability?

This seems like a really good system, one that for once is almost impossible to forge. However, it seems to have a major flaw: Durability. The Nature article states that "a token with a hole half a millimetre across drilled through it gives a speckle pattern clearly distinguishable from the original." So what happens when (not if!) the card gets scratched and worn? Will it immediately stop functioning? These secure cards won't be worth much if they have to be replaced every month because of wear and tear... and with the system they are using, error correction isn't an option (defeats the whole purpose of the tokens since tampering with them would then become possible).

Re:Durability?

Tarticle said:
Yet the process that transforms the speckle pattern into a string of digits can be modified to ignore accidental surface scratches.

Re:Durability?

Impossible to forge yes. But there still has to be a database the stores the signature read from the chip. That database isn't "impossible" to hack. Until a solution is developed so that its secure on both ends, there isn't a solution.

Re:Durability?

[photonic]

There are probably some tricks to prevent this. You could embed the active part (the epoxy with the tiny spheres) within a layer of homogeneous material (e.g. epoxy without the spheres) and use a lens to access the inner part.

This is similar to the trick they use in CD's. At the metal layer containing the information the light is focused to a few micron. This layer is burried almost a millimeter deep inside the plastic. At the surface the beam has a much larger diameter and tiny scratches are no problem.

Re:Durability?

[lynx_user_abroad]

Imagine a reader which could be remotely controlled and answer challenges. A challenge might look like "Set laser angle vector to x123y456z789 by x321y654z987" and a response would be the bit pattern readout.

You stick your crystal bead into the reader to make your purchase.

The remote computer sends a series of a thousand or so challenges and compares the responses to the known set taken berfore the bead was sent out. If 95% or so of the bits in 95% of the queries are correct, it's probably the original, scratches and poorly maintained readers not withstanding.

The drawback of this (if there is one) is that the manufacturer does not get to choose what information goes in, but must instead maintain a database of expected challenge/response pairs for each bead.

On the other hand, the scratches and such may become a part of the challenge/response. If a certain scratch causes a 0 bit where a 1 was originally the expected response, and the 0 is consistent, then you update your database to now expect a 0 response instead. (It opens up the theorhetical possibility of "training" the C/R database to accept two different beads as identical.

Re:Durability?

[p3d0]

Too bad you didn't read the very next sentence:

Yet the process that transforms the speckle pattern into a string of digits can be modified to ignore accidental surface scratches.

Even if this were not the case, why not encase the thing in clear epoxy? Then when you scratch it, you can just polish it smooth again.

(You are in serious danger of becomming a Slashdot Maysayer.)

Re:Durability?

[p3d0]

Too bad you didn't read the very next sentence. Here it is for you:

Yet the process that transforms the speckle pattern into a string of digits can be modified to ignore accidental surface scratches.

Even if this were not the case, why not just encase it in clear epoxy? Then when it gets scratched, you can polish it smooth.

(Careful---you are in danger of becomming a Slashdot naysayer.)

Re:Durability?

[p3d0]

Sorry, I replied to the wrong post.

In a related story....

[Tha_Big_Guy23]

McGuyver has made plans to begin work at MIT in their research department to create supercomputers from old ballpoint pens, and outdated telephone mechanisms.

Re:In a related story....

McGuyver has made plans to begin work at MIT in their research department to create supercomputers from old ballpoint pens, and outdated telephone mechanisms.

Hunh? How'd you guess that? You've perfectly described my Beowulfffff... awww, ffffuckit.

So what, that's only half the picture.

[brunes69]

Getting the 2D pattern is easy (anyone with access to a reader could simply get this pattern through software). You then have to manufacture a crystal which produces this pattern, so that you can use your new counterfit card at the Sony store, etc. This is the part that is currently impossible.

Re:So what, that's only half the picture.

[pete-classic]

No, you just have to create a card that absorbs the input laser and outputs the "correct" 2D pattern (and maybe looks good enough to get past the genius working the register).

Oops.

-Peter

Re:So what, that's only half the picture.

Look ma! I didn't RTFA. Or I didn't understand it.

Re:So what, that's only half the picture.

[brunes69]

No. The card doesn't output anything, it has no electronis, only this crystal. Both the laser and the device that picks up the patten ar eon the reader. So you'd have to duplicate the crystal.

Re:So what, that's only half the picture.

[pete-classic]

Your ability to miss the point is astounding.

To illustrate: You have one of these cards. It doesn't output anything, i.e. it is a passive device. I "borrow" your card, put it through a reader and learn what the "correct" output of your card is. I then construct a card that looks more-or-less like a legitimate card, but it is actually an active device that emits YOUR 2D pattern whenever it is scanned.

In other words, I can't fake the 3D structure of the card, but I am not at all convinced that I'd have to in order to make charges on your account.

Is that spelled out clearly enough for you?

-Peter

Re:So what, that's only half the picture.

[brunes69]

OK, so in theory you make your whiz-bang holo-emitter card (try to explain you you plan to emulate diffraction patterns generated by a laser through a crystal). Let's say you do this and it works. Now you go give your whiz-bang card to joe schmoe at the local best buy to get a tv. Woah there cowboy, whats this big black thing where the crystal is supposed to be?

No one would accept this emulator card you speak of, even if you could make one, which I doubt. And such emulator card would probably not fit in any ATM either.

Re:So what, that's only half the picture.

[pete-classic]

In all seriousness you should work on your reading for comprehension skills.

Why would I need a holo-emitter to project a 2D image?

I won't waste any more time on you.

-Peter

How Big a Problem Is This with Credit Cards?

[VirtualDestructor]

The concpet is pretty damn cool, and simple to boot. Elegant solutions always seem so obvious once someone smart come up with them first.

How big of a problem is this with Credit cards though? Don't the problems normally arise when a card is stolen, or accuired under false pretenses? Not that there aren't other applications for it, just the one they gave seems a little weak.

Re:How Big a Problem Is This with Credit Cards?

[Angry+White+Guy]

Although it is a very simple concept, the complexity of creating a transportable medium was the limiting factor. This could not have been done 20 years ago, as the lasers then looked like flashlight beams compared to today. Computer processing power was also a limiting factor.
Intelligence is only a small part of the equation. It is difficult to come up with a very simple solution to a problem that uses technology and manufacturing processes that are years away.
20 years ago, this thing would have had to be about the size of a brick, as beam density, laser accuracy, and manufacturing processes were not advanced enough to create something portable.
For other applications, the dream can drive technology. Weapons systems, space travel, and a utopian society are but a few things that can drive technology to create. A credit card that can't be copied is not a big enough dream to create technology, but it is big enough to take existing technology and innovate.

As for your second point, here's a thought.

The card currently would be useless to stop physical theft, right now. The scheme just relies on the frefraction of light to create patterns. Once you have the card, then Bam, you have the money.
But what if you could arrange these flakes into such a pattern that when light is passed through at a predetermined angle, it provides a composite of the card holder, which will appear on the POS terminal screen. Match the picture with the cardholder, then go ahead. The weakest link falls to the clerk.

-This idea has been released under the GPL. It may be freely distributed or modified under said terms.

Re:How Big a Problem Is This with Credit Cards?

[henben]

But what if you could arrange these flakes into such a pattern that when light is passed through at a predetermined angle, it provides a composite ...

I thought the security of the system relies on the fact that it's hard to make those kind of calculations?

-This idea has been released under the GPL. It may be freely distributed or modified under said terms.

The GPL relies on copyright and there's no copyright on ideas, sorry.

Re:How Big a Problem Is This with Credit Cards?

[Angry+White+Guy]

No, it relies on the fact that it is difficult to recreate the media, not create it. If you were to put a hologram of sorts in the media, and salt it, then it would work. Shoot the laser in one way, voila! It's you. Shoot the laser in at a different angle, then you have a completely different pattern. The media, however thin it is, is still 3 dimensional, and can hold lots of data.

The problem is that if it becomes that easy to produce, how hard would it be to reproduce? Putting your visage on the card, and then getting the background noise right, I would have to say damned difficult, especially if the lasers relied on bouncing through your picture.

Re:How Big a Problem Is This with Credit Cards?

[boskone]

the big benefit I see, is that you can have your card, then say every two years, you go to a VISA master reader, and it takes another 100 angles on it and the old angles expire as possible matches. Also, I can use the same card to go to my swiss bank, and provide as second factor authentication (against my password) where they use an entirely different set of angles/data and don't share those angles with anyone else. I can also now take it my local bank to access my checking account and they have 20 different angles that are not necessarily the same as VISA or my other bank.

The only big caveats are
1. Anyone that you treat as a "trusted reader" could concievably read all the angles, store all the date (12 terrabits?), and then fake the responses to visa in order to defraud you, but you'd think that you'd get suspicious standing at their trusted reader for 3 or 4 years while they read all the possible angles.

2. We'll still need account numbers, because otherwise the database and store don't know who you are and don't know who to authenticate against. So, you'll still need various account numbers in/on the card or in your memory (no thanks) so that when the terminal asks for authentication against VISA's server, VISA knows what angles to ask for and what the proper responses will be. Otherwise it's too big of a computing/security problem.

D

Re:How Big a Problem Is This with Credit Cards?

[MystikPhish]

Just include a PIN in the verification phase. The article mentioned a central database that stores a bunch of input/ouput combinations to use for verification.

So I imagine it goes something like:
==========
Card Reader: take a reference reading, transmit to CC Company. To identify the card.

CC Company: Verify reference reading, request predetermined (or not!) number of other readings (i.e. laser positions 23, 42, and 8974) to confirm the card. Request PIN reading.

Card Reader : request a PIN from user, use some hash to convert the PIN into a set of laser readings. Take the laser readings and transmit to CC Company.

CC Company: Compare the PIN readings to database and verify.

==========

I know that's simplistic but at least it requires 2 of 3 factors for really strong authentication (something you have, something you know, something you are). And unlike the debit cards we use now (i use anyway), the PIN can be a required part of the transaction.

Re:How Big a Problem Is This with Credit Cards?

[jam42]

I'm not sure what percentage of credit card fraud happens this way, but "skimming" is fairly common. When a customer makes a valid purchase, a crooked clerk or waiter swipes the customer's credit card through a handheld device that just collects credit card numbers. The thief then either uses the numbers him/herself or sells them to others who can use them for a few purchases before the fraud is detected. Here's an example.

Function that cannot be tampered, copied or faked

[jea6]

...until it is tampered, copied, and faked. Never say never, especially with regards to crypto.

I already have one of these in my wallet..

[gsfprez]

actually, i have 3.

there are 50 or so of em lying around at home, making my wife mad.

so explain again why guitar picks are news?
(my apologies to westsky in advance)

Jaz disks use something like this

I believe Jaz disks use something like this, there s a clear plastic wafer in the Jaz disk which was used to prevent competition in the media. This is why the Jaz drive has pretty much failed, the disks stayed too expensive because only Iomega could sell them.

Re:Jaz disks use something like this

[nxs212]

waat? They don't have anything like that. Also, they failed to catch on because 50% of the drives failed within 1 year. The rest fail 2 years later. Jaz drives are also well known for chewing up those pricy disks, destroying all data.

Not too useful..

This doesn't sound like it will be too useful to normal people. It doesn't even sound like it will necessarily be all that secure. In the end the object becomes a key and if the algorithm is known the key can be brute forced. They say that a terrabyte of information can be in such a small object, and I have no doubt of that. What I do doubt is that they use a terrabyte of information. If they go down to a small level they must be able to reproduce the exact same data each time. Because of this I'd guess they don't use anything quite near a terrabyte or even a megabyte. As computers get faster the keys will be brute forced faster. Ten years from now this style of encryption may be just as rediculous as current methods.

Re:Not too useful..

Please re-read for accuracy. I have no idea what a "terrabyte" is, but a "terabit" (as detailed in the article) is only 12.5% of a "terabyte." This is a very large, and critical difference.

Additionally, one doesn't want a terabit of "information," as this is designed to be, compared to current, a large hash. Data is not implicitly information - this is a critical distinction. One terabit of data, assuming it is gathered from a suitably random source, is going to be very, very difficult to reproduce/spoof/forge for a number of years to come.

Re:Not too useful..

It doesn't matter. Make a key larger just makes it take longer to crack. It may not be possible now but a few years down the road it may be easy. With the amount of computational power you could pull out of a $50,000 beowulf one should definitely be concerned with using such silly methods of encryption.

If each one was unique then....

[nenolod]

They (being whoever would want to) could track you via the usage of your epoxy token.

Re:If each one was unique then....

[Scarblac]

If each one was unique then they (being whoever would want to) could track you via the usage of your epoxy token.

You mean, in the same way they can track you by the unique *number* on your credit card already?

So what exactly is new here?

[skaffen42]

So we have a one way function that happens to be based on a physical object rather than being calculated by a CPU. I don't see how this makes it more secure.

I also don't see why this is any different than any other hardware based authentication (RSA tokens, smart cards, etc.) The tokens might be cheaper, but I bet the scanner is not going to be cheap.

And as with most authentication systems the big problem is going to be protocol attacks, not attacks on the cryptography itself. I don't see little glass balls changing this fact.

Yes I'm cynical. But probably with good reason.

Re:So what exactly is new here?

[str1chn1n3]

This scheme can't realistically be faked before time at your leisure, either by reverse-engineering a smart card circuit or by crunching for algorithms. If, by protocol attack, you mean intercepting and substituting communication after authentication, good luck trying to do that at an ATM today using existing authentication. Physical theft is the only choice. Otherwise, I agree that's it useless for unsecured transmission, but I don't think that's their intent-- only point of sale using secured readers.

Re:So what exactly is new here?

[jolshefsky]

The point isn't that it's more secure, it's that it is embedded in a physical, static object--essentially a passive device that generates reproducible random values given an input value.

In other words: the important part is that it's really really cheap. Given the same number-of-units produced, I can't imagine that even the cheapest smart card could be manufactured cheaper than a drop of epoxy with some shiny things in it.

Headline from Nature reads:

[dr_dank]

Cheap trick secures secrets

Finally! Something to go hand-in-hand with my REO Speedwagon encryption algorithm.

Re:Headline from Nature reads:

Must be using the Rick Neilson multi-guitar algorithm.

Re:Headline from Nature reads:

LOL!!!

Bank cards as well

[brunes69]

It could also be used on bank cards, thus preventing people from counterfitting them. I once read about a ring which was using an aptly mounted hidden camera to monitor people's PIN numbers. They then grabbed some ATM slips the person threw away (most people rarely keep/destory them) and manufactured a fake card using their PIN and their account information.

Shit

[papasui]

And all these years my family has been persecuted in Salem, MA and it turns out all they wanted was our crystal balls!

Re:Shit

[papasui]

The most clever thing I've said in the last month and I get modded troll. I wish there was a Not Funny. :(

What about...

[Thud457]

those laser etched "glass" paperweights you see at places like Disneyworld? They use some sort of clear "glass" and a laser is used to create "bubbles" inside it.

It seems that it might be possible to use something like that to create a "duplicate" key. (Ok, so this is an awful lot of conjecture... gimme $5M and I'll see if I can break it.)

Neil Gershenfeld

[AlphaHelix]

Notice that one of the authors on this paper is Neil Gershenfeld, author of The Physics of Information Technology, reviewed here exactly a year ago yesterday (at least I think it was a year. The searched Slashdot postings have no year indication on them. Is this a Y0K bug?) I liked that book, actually. It had a very readable section on the fluctuation dissipation-theorem, though I think it gave short shrift to research on the underlying causes of the FDT.

Re:Neil Gershenfeld

[onomatomania]

The searched Slashdot postings have no year indication on them. Is this a Y0K bug?)

No, it means you haven't changed the date format in your user preferences from the stock. By default no year is shown, but that's just one of many formats. Of course you have to be logged in for this to have any effect.

Help me understand.

[teamhasnoi]

If the laser is shined through at a different angle, however slight, how can you get an accurate reading?
Would wear and tear change the shape of the token, rendering it useless?
If this stores a terrabit of info, how can we get it to store the info we want?
How will the government be able to demand a backdoor to this tech?
Will I ask any more questions?

Re:Help me understand.

[protoshoggoth]

If the laser is shined through at a different angle, however slight, how can you get an accurate reading?

Think of it as a key with a square barrel. You put the square barrel into a square receptor. This lines it up properly. Would wear and tear change the shape of the token, rendering it useless?

Eventually, I'm sure it would. It doesn't have to last forever, just like the stripe on the back of a credit card doesn't last forever.

If this stores a terrabit of info, how can we get it to store the info we want?

We can't. Not that it matters for the proposed use.

How will the government be able to demand a backdoor to this tech?

How will they make such a demand? Whinily and petulantly, as always. But I'm not sure they will be able to get one no matter how much they pout. Of course the main point of this (so far) is not using it to encrypt data, but only as a replacement for credit cards, so for the moment the gov't would only need a 'back door' if they wanted to buy stuff and charge it to you. They have another way of doing that already, called 'taxation'.

Why are holographs prohibitive?

[Christopher+Thomas]

The article claims that making a holographic forgery would be prohibitively difficult, but doesn't explain why.

You could almost certainly make one if you had the original card to duplicate.

If you had the verification information for the card - the list of patterns the scanner looks for - you could probably make a holographic reproduction with a bit of fiddling (the same multi-exposure technique is used for making aminated holographs that move as you change viewing angle).

You'd have a hard time duplicating the card just from observing one transaction, but the same holds true for electronic media (one challenge/response pair does not give you a smart card's key).

Does anyone have further details on why the researchers say this would be difficult to forge?

Re:Why are holographs prohibitive?

[Hal-9001]

Holography requires sufficient film resolution to record the information content of the object modulated on a high spatial frequency carrier. In simplistic terms, lots of images of the object from different perspectives are recorded on film as a hologram, which means the film resolution requirement for making a hologram of the object is much higher than for taking a photograph of the object. The problem here is that the object is so detailed that you could not find film with sufficient resolution to record the hologram.

The original Science article cites an Applied Optics article from 1984, which I'm would guess basically says what I've said in the previous paragraph.

Re:Why are holographs prohibitive?

[snol]

The explanation in the actual paper is this:

Beyond the obvious constraint of having to record 10^11 or more distinct interference patterns in order to produce the hologram, the incoherent superposition of these N patterns decreases the overall diffraction efficiency of the hologram by 1/N, making them all effectively unobservable.

DRM implications

[ortholattice]

So, the next step is to manufacture CDs with copy prevent^H^H^H^H^H^H^Hprotection using these tokens. (Sigh.)

Dear Moderators,

how the hell is a complete mis-reading and mis-understanding of the article, not to mention something that is possibly a very subtle troll, called "insightful"?

Maybe this is too secure?

[mustangdavis]

"Cryptosystems don't protect information if they're not used. The introduction of physical one-way functions greatly expands where, and how, information can be protected,"

Has anybody considered the idea that this form of encryption may be "too strong"?

What if Bin Laden & Co. start using encrytion like this? How is our government going to determine which building will have a plane inprint next?

Sometimes encryption isn't such a great thing ...

Just my $0.02

Re:Maybe this is too secure?

Well the obvious solution is to drop large amounts of explosives from the air onto any non governmental location or person that is known to be using this unbreakable form of encryption, just in case they are using it for illicit purposes. In the future, privacy will be a one way affair, the government will have it, you will not.

Re:Maybe this is too secure?

Of course you're right. Only the governments of free countries like the USA should have strong encryption. I think the arguments for personal and commercial privacy and use of strong encryption are weak. I mean, what is really worth hiding that you need to hide it so well? Once the government has absolute power, and people are bent to their wills, we'll all be safe under their protective wing... wont we? And since so many people voted for the 'wrong' person last time, maybe we should get rid of that system too.

Re:Maybe this is too secure?

What's good for the goose is good for the gander. If we can dream it up, we'd be fools to think that our enemies could not, so it's better to advance the state of the art at the risk of helping our enemies, knowing full well that our enemies are not stupid, nor will they give up just because we have decided to retard the state of the art on our end.

Early results

[doublem]

In the first week, his research team added garage door openers and discarded pie tin plates to the mix.

When MIT announced that they would dedicate several old Apple IIs to the project, MacGyver was quoted as saying, "I'm excited, but it's still overkill for the project."

In the first week, he developed a quantum computer that can crack RSA 128 bit encryption in 0.034 seconds, predicts the weather with 97.5% accuracy up to 10 days in advance, located Jimmy Hoffa and solved the mystery of crop circles.

And then he built a beowolf cluster of them.

And the marketing poeple. . .

[dasboy]

will bill this as "Cryptography with balls."

Easily Damaged?

[miket01]

From Nature:

Tampering with a token also quickly destroys its validity: a token with a hole half a millimetre across drilled through it gives a speckle pattern clearly distinguishable from the original.

I'd imagine it'll take a little work to keep these things from getting scuffed or otherwise damaged beyond recognition through regular handling, especially if they end up on your key chain.

Of course, a really sophisitcated system might take that into account, and update the key profile to recognize each key's unique wear and tear.

Re:Easily Damaged?

[gene_tailor]

From the original Science article: "To protect the token from accidental damage, it can be encapsulated in a scratch-resistant material, and the multiscale Gabor transform can be tuned to reject speckle features arising from surface scratches while preserving features that originate from the internal microstructure. "

OT: Article Photo

I like the way scientist-types have to peer at the camera with that "I have changed the f'in' world!" look every time they're photographed for a popular article. I can just hear the photographer shouting "Give it to me baby!" and "C'mon, make me wanna worship you! Yeah!" I just hope they're laughing heartily afterward, and that the gaze of superiority doesn't become permanent. ;)

OT, but nevertheless

[back_pages]

Why list the submitter as an Anonymous Coward if you're going to link to what appears to be a personal email address? No good deed goes unpunished indeed...

Defeats one of the purposes of smart cards

[John+Harrison]

One of the nice things about a smart card system is that it doesn't have to go onlne for each transaction. From the descriptions it seems that this system does have to check with a database at the time of purchase. So the speedup from a smartcard is lost.

Re:Defeats one of the purposes of smart cards

[GigsVT]

. So the speedup from a smartcard is lost.

I don't know about you, but when I use my credit card in a swipe terminal, even if it has to dial in, the transaction still takes less than 20 or 30 seconds. Most stores have permanant connections to the clearing house anyway.

It could reduce cost to not have to connect for each transaction, but probably not a lot in most cases. I'd bet that all but the largest stores could use a single modem to clear all transactions for credit cards... Hell, last I checked, most clearinghouses only supported 2400 bps modems, nothing faster.

Re:Defeats one of the purposes of smart cards

[John+Harrison]

transaction still takes less than 20 or 30 seconds

How about 2 seconds total? No mag stripe running out after 6 months? It would be noticably faster. It annoys me every time I use a credit card because I am aware of how much time is being wasted. If I am just grabbing a Coke at the 7-Eleven, I shouldn't have to double my time in the store by using a credit card, annoying everyone behind me in line.

Re:Defeats one of the purposes of smart cards

[GigsVT]

It's only the small shops with few transactions that dial-on-demand. In any store that has a line waiting, the terminal would already be dialled in and connected, reducing the time to 5-10 seconds or so in my experience.

Are you really so caught up in our society that 5 seconds a couple times a day is that important to you? Some unsolicited advice: slow down. You are going to give yourself a heart attack.

Re:Defeats one of the purposes of smart cards

[John+Harrison]

Are you really so caught up in our society that 5 seconds a couple times a day is that important to you? Some unsolicited advice: slow down. You are going to give yourself a heart attack.

I didn't know that this was going to switch from a technical discussion to making assumptions about my health. :) Maybe I notice it because I do smart card development, so I am not your usual observer, rather than that I am a time obsessed wacko.

That said, you have changed your numbers to bolster your argument. I still argue that I often reach for cash when I think that a credit card would take longer. You might not. That is fine. I can think that a smart card would be nice in such situations without being insane. Also, you are not going to have a heart attack for not agreeing with me.

Re:Defeats one of the purposes of smart cards

[sbeitzel]

If you're just grabbing a Coke at the 7-Eleven, just use cash, for crissakes!

Re:Defeats one of the purposes of smart cards

[GigsVT]

you have changed your numbers to bolster your argument.

Just note that I did not change my numbers, I said that it takes 20-30 seconds when the terminal has to dial in (on demand). Most terminals are already connected, in which case it takes 5-10 seconds, or less, to be honest, I never noticed a delay when using a CC unless I actually heard the terminal dial in especially for my transaction, so it may be less than the quoted 5-10 seconds, I am just giving it the benefit of the doubt.

Bypass the sensor unit

[sckienle]

OK. I sneak into a store at night, install a little dongle between the reader and the phone line (I'm using the credit card readers just as an example). I come back the next night, and I have all of the patterns sent out to be validated that day! Once I have the patterns, I don't need the reader, the fob or any physical item anymore.
</p><p>
One "obvious" solution to this is to encrypt the pattern at the device before it is sent, but now we're back into the standard encryption world, and we know that nothing is perfect there.
</p><p>
OK, so we change the pattern based on the date and time with a "protected" algorithm. Like that can't be solved.
</p><p>
Well, then we'll use a system like the "SecureID" cards with each credit card unit including the random/automaticly generated token as part of the encryption effort. Well that would be a little more complex.
</p><p>
But in the end, all of these solutions can be applied to the current barcode read from credit cards before it is sent over the phone lines today. The use of a 3D number/key generator, which is really what this is, won't change that.
</p><p>
P.S. Don't ask me how this could be used at Websites.... Pardon me, while I send this huge bit representation of your 3D fob over this dinky 56Kb error prone phone line. Right....</p>

Re:Bypass the sensor unit

[sckienle]

Oops. Sorry for the extraneous junk. That was my first post here!

Re:Bypass the sensor unit

[autopr0n]

OK. I sneak into a store at night, install a little dongle between the reader and the phone line (I'm using the credit card readers just as an example). I come back the next night, and I have all of the patterns sent out to be validated that day! Once I have the patterns, I don't need the reader, the fob or any physical item anymore.

except, the fob is a function, not a set of data, and can produce an infinite number of possible outputs. You only have the outputs for one input

One "obvious" solution to this is to encrypt the pattern at the device before it is sent, but now we're back into the standard encryption world, and we know that nothing is perfect there.

If by 'not perfict' you mean 'takes a million billion years to crack'

OK, so we change the pattern based on the date and time with a "protected" algorithm. Like that can't be solved.

huh, why? Did you have a million billion years of computer time to spare?

Well, then we'll use a system like the "SecureID" cards with each credit card unit including the random/automaticly generated token as part of the encryption effort. Well that would be a little more complex.

But in the end, all of these solutions can be applied to the current barcode read from credit cards before it is sent over the phone lines today. The use of a 3D number/key generator, which is really what this is, won't change that.

ok, not like any of that made any sense...

P.S. Don't ask me how this could be used at Websites.... Pardon me, while I send this huge bit representation of your 3D fob over this dinky 56Kb error prone phone line. Right....

Well, obviously we wouldn't as you. you don't even know what a hashcode is.

Re:Bypass the sensor unit

[sckienle]

OK, either you don't wish to understand what I meant, or maybe you really don't believe it. Not my problem.

But I still feel that everyone is so concerned about securing the starting point for transactions, that they totally ignore the security during transmission and the at the end point, which has to keep some aspect of the starting point to validate it.

Still a major flaw in this for 'Smart Cards'

[Christianfreak]

The MSNBC article goes on and on about how this is great for 'Smart Cards' but in reality it doesn't make them that much more secure that credit cards because most of the theft that happens with credit cards is not breaking into computers, rather it's physical theft of the cards themselves.

A 'smart card' isn't going to stop a pick pocket from theiving your wallet so we're back to square one.

And not to be troll but has this been on /. before? It seems vaguely familiar.

Re:Still a major flaw in this for 'Smart Cards'

[seaan]

...because most of the theft that happens with credit cards is not breaking into computers, rather it's physical theft of the cards themselves.

Stealing the physical card happens, but it is small potatoes. Fake cards (usually copies of legitimate cards) are a really, really big problem. Credit card companies loose billons of dollars a year due to fake cards.

The biggest issue I had from reading the article, was figuring out how the one-way-function was going to be verified. It's nice that there are a terabit of combinations that could be used, does this mean the issuer is going to have to store a terabit of data for each user?

If they only use a subset, than we no longer have the security range of a terabit of information do we? All an attacker has to do is figure out what the subset that will be used is. Since it is "copy proof", it is not like the host can perform a duplicate one-way-function. I don't think this will become practical unless they can clearly resolve this issue.

Re:Still a major flaw in this for 'Smart Cards'

[skeedlelee]

does this mean the issuer is going to have to store a terabit of data for each user?

The issuer doesn't have to worry about knowing ALL possible query response combinations, just a number of combinations that is large enough to last the fob's expected lifetime, maybe 1000 queries (angle, position etc) and responses (the hashed specle outputs). This is still a significant amount of info, but should be less than 10M for each fob, a reasonable amount by today's standards.

All an attacker has to do is figure out what the subset that will be used is.

A good point, but since the issuer controls the questions, they could randomly decide which queries out of a very large set to store. A theif would then need to know the answers to many, many more queries than the issuer needs to store.

Diff the data for storage.

(This is obvious, not patentable stick it in a prior art db somewhere)
You don't need 16 trillion of them for reasonable data storage. If you have an nice even 8 (this is base 2 ;) of them you have a terabyte.

Good CPU power ($200 in 2002 ) buys you the ability to take data from your hard drive, and find it in the crystal. Not create it or order it there, just find it, in a non-contiguous block.

Generating a few equations for an hour or so on your CPU and you have a small data pointer to the large data blocks of the crystal.

PKzip used to take an hour to open a big archive back in the day, "Melt" can take an hour today.

Now reading the terabit off a glass bead/plate, thats the pricy part today.

JQRandomPublic

Minority Report balls

[henben]

I wondered why they used those coloured balls to deliver the psychic crime predictions in Minority Report. I thought it was bollocks, but maybe it makes sense in the light of this. Please append your Samantha Morton/balls jokes below. Humunnah.

you need to spend some time away from your compute

[OppressiveGiant]

If you're stuck thinking in binary, you probably need to go out some. See the daylight. Meet people[without posting on /.]. Just remember when the guy at wendy's says "two dollars" If you give him the one marked $10, make sure you get change.

ICBMs :)

[the+bluebrain]

I recall reading something very similar in I believe Scientific American (which is not searchable, unfortunately), oh, ages ago. Used to identify ICBMs / warheads / other missiles during arms reduction discussions between the US & Russia (might even have been so far back as to make that USSR). Basically a splash of epoxy with sparkles mixed in on some disasterously-expensive-to-replace part of the device, snap a photograph and/or hologram, and the device is reliably tagged.

So it's become cheaper, cheap enough even for everyday use. However, the possible uses I can see are rather limited: local authentication, and pretty much nothing else.
It's good for credit cards, but only if the card is physically read by the entity requestion authentication, and only if that entity is online (or has a local database of the speckle pattern of all cards worldwide, plus a magically updated revocation list).
For any non-local authentication it doesn't seem much good ... unless of course Fritz [Hollings] gets his palladium-plated way and we at some point do get tamperproof, "trusted" hardware (... to play around with - I'm looking forward to that).

So ... it raises the price of duplicating a unique physical dongle.

But it definitely has nothing to do with crypto (i.e. encryption) ... what was the author of this /. article taking? I want some.

Stereolithography

[Inda]

I did a lesson at college on Stereolithography about 10 years ago. The process of curing two-part epoxy resin with the heat generated with laser lights. It was very accurate back then; more than adequate for producing A1 models and patterns.

I'm wondering how accurate it is now or how accurate it could become.

Bitchslap me! May I have another?

[teamhasnoi]

Please mod this down to - 17 Redundant. I won't be happy until -17 Redundant is reached. Preferably by someone with no sense of humor.

Quickly! They know we are here!

Re:Bitchslap me! May I have another?

Please mod this down to - 17 Redundant. I won't be happy until -17 Redundant is reached. Preferably by someone with no sense of humor.

Quickly! They know we are here!

Re:Bitchslap me! May I have another?

Please mod this down to - 17 Redundant. I won't be happy until -17 Redundant is reached. Preferably by someone with no sense of humor.

Quickly! They know we are here!!

Re:Bitchslap me! May I have another?

Please mod this down to - 17 Redundant. I won't be happy until -17 Redundant is reached. Preferably by someone with no sense of humor.

Quickly! They know we are here!!

This wont last long

[Xel]

Slashdot article, September 30th:

MIT's New Glass Ball/Laser Cryptography Broken By Magic Marker.

Re:Function that cannot be tampered, copied or fak

[birder]

... or simply bypassed.

What I want to know is...

How long this encryption scheme will be popular once Joe Sixpack leaves his holo-card on the dash of his truck and can no longer see his GB's of pron or e-mails from Mom?

r.b.

Nano-Technology

[Josuah]

Impossible to copy/forge/tamper unless you believe in Nano-Technology. In which case, this "crypto" is only good for the next decade or two.

glass balls

Look at my one-way function of glass balls, epoxy token that cannot be tampered with.

Something similar speculated on in 1920's sci-fi

series called the grey lensman by E.E. "doc" Smith IIRC. Law enforcement was struggling to find a non-forgable form of ID, and one of their failed attempts was a 3D crystal. Interesting that this idea has been around that long.

What's really going on here

[Animats]

First, here's the thesis. The Nature article is lousy. (Nature used to be a prestigious journal in the life sciences, but when it gets into computing, the articles read like something from Popular Mechanix. But then, Popular Mechanix was a serious scientific journal a century ago.)

This is an improvement on an idea from the 1980s called "quantum subway tokens". There have also been a few schemes involving 2D speckle patterns as unique, hard to forge data items. But they're not challenge/response, like this. Challenge/response devices exist (Sun's Java-powered jewelry, the Dallas Semiconductor button) but they're more complex. On the other hand, their readers are simpler than this optical system will require.

The useful advancement in this thesis is in section 5.3.4, where the authors demonstrate that the registration of the scanning beam doesn't have to be extremely tight. You'd think this scheme would involve optical-bench precision, but it doesn't. (Well, actually it does, but not wavelength-precise optical bench precision. Still, it involves micrometers driven by computer-controlled stepping motors and a very rigid fixture. It's not a "just swipe the card" system.)

The trouble with this system is that there's no public key associated with the object - only a huge number of possible challenge/response pairs. Validation at an untrusted reader is done by probing the object using challenges previously performed at a trusted reader. Those challenges are "used up" as the object is validated, because otherwise, they could be replayed. This is much less convenient than a public/private key system. It's more like one of those systems where you have a wallet card with a long list of challenge/response pairs for logging in. The only advantage here is that the object isn't copyable. It's still stealable, of course.

It's kind of neat, but probably not commercially useful.

Re:What's really going on here

[David+Roundy]

Validation at an untrusted reader is done by probing the object using challenges previously performed at a trusted reader. Those challenges are "used up" as the object is validated, because otherwise, they could be replayed. This is much less convenient than a public/private key system.

This is a good point. However, for something like an ATM card, this probably would be no problem. The bank stores 1k speckle patterns from my token and uses them for the first thousand times I use it. Then (around the 900th time I use it) it tells me I need to go to the bank's ATM machine to get my card recharged. There the machine records another thousand speckle patterns at another thousand angles. Once this infrastructure was in place, this wouldn't necesarily be an inconvenience.

Re:What's really going on here

Right, smartcards (or those little Java toys you listed) are more useful in real life and do similar things plus a whole lot more.

Re:What's really going on here

[onomatomania]

Good points. But I suggest that as time advances this will become more realistic, since storage costs should eventually become trivial. You would then be limited only by the amount of time it takes to store the challenge/response pairs in advance. And the security of that database, of course. And the cost of the reader hardware. But for certain applications, it would be very nice.

What would be even neater would be if there was some way to make two identical spheres at creation time, while retaining the properties of being all but impossible to duplicate after that. Then you could create these pairs, and send one to the user and keep the other at HQ. Authentication then becomes a matter of picking a good challenge and testing it on both devices. That would really open up the possibilities, since those "terabytes" of information could be put to use. THAT would be really cool, but I don't see how it would be possible.

Tamper Proof?!?!

[iai]

I think any physical solution can be tampered with, with a sledge hammer.

-i@i-

Encrypt a CD/DVD for copy protection?

[Rudolfo]

Suppose in a DVD-like media you include this new epoxy token encryption mechanism and have the data stored on the DVD encrypted by it. Each individual DVD would have a unique built-in token (and encryption scheme) that could only be decrypted if you read the token of the DVD.

Of course, at some point, the decrypted data is visible internally to the computer.

Re:Encrypt a CD/DVD for copy protection?

[usurper_ii]

That would be redundant, since DVDs already have darn good encryption on them to begin with. ;)

Re:Encrypt a CD/DVD for copy protection?

[Erpo]

Of course, at some point, the decrypted data is visible internally to the computer.

Yup. True for any system. However, I don't think using them as individual keys on a per-media basis would fly. That would mean the data on the dvd would have to be encrypted individually with whatever key was attached to it, which means that stamping out large numbers of dvds from the same master would become impossible. Considering that it would be way too slow to burn dvds one by one at manufacturing plants, I don't think the media companies would go for it.

Very old news

[nagora]

This was suggested in an issue of Scientific American sometime back in the mid or early 80's. I remember it because I stole the idea to apply to my Traveller campaign to reduce the number of stolen space ships.

The idea was that the hull of each spacecraft was coated in embedded diamonds (cheap in the future because DeBeers' monopoly is gone). The police can then read your hull with a laser from 1 million miles away and you can't forge the "number plate".

TWW

Validation

[toast0]

I read two of the articles, and they don't answer my question of how is this useful?

The construction of the tokens is fairly random, so its not know what the results of X angle on Y token will result...

Another comment mentioned that they may do prescans with a trusted scanner, but then every scan by an untrusted scanner must be discarded... so each token is only valid for some limited number of untrusted scans.

P5 ?

[spickus]

I wonder if we'll be seeing these in satellite receivers anytime soon?

one-way

A Media Lab token acts as a 'one-way function' - one of the central components of cryptography today. A one-way function is like an answer to which the original question is very hard to guess.

Like 42?

Re:GERMANS!

quoting from the book of all knowledge, 8f09 :

"Oooh, the Germans are mad at me. I'm so scared! Oooh, the Germans!

The "Germ mans" are only good at slaughtering helpless civilians. They're one step above the French!

Obviously havn't read the artical

[autopr0n]

No, the actual token will produce infinite variations. When you authenticate, you check a random source.

Your spoofing technique would only work if the angle you chose and the angle randomly selected were the same, so the chances of it working would depend on how many angles for which the results are stored.

Also, you could 'challenge' by requesting two different angles to be checked, in which case you're system wouldn't work at all.

(I can't believe this got a four, Mysterious obviously either didn't read the artical, or didn't understand it)

Re:Obviously havn't read the artical

[Vesuvius_2]

(I haven't read the entire thing yet) how much data would they have maintain then, in order to compute what each of these fobs looks like from infinite angles, rather than to merely store images of the correct appearances?

Re:Obviously havn't read the artical

[perlyking]

Thats what i'm wondering. The reader would have to have a complicated internal model of the fob.

Of course the other problem is what another poster mentioned, duplicating the key via stereolithograpy or some other method - these tokens are made in the first place, they arent beyond being produced with more care (e.g a tiny layer at a time and placing the glass spheres where required).
In short this is a cool and clever glorified front door key, but with more combinations.

Re:Obviously havn't read the artical

[p3d0]

No, the actual token will produce infinite variations. When you authenticate, you check a random source.

No you don't. How would that even work? What would you authenticate against? (Did you read the "artical"?)

You authenticate against a database that has several readings from several known angles:

In practice, the combination of laser light inputs and resulting speckle pattern outputs for each token could be stored on a secure database. The token could then be read at a terminal that queries the database and authenticates the token's identity.

Yet

[WhtDaUWant]

They have actually created a physical one-way function that cannot be tampered, copied or faked!

should read cannot be tempered, copied or faked yet.

Basic principle

[xyote]

Basically, it's some medium that allows a complex random arrangement that then remains stable. I believe this technique is already in use in creating non-forgeable traceable labels based on the random arrangment of the fibers in the label. The labels are created, the "unique" patterns are recorded and registered, and then the labels can be used. One of the applications of these labels is for software packaging. Those Microsoft cerficates of authenticity look rather suspicious. Of course, who Microsoft is trying to convince of their authenticity I don't know. I can't tell if the labels are authentic of not.

A little OT, but this technology would ideal for the USPS to use for traceable mail, privacy concerns aside.

rubber can still break this epoxy encryption

[guest12]

rubber hose that is

Re:This won't help online...

OWNED. -1 faggit.

It's in the article

[sweatyboatman]

Drilling a small hole in the tokens changes their internal structure enough to unleash the avalanche effect, so that the outputs from the same token before and after drilling differ by roughly half of their bits. Yet the process that transforms the speckle pattern into a string of digits can be modified to ignore accidental surface scratches.

I would imagine that since it's the internal structure of the token which determines the output, surface scratches don't have as dramatic an effect.

The value of Encryption...

[hackwrench]

No amount of encryption is enough to keep me from putting you and all of your associates heads though a plate glass window.

2 methods to circumvent

[mnemotronic]

Ohhhh lasers. Wowie zamboni! Must be secure!

1. I steal the card. Now I have the the unduplicatable pattern. There's nothing that ties that pattern to the card holder, so there's no way to prove I'm not the true card holder. Ye-ha. "Ummm, yes. I'll take that Gazelle out on the tarmac please...."
2. "Borrow" the card and extract the optical pattern (any merchant verifying a sale will do this). Next, I create my own card and extract the optical pattern. Now comes the fun part. Break into the "secure database", find the pattern matching the victim's pattern, the replace it with the pattern off my bogus card. Ta da! I am you and you are we and we are all together!

What? That "secure database" part too scary? Well here's a clue: anything labeled as "secure" probably isn't.

Whatever...

[supabeast!]

"...a physical one-way function that cannot be tampered, copied or faked!"

Yeah, and DES is too strong to crack...

Huh?

They have obviously never watched Jepordy:

"Answering the question 'how many months in a year?' is easy. But working out what question elicited the answer '12' is almost impossible"

Contestants on that show do this all the time....

Several solutions to this "problem"

[John+Harrison]

The smart card could simply ask for a PIN or a fingerprint. It could even validate a signature, or show the clerk a photo of you. And it could use velocity checking to determine the interval for these sorts of checks so that it doesn't make every transaction an extra hassle.

Also this stops mafia-types from mass producing fake cards. At CTST this year an IBM team presented a paper in which they read the keys off several cards through RF leakage, making it easy to make fake cards. This would prevent such fake cards, at least until a way of faking these patterns comes about.

Re:Several solutions to this "problem"

[Kwil]

In which case his point still stands.. we could do all that today with credit cards.

So why bother?

Re:Several solutions to this "problem"

[John+Harrison]

In which case his point still stands.. we could do all that today with credit cards.

In what case? If you could be more specific I could give you an answer.

Re:Several solutions to this "problem"

[Kwil]

He said:
"A 'smart card' isn't going to stop a pick pocket from theiving your wallet so we're back to square one."

You said:
"The smart card could simply ask for a PIN or a fingerprint. It could even validate a signature, or show the clerk a photo of you. And it could use velocity checking to determine the interval for these sorts of checks so that it doesn't make every transaction an extra hassle."

But your anti-theft measures can easily be put on a card today with a magnetic strip. Or if you're worried about tampering, put them in a "secure database" like the one the smart card already relies on - all the magnetic strip has is what data should be retrieved from the database.

So why bother with the extra expense of "smart cards"?

Re:Several solutions to this "problem"

[John+Harrison]

I am guessing that you don't work in the industry.

These measures are not "easily" put on a mag stripe card. You can't fit that data on the stripe itself, so you are going to have to store it on a back-end database. This would multiply the amount of data going back and forth on the network by a large nunmber (maybe 100 for a fingerprint) and put a huge strain on back-end systems. So no, the solution isn't easily done with a mag stripe card.

Add to this the fact that you can prove the presence of the card in on-line ordering situations. How can you do that with a mag stripe card? You can't. Of course currently almost nobody uses this feature so maybe you have a point for now. Wait a while and see if you still have one.

Does all this justify the expense of a smart card? Maybe not. So why are more and more cards being issued? Because you can put multiple applications of the same card, and loyalty otherwise known as tracking your purchases, is high on the list.

not exactly...

[autopr0n]

"whoops, I though it was secure" (e.g. the example in Cryptonomicon of the woman who peeks at the bingo balls and "makes it more random").

Except, if she had had her eyes shut like she was supposed to, it would have worked. Thats not a failing of the 'physical world' crypto, but rather the human brain's randomness generator.

Simple crack.

[mmol_6453]

If you know the motion pattern of the scanner, and can reproduce the same motion in a scanner of your own, scanning the victim's card, you can "easily" create a copy of the card. All of the supporting technology exists today.

Scan your victim's card, and record the pattern you see.

Place the recording on a similarly-sized device with any type of display. (LCD, LED, anything that can be powered by a small solar panel) "Cheap" copies targeted against "cheap" scanners won't need backlighting for the display.

Make sure the card-sized device has a solar panel on it that will be able to power the display and the supporting IC that controls the display.

When the illuminator turns on, the card has power. The card then immediately starts playing back the stored video, mimicking what the scanner would see had it been the real thing.

This assumes, however, that the scanner has only one "eyepiece." Camoflaging (sp) the card so it looks real to the human observer would probably be difficult.

Re:Simple crack.

[snol]

So they record a few thousand input position/output pattern pairs and ask for a different few each time.

Re:Simple crack.

[mmol_6453]

If they're smart. However, it's common knowledge that many (most?) tech administrators (especially the newbies) don't give a damn how secure their system is, as long as the boss isn't complaining. If it's more complex than an mechanical or electronic door lock, all the store managers I've met will have one of their employees take care of it.

A couple of resulting scenarios:

• Fashion store tech clerk controls the code pairs for the store's cardreaders. He's been working there for two years under an assumed name. Now he sells the list of code pairs to the highest bidder.

Or

• Privately held maintanence firm administers cardreaders for three different local banks. They don't know it, but their computer storing the code pairs was cracked last week, using a backdoor in Palladium. In Taiwan, counterfeit cardkey production has just stepped up.

• The US government now requires that the positioning and structure of cardkeys be meticulously recorded and reported to them. Bankrollee passes on the information to a drug ring, or the Mafia. Two years later, there's a feature on NPR about how Americans are saving less and less in their bank accounts. A few voices claim that their banks are stealing money from their accounts.

Re:Simple crack.

[snol]

First scenario: Any particular store could (but probably wouldn't) record the key responses that pass through their systems, but if, as I said, the authentication system asks for a different output each time, the stored responses would be useless.

Second: It's supposed to be impossible to counterfeit these as yet; that's the whole idea. If it becomes possible, we'd probably have to move on to a new system. However, (and this applies to the third scenario as well) obviously the storage of keypairs has to be secure for any such scheme. This part of it can be done using as many expensive precautions as you like since it's only done in one or possibly two places. But really, what's a security solution that doesn't face these problems? You could just as well say that if someone steals your cardkey and forces you at gunpoint to reveal your pin number, then the key's no longer secure - of course.

Re:Simple crack.

[mmol_6453]

The whole idea behind the system is that it can't be emulated by a computer. By using reality's (nearly) infinite precision, they've attempted to make it impossible for you to model any given card in, say, POV-RAY.

That makes it like PGP keys and SSH. I have to assume it's the server I want, the first time I connect. I store their public key, for future verification.

The same goes with these cardkeys. I have to assume it's the cardkey(easy assumption), and then I store the "public key" of the key. Namely, what the key surface looks like when illuminated from one specific angle, and viewed from another specific angle. The biggest thing about cardkeys, aside from the fact that they're physical objects, is that there's an infinite number of "public" keys.

Therefore, my "simple crack" depends on the fake cardkey being illuminated and viewed from the angle pair it's programmed to mimic.

(God, I love that word. "cardkey" Don't know if anyone said it before I did, though. :)

Well

[autopr0n]

Actualy, there's an easy way to get around what you're saying. Use phosphors or an LED or something so that your film is 'always' glowing.

Of course, none of this matters, since the above poster basicaly didn't understand what the whole thing does anyway.

pretty cool uses for encryption, actualy

[autopr0n]

You just use the 'fob' as we're calling it here as any other one way function. Take say, 8 bits of data, and point the lazer at the fob at -128 to 127 degrees. Then take an 8 bit md5 hashcode of the result. Repeat as needed.

It would actualy be a pretty cool encryption system, basicaly data would be locked forever unless you had the card. You'd never have to worry about anyone getting access to your data, since they would need the card to read it. And, if for example the FBI was on your ass, just throw the card in the microwave :)

Re:pretty cool uses for encryption, actualy

There are better ways of doing this.

Smartcards for example are tamperproof (I know not all are, but some) and will provide more protection to your data because not only does someone need the card, but they need the PIN to use the card. That way if the ganstas are on your ass and take your card, they still can't get access to the data.

Re:pretty cool uses for encryption, actualy

Um, how would you *decrypt* your data, then?

Re:pretty cool uses for encryption, actualy

[BlaisePascal]

Actually, you wouldn't need to find 128 different angles to illuminate the chip with. If I am understanding the technology correctly (which isn't necessarily a given, since none of the linked articles even show a picture of the device, or go into any sort of tech detail), it should be possible to generate a unique pattern by shining two incident beams on it that is non-linearly related to the patterns from each beam individually. So you could devise an interrogator that had (say) 16 lasers shining on the token at 16 different angles, or even 16 different positions, that would give you 65535 different patterns to interrogate against.

However, I'm not sure I understand your encryption technique, and I don't have a lot of confidence in it. Could you explain in more detail how you'd use it for encryption?

Nope

[autopr0n]

The secret isn't the speckle pattern, but rather the output of the speckle pattern when tested from an arbitrary angle. even if you know the speckle patern, you can't computational figure out what the output would be with todays computers (or tommorow's, or the next years, etc.)

Is it really prohibitively hard?

[maddogsparky]

This is a new scheme that relies on two problems that need to be solved: 1) determining the bubble pattern of an arbitrary fob, and 2) manuafactuaring a fob with an arbitrary bubble pattern.

1) How do we know that determining the bubble pattern of the fob is difficult enough to determine? This seems to me to boil down a simple, but large, ray tracing problem. Comodity graphics cards today can do fantastic things with lighting that were dreamed by many as not even possible only 15 years ago. Perhaps it can be exploited to solve this problem in the near future. I'm not convinced that this is truely a one-way hash; the idea is too new to confidently rule out the possibility of a solution.

2) Duplication is perhaps beyond current technology, but maybe not far away. It isn't difficult to imagine a matarial that can have it's light refraction properties modified at an arbitrary point that is located at the intersection of two or more lasers. Holographic research has been focused on solving this problem for some time and may have already come up with a (albeit expensive) solution.

Re:Is it really prohibitively hard?

[David+Roundy]

1) How do we know that determining the bubble pattern of the fob is difficult enough to determine? This seems to me to boil down a simple, but large, ray tracing problem.

For one thing, because there is no unique solution to the problem! There are many bubble patterns which may produce the same speckle pattern for a given angle of illumnation (this being the whole point of the scheme). But of course, each speckle pattern can only be used once. What you need to do is reproduce ALL the speckle patterns for all angles of incidence. This is what makes it a hard problem.

I don't know that it's a provably hard problem like factoring, but the raytracing example is totally irrelevant. The basics of raytracing were known a hundred years ago (and haven't really changed much since...). In contrast, in spite of a lot of research, noone has come very close to solving the inverse scattering problem.

Re:Is it really prohibitively hard?

[Jobe_br]

Exactly.

And - incidentally, as far as I know, 'factoring' isn't provably hard, either (in a mathematical sense). Just a note passing on some info I think I picked up somewhere along the line .. :)

In other words...

[MedManDC]

Well, obviously we wouldn't as you. you don't even know what a hashcode is.

Welcome to Slashdot, sckienle!

encryption dummy

[FunkyELF]

Ok, first off, i know nothing about encryption. But could someone explain to me how (pertaining to computers) this would become usefull? Doesn't each end need the key, or function to be able to communicate? How would me sending my credit card number over the internet be translated into refracting light with lasers on my end of the communication since i don't have a laser?...and even if i did, wouldn't I need the same peice of glass that they're sending light through at my end?

What diffrence does it make?

[autopr0n]

The government didn't know what buildings were going to have a plane imprint last time, dispite the fact that they already knew all about binladen and co.

can we all say:....

[GePS]

all of these "darn near impossible to reproduce" crypto systems are just variations on a one time pad .

It CAN be broken.. But not cheaply...

[stephenisu]

Making a true 3D copy of the token CAN be done. The glass and the epoxy will both have different densities. Using either sound or non-visibile light, it would be possible to make a 3-d density map of the token, based on that infomation you need to just place glass spheres in the disired locations before the epoxy settles and you have a copied token. Of course if the were smart, they would use broken glass instead of an easy to duplicate fragment like a sphere.

bah

[autopr0n]

Slashdot sucks. Sckienle should save himself before its to late!@

Re:Function that cannot be tampered, copied or fak

Wow, you are so smart!!
Now, we can wait for someone else to do the work.

Thank!

[sckienle]

I've been around long enough to know what's what.

mod parent up

(why is it moderated as flamebait?)

That was exactly my thought after reading the article. Their solution is nothing new, just generating one-time pads from passing lasers through a crystaline material.

One disadvantage I can see to their solution is that security needs to be watertight on the other end of the transaction (and it needs to keep an insane quantity of that data to store that one-time pad as well). And if that data is compromised at that server end - well, congrats, you've got a useless crystal.

couple problems

[slew]

1. sub-space projection
2. uniqueness

Think of it as the bubble patterns is one member of a very-very large set (the "bubble" set) and the laser is a projection or mapping function of this member of the bubble set on to a much smaller "diffraction pattern" set. Since the different laser angles can be used, that's like using different mapping functions.

A verification agency isn't gonna store which member of the bubble set each token is and do a diffraction simulaton with computers everytime the token is scanned, but more likely they will store the one or two projections on to the diffraction pattern set which are created by the one or two reader devices that are marketed. Also the whole diffraction pattern isn't gonna be stored, but just the part of the pattern sampled by the device.

This seems like a much easier problem to solve for the token forgers. All they have to do is make a token that when projected to the one or two sampled diffraction sets stored by the verification agency instead the the infinite possible diffraction patterns of arbitrary precision.

Then you have the uniqueness problem. Since the verification agencies are likely only storing sub-space projections which are finitely sampled, there's the possibility of collisions between two cards. At least with a non-one-way function, you can detect collisions beforehand, now you have to make the card with bubbles and project them to you subspaces and only then discover there's a collision and you have to throw the token away. This also defeats the feature alluded to that you can always use another projection. If you don't check for collisions ahead of time, they will inevitably occur (think of the birthday paradox).

There are fundamental mathematics working against any scheme that depends on low probability of collision. You don't have to duplicate a specific thing, but you hope for a collision (which is duplicating any one of a large set). This of course is much easier to do and is the known as the birthday paradox in probability theory. This has been used as theoretical fodder to break many encryption systems (meets in the middle attacks).

Here's another way to think of it. You have a zillion digit credit card number (token) and you apply a few different hash functions (laser angles) to the number to get a "signature" (diffraction pattern). The only advantage of this technology is that it's hard to duplicate this zillion digit number where most things electronic are easily duplicated. But some of the other "features" don't seem easy to take advantage of.

It's like the phreakers of yesteryear where they just guessed long-distance calling card codes if the set is large enough, collisions are inevitable. That's when companies invented PIN numbers. What it probably means that these tokens will probably end up being only as secure as your 4 digit ATM PIN... Something to think about...

Sometimes when you think outside the box, you realize that the box was green and the grass is really dead out there too...

one way functions

[owenomalley]

The article seems to be missing the point of one way functions. If you don't change the inputs to a one-way function, it is exactly the same as constant (ie. no good for verification of anything).

An easy application is for keys. If the lock has N input/output pairs recorded, getting in with a fixed example output would be hard.

A more advanced use of these things would be to have some way standard way of encoding a bill of sale including a datestamp into bits that could drive the laser inputs. Then save the resulting pattern(s) as proof that the vob was there at the time of the transaction.

However, that leaves a major hole. If the user destroys the vob, the store can no longer check if the signature was valid. To combat this, the user needs to be identified at the time of the transaction. As long as the vobs are registered in a central identity server so that the store can make sure the person is who they claim to be at that point. Additionally users have to record lost or destroyed vobs. The central identity server could use the N known input/output pairs to authenticate the user.

Down with cash!

[John+Harrison]

I am sick of cash. :)

It's commercially useful for one thing:

[Bigboote66]

Contract authentication. In a manner similar to the old "wax & signet ring", any document could be projected through the crystal and it's speckle pattern saved with the document. Although you couldn't verify that someone was who they said they were, you would be able to verify after the fact that this document did or did not originate from that person.

This could be extremely useful for e-commerce. When you're paying for your purchase, the system could send you an image of their choice (the invoice for example) and you could run it through your crystal & send it back. If there were a billing discrepancy later on, the company could produce the original image and you could demonstrate that it did or didn't match your card.

So, it's main use would be in keeping consumers from ripping off credit card companies with fake claims of "it wasn't me". Conversely, you could use it do prove that you didn't make a particular purchase.

-BbT

Re:It's commercially useful for one thing:

[Animats]

This doesn't work that way. That's a good basic idea, though: an optical equivalent to digital signatures. Can somebody make it work?

Re:It's commercially useful for one thing:

[skeedlelee]

Actually, using it as an optical signature should work now with the fob technology as described.

The company who wants your signature just requests a validation on your resin/fob thiny. The difference is that instead of tossing the query/response as usual, they keep it. The queries are used only once by the validation company so that wouldn't be a problem. Futher, the validation company would probably keep a record of who asked for validations and what query/response went with it, so they could be an independent party to verify that yes you did let so and so check your resin thingy at such and such a time on such day.

The only really big problems here are the (a) scanners will probably be expensive and (b) if it gets stolen you're in trouble if you don't tell the verification company ASAP. But those were both problems (and b continues to be) when credit card were initially introduced.

secure database

"In practice, the combination of laser light inputs and resulting speckle pattern outputs for each token could be stored on a secure database."

uid: sa

pwd:

We are the weakest link... goodbye!

not crypto

[Erpo]

This story has a misleading title. Basically, the article says that they've found a cheap way to implement a hashing function in hardware. Unlike a software hashing function that takes data to be hashed as input and produces the hash as output, the physical mechanism accepts a certain pattern of lasers as input and produces a speckled light pattern that can be observed from any angle as output. Since the position of the glass beads in the epoxy will be different for all cards, each glass and epoxy smear will have a different hash function that can be used to tell them apart.

There's no encryption/decryption going on here, just hashing, but that is an important concept in the field of cryptography.

The main application of this is to replace magnetic stripes on credit cards. Currently, the machine-readable part of a credit card produces a small amount of static output (16 or so decimal digits) and is easy to copy with readily available equipment. By switching to these new chips, the number and complexity of possible outputs that the card can produce would be increased and the output-producing device would be more difficult to duplicate.

For example, right now your electronics-geek waiter could slip your credit card through her palm pilot with home-made magnetic reader attachment on her way back to the register. Later, she could take a used or invalid credit card, and write your magnetic pattern onto the bar. Credit card machines wouldn't be able to tell the difference between the original and the duplicate, so she effectively stole your credit card and you wouldn't know until the bill came.

If you were using a glass and epoxy chip, there would be several problems with duplicating this kind of attack.

1. The waiter would have to read 125 gigabytes (1Tb=1TB/8=~125GB) of data into her intermediate storage device in a few seconds. That's a lot of fast memory to pack into a small space. Copying only a few possible outputs wouldn't work, as only the credit card company would know exactly which (laser position, card output) data pairs it had on file for use in a challenge-response protocol.

2. Assuming the waiter could read out the entire card before handing it back to you, she would have a hard time duplicating it later. She would have to construct a physical object taking laser position as input and producing specific light patterns as output. While hooking up a credit card shaped I/O device to a laptop with the 125GB database would be possible, chances are somebody would notice a suspicious person plugging their laptop into an ATM. Also, considering that the laptop would have to sift through 125GB of data before it could tell the I/O device to output a certain light pattern, whereas the true card would produce the "right answer" at the speed of light, a timeout function on the card reader would be effective in preventing this kind of attack.

Re:not crypto

[stormpunk]

That sounds fun. I can't wait until I get to sit for several days transmitting my credit card number over the internet to order something.

Oh, and that's if it's not encrypted. 128bit encryption will mean that I will be dead by the time I can successfully place a order.

Missing the point?

[sdeath]

I think most people here are missing the point of this.

I am not an optical engineer, but the important part of this is not "you cannot duplicate this token", since that didn't appear to be in anything I read; it's "you cannot duplicate this token _by reading the interference pattern or disassembling/probing inside_", which is a different problem entirely.

I suspect that with sufficiently high-quality materials and production controls, it _is_ possible to duplicate these in the production phase, which then makes it a useful toy; make two of them that have the same interference pattern, and given identical readers, you have a one-time pad that you can use for quite a while. I don't know how they're embedding the glass spheres in the epoxy, but with a finite number of positions for each glass ball in the epoxy (small enough to be useful, large enough to be secure), you might be able to have either coded duplicates (like keys; "2488210366" == "glass balls in pattern X") or a "mold" system where you position the balls identically for a pair of tokens and then destroy the mold, making it impossible to recreate the tokens. Either way has its useful features.

--
SD

Re:Missing the point?

[peter]

From the Nature article:
Even if one were to use laborious analytical and microscopic techniques to find the positions of every sphere in a resin slab, say Ravikanth Pappu and colleagues, who developed the new material, current microfabrication techniques are very far from being able to reproduce such a structure.

Nice OTP idea, though.

Um... not so fast?

[QuantumWeasel]

In fairness, I disclose that I have not read the Nature paper. Have any of our resident holographers taken a stab at this? I couldn't find my copy of Goodman's book or notes from Leith and Upatnieks to save my life. But there is a whole sub-field of holography dedicated to speckle patterns. And it "magically" does all the hard work of inversion within a sufficient sub-space of the one-way hash-function implemented by the token. Seems to me that if you had access to the resultant speckle pattern(s) (one for each angle and wavelength of illumination used for authentication) and a photopolymerizable material moldable into the geometry of the "token," then you could synthetically create a functionally equivalent volume hologram. (In fact, more than one, as holography experts will explain in detail the requirements for uniqueness.) You don't even need access to the token you wish to forge! All you need is the set of all readout patterns actually on file. Forgery definitely requires more sophistication than magstripes. But it is doable in the lab. Hey, I'm only an optical physicist. (Really.) But what do I know?

Writability??

[HamNRye]

Are these writeable?? If not, rule out smart card replacement. Also, if these were to replace credit card mag strips, why not capture the transaction past the reader and then re-transmit??

Any technology designed to help bypass scratches in the Media would inevitly make the cards easier to clone or fake. The would need to be less precise to compensate, hence your copy needs to be less precise. (Again, error correction defeats the purpose of the card. They have to shine laser light through at several angles, or expect the pattern to be less precise, most likely both.)

How would on-line ordering work?? Do I need a reader in my PC?? For those of you who say yes, reach over and get that mag strip reader out of your PC. Riiiiight....

I would guess that it would take 2-3 Years before cloning these cards is an option (Well, as much of an option as cloning mag strips) but thefts and fraud will still be happening in the interim. If I can record the transmitted pattern upstream, I can figure out how to re-transmit that pattern. If these cards have any of the conveniences we have become used to, like numbers printed on the card for online ordering, they are inherently insecure anyway, and Laser-Whoozie crypto won't help.

I can see some ways how this could be far more insecure than the current system. If there is a centralized database for authentication of these speckle patterns, there is a single point of attack. Also, there is a centralized location to watch for all transactions to take place.

This might make card duping harder, but not impossible. Also, the CC companies won't like the fact that these keys are totally "Random" and unduplicatible for them as well. Never expect a CEO to understand, "If you can duplicate them, so can other people." Hence, they will have a means of duplicating any particular token (or be unsuccessful), and it doesn't take long for that information to make it out into the wild.

Perfect Crypto??? Right over there next to my perpetual motion machine.

Hammy

How do they assemble the database?

The article says that the card can generate a terabit of patterns.

So... would they actually have to spend the time and storage to generate all of these patterns and keep them on file? That sounds like a waste of resources to me. So how else might they propose tracking all of these patterns?

It seems to me that if you are using a suspension of uniform spheres to generate the unique patterns, then all you need to have is three skew-vectored input-output pairs to be able to interpolate all of the possible patterns of the card from any angle.

This way, they could simply calculate a pattern match by knowing what angle/distance the card was scanned from. Also, if you wrote software to do this interpolation, you only need the 3 I/O pairs from a card to be able to later reproduce all possible patterns without having posession of the card. Of course, you would still need to reverse engineer a scanner to figure out how the scan angle and resultant pattern are converted to numbers.

Doing this, you would still be stymied if forced to use an actual scanner, but you could spoof a transaction if you could fake a connection to the credit card database. If the setup is such that the Credit Card server commands the scan angle to use, calculate the pattern interpolation for that angle and send it back.

-A non moose cow

Just need a few query/key pairs

[skeedlelee]

You don't need to know all the possible answers, a few thousand should do. And if you choose the queries randomly, it would be about as good as knowing all the answers to billions of questions, as far as a hack is concerned. More efficient to just measure a few query/speckle patterns directly.

As far as modeling the suspension of sphere in a computer and using that to pretend to be a vendor asking for a verification, sure, but you would need to actually get someone's fob thingy and map, very carefully, all the positions of the sphere, which is not trivial. Specifically, it would require a significant ammount of time. From a crime standpoint, you would be better off just using the fob you've obtained (stolen) directly on a normal scanner.

And of course, as has been pointed out many times above, this is assuming that the 'secure server' really is.

Re:Just need a few query/key pairs

A few is correct. Actually you would only need 3. If you capture the resultant pattern formed from 3 different angles, you can combine those to interpolate ALL possible combinations. There is only one possible arrangement of the spheres that could create a match of those 3 patterns given the 3 angles used

A few thousand would be overkill. You would not have to get the density map in the few seconds that you have the card, just 3 unique angle/pattern pairs. With this info, you can spend your sweet time interpolating the locations of the spheres later.

Also, I assume that you intended that the few thousand would be enough because they would allow you to interpolate all of the other possibilities. If not, then you would need more than the few thousand. What if the process included the server telling the scanner what angle to use, and you don't happen to have that one in your list?

A non moose cow

several days

[Erpo]

This kind of technology isn't really meant for home use - you'd have to buy a special reader device just to input your "number". Also, any transaction would probably only check a few places on the card and send that data (maybe a few KB). If they kept the entire contents of your card in a database, they would have to maintain 125GB of space on their servers per customer.

keep your .02$ please

After all the efforts that have been put into
getting the various govt's around the world to
STOP making a big friggin deal about crypto,
you bring up some stupid ass point about terrorists?

If it wasn't for the US govt's (don't forget their
associates) desire to strip their citizens of every
concievable right, we wouldn't HAVE any terrorist
activity in the US.

Anyone that believes the US govt. did NOT have anything
to do with the terrorist activities on 9/11/01 is
living in a dream world. *sigh*

The facts are there. Believing they aren't without
proof is a good way to keep your head in the sand.
Don't expect me to apologize to your kids for you
though.

Last Post!

[alpg]

One promising concept that I came up with right away was that you could
manufacture personal air bags, then get a law passed requiring that they be
installed on congressmen to keep them from taking trips. Let's say your
congressman was trying to travel to Paris to do a fact-finding study on how
the French government handles diseases transmitted by sherbet. Just when he
got to the plane, his mandatory air bag, strapped around his waist, would
inflate -- FWWAAAAAAPPPP -- thus rendering him too large to fit through the
plane door. It could also be rigged to inflate whenever the congressman
proposed a law. ("Mr. Speaker, people ask me, why should October be
designated as Cuticle Inspection Month? And I answer that FWWAAAAAAPPPP.")
This would save millions of dollars, so I have no doubt that the public
would violently support a law requiring airbags on congressmen. The problem
is that your potential market is very small: there are only around 500
members of Congress, and some of them, such as House Speaker "Tip" O'Neil,
are already too large to fit on normal aircraft.
-- Dave Barry, "'Mister Mediocre' Restaurants"

- this post brought to you by the Automated Last Post Generator...