Crypto with Epoxy Tokens, Glass Balls and Lasers

← Back to Stories (view on slashdot.org)

Crypto with Epoxy Tokens, Glass Balls and Lasers

Posted by michael on Friday September 20, 2002 @03:09AM from the truth-is-stranger-than-fiction dept.

Anonymous Coward writes "Scientists from MIT and ThingMagic have collaborated and developed an innovative crypto mechanism using epoxy tokens, glass spheres and lasers. They have actually created a physical one-way function that cannot be tampered, copied or faked! The full scoop can be found at MSNBC, and also at Nature, & TOI."

12 of 265 comments (clear)

Min score:

Reason:

Sort:

Remember the SGI Patent? #@ +1; Informative @# by Anonymous Coward · 2002-09-20 03:16 · Score: 3, Interesting

for random numbers with

Lava Lamps? Now there is Lava lamp cryptography.

Read about it at:

LavaLamp

Thanks and have a weekend !
Old Technology, new twist by lynx_user_abroad · 2002-09-20 03:18 · Score: 5, Interesting

IIRC, something similar to this (very low tech) was used to create tamper-evident seals on things like the boxes guarding equipment monitoring nuclear sites, etc.
I think the process involved mixing a bunch of little tinfoil sparkles into a clear epoxy resin, applying the resulting glue as a seal, and photographing it from several angles. Simple to create, yet darn near impossible to duplicate a second time. If the blob is missing or different, something fishy is going on.

--
The thing about things we don't know is we often don't know we don't know them.
1. Re:Old Technology, new twist by Phil+Wherry · 2002-09-20 03:55 · Score: 4, Interesting
  
  A very similar technology been used for the identification of gems for quite a while. The idea is pretty much the same: shine a laser beam into the gem, then record the pattern generated by internal reflection/refraction. The technique has been around for at least twenty years, I believe. Still, the idea of a physical one-way hash function is interesting and quite likely useful.
2. Re:Old Technology, new twist by dr_dank · 2002-09-20 04:09 · Score: 3, Interesting
  
  An even older application involved wax seals for letters.
  
  Candles of different colors were dripped onto the envelope to create a swirl of color that can't be as simply duplicated as a single color wax seal can. The picture of the multi-colored seal was sent ahead to verify the authenticity of the seal.
  
  --
  Where does the school board find them and why do they keep sending them to ME?
3. Re:Old Technology, new twist by theCat · 2002-09-20 08:54 · Score: 5, Interesting
  
  In the Middle Ages when you made a contract with someone it was written twice on the same parchment, at the top and at the bottom. Then the parchment was torn in half unevenly between the two versions of the contract and each party took one of the halves. In the future should the terms of the contract come into question they could verify that the contract each held was in fact the original by realigning them along the tear; the originals would of course match exactly and the veracity of the copy contained therein could be verified.
  
  The jagged edge of the contracts looked like teeth, Latin dent IIRC, and whoever held such a contract was said to be indentured
  
  Didn't require lasers, of course, but did require that the two parts be physically present and visually verified, so it is remarkably similar in principle. The fibers and surface imperfections of the parchment (thin leather) would have taken the place of the glass beads in this case.
  
  So, does the MIT patent fail due to prior art? ;-)
  
  --
  =^..^= all your rodent are belong to us
4. Re:Old Technology, new twist by God!+Awful · 2002-09-20 09:44 · Score: 3, Interesting
  
  The disadvantage of this approach is that for these devices to be useful at say a supermarket, the master key still has to be stored on a server somewhere. If someone hacks the server, they can then impersonate you.
  
  The advantage of this approach over other physical authentication techniques such as biometrics is that you don't have to trust the scanners. With fingerprint readers, once they scan you they can then store your fingerprint and impersonate you. That doesn't seem possible with this new approach.
  
  Of course for pure theoretical security, it still doesn't match a smartcard with an RSA key encrypted with a strong 128 bit password that the user has to type in every time he wants to use the card. Unless you want to embed the smartcard inside a refractive epoxy for the best of both worlds.
  
  -a
  
  --
  How to rationalize theft.
So what, that's only half the picture. by brunes69 · 2002-09-20 03:23 · Score: 3, Interesting

Getting the 2D pattern is easy (anyone with access to a reader could simply get this pattern through software). You then have to manufacture a crystal which produces this pattern, so that you can use your new counterfit card at the Sony store, etc. This is the part that is currently impossible.
1. Re:So what, that's only half the picture. by brunes69 · 2002-09-20 10:00 · Score: 3, Interesting
  
  OK, so in theory you make your whiz-bang holo-emitter card (try to explain you you plan to emulate diffraction patterns generated by a laser through a crystal). Let's say you do this and it works. Now you go give your whiz-bang card to joe schmoe at the local best buy to get a tv. Woah there cowboy, whats this big black thing where the crystal is supposed to be?
  No one would accept this emulator card you speak of, even if you could make one, which I doubt. And such emulator card would probably not fit in any ATM either.
Why are holographs prohibitive? by Christopher+Thomas · 2002-09-20 03:38 · Score: 3, Interesting

The article claims that making a holographic forgery would be prohibitively difficult, but doesn't explain why.

You could almost certainly make one if you had the original card to duplicate.

If you had the verification information for the card - the list of patterns the scanner looks for - you could probably make a holographic reproduction with a bit of fiddling (the same multi-exposure technique is used for making aminated holographs that move as you change viewing angle).

You'd have a hard time duplicating the card just from observing one transaction, but the same holds true for electronic media (one challenge/response pair does not give you a smart card's key).

Does anyone have further details on why the researchers say this would be difficult to forge?
Defeats one of the purposes of smart cards by John+Harrison · 2002-09-20 03:51 · Score: 3, Interesting

One of the nice things about a smart card system is that it doesn't have to go onlne for each transaction. From the descriptions it seems that this system does have to check with a database at the time of purchase. So the speedup from a smartcard is lost.

--
Lasers Controlled Games!
Very old news by nagora · 2002-09-20 04:33 · Score: 3, Interesting

This was suggested in an issue of Scientific American sometime back in the mid or early 80's. I remember it because I stole the idea to apply to my Traveller campaign to reduce the number of stolen space ships.
The idea was that the hull of each spacecraft was coated in embedded diamonds (cheap in the future because DeBeers' monopoly is gone). The police can then read your hull with a laser from 1 million miles away and you can't forge the "number plate".
TWW

--
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Re:Obvious circumvention scheme by micromoog · 2002-09-20 05:20 · Score: 3, Interesting

All the device would need to do is check at least two angles simultaneously. No 2D forgery can bypass that.