Slashdot Mirror
Crypto with Epoxy Tokens, Glass Balls and Lasers
Anonymous Coward writes "Scientists from MIT and ThingMagic have collaborated and developed an innovative crypto mechanism using epoxy tokens, glass spheres and lasers. They have actually created a physical one-way function that cannot be tampered, copied or faked! The full scoop can be found at MSNBC, and also at Nature, & TOI."
for random numbers with
Lava Lamps? Now there is Lava lamp cryptography.
Read about it at:
LavaLamp
Thanks and have a weekend !
I think the process involved mixing a bunch of little tinfoil sparkles into a clear epoxy resin, applying the resulting glue as a seal, and photographing it from several angles. Simple to create, yet darn near impossible to duplicate a second time. If the blob is missing or different, something fishy is going on.
The thing about things we don't know is we often don't know we don't know them.
Can't be tampered with? Give me a hammer, I'll tamper with it... If I can't have the data, no one can!!!
---
Programming is like sex... Make one mistake and support it the rest of your life.
One thing know once you read the article(s), that really should have been included in the story submisstion, is this technology is more geared toward replacing things such as magnetic stripes on credit cards, and em cards, and whatnot. The tiny crystals that will replace these stripes produce a one-way function that is currently impossible to duplicate, so if widely adopted this would (at least temporailiy) make card couterfitting impossible. It is not describing a new encryption mechanism for your PC, or any software for that matter.
I thought of that also. But I read the article more closely, and they mention that different view angles would be used to generate different speckle patterns.
A one-angle view of this token would not be secure, but a security mechanism that scanned the token through multiple angles would be very difficult to recreate. I don't know if they should be throwing around the word 'impossible', however.
Genocide Man -- Life is funny. Death is funnier. Mass murder can be hilarious.
This seems like a really good system, one that for once is almost impossible to forge. However, it seems to have a major flaw: Durability. The Nature article states that "a token with a hole half a millimetre across drilled through it gives a speckle pattern clearly distinguishable from the original." So what happens when (not if!) the card gets scratched and worn? Will it immediately stop functioning? These secure cards won't be worth much if they have to be replaced every month because of wear and tear... and with the system they are using, error correction isn't an option (defeats the whole purpose of the tokens since tampering with them would then become possible).
McGuyver has made plans to begin work at MIT in their research department to create supercomputers from old ballpoint pens, and outdated telephone mechanisms.
If you're looking here for something insightful or thought provoking, you're probably looking in the wrong place.
Getting the 2D pattern is easy (anyone with access to a reader could simply get this pattern through software). You then have to manufacture a crystal which produces this pattern, so that you can use your new counterfit card at the Sony store, etc. This is the part that is currently impossible.
...until it is tampered, copied, and faked. Never say never, especially with regards to crypto.
sarchasm: The gulf between the author of sarcastic wit and the person who doesn't get it.
actually, i have 3.
there are 50 or so of em lying around at home, making my wife mad.
so explain again why guitar picks are news?
(my apologies to westsky in advance)
guns kill people like spoons make Rosie O'Donnell fat.
Cheap trick secures secrets
Finally! Something to go hand-in-hand with my REO Speedwagon encryption algorithm.
Where does the school board find them and why do they keep sending them to ME?
And all these years my family has been persecuted in Salem, MA and it turns out all they wanted was our crystal balls!
The article claims that making a holographic forgery would be prohibitively difficult, but doesn't explain why.
You could almost certainly make one if you had the original card to duplicate.
If you had the verification information for the card - the list of patterns the scanner looks for - you could probably make a holographic reproduction with a bit of fiddling (the same multi-exposure technique is used for making aminated holographs that move as you change viewing angle).
You'd have a hard time duplicating the card just from observing one transaction, but the same holds true for electronic media (one challenge/response pair does not give you a smart card's key).
Does anyone have further details on why the researchers say this would be difficult to forge?
Because stealing the speckle pattern does you no good. You need to create a device that makes that pattern, when light is shone through it and an inaccessible air gap onto a sensor. You can't just lay something on top of the sensor itself because, in any even half-way sensible design, you couldn't get to the sensor itself without disabling the entire reader.
I actually think this idea is extremely clever, but I don't know if I'd consider it a method of encryption. Even if you had an LED grid representing cleartext on one side, so you could read the "ciphertext" speckle pattern on the other side, how do you decrypt that? What kind of resolution, frequency and loss ratio are we talking about? This seems like it might be a really good authentication mechanism, where a known input will only be converted to a known output in the presence of a unforgeable secret, but I don't see how it can work for encryption where the input varies.
Slashdot - News for Herds. Stuff that Splatters.
They've discovered the one-time pad!
No, they have not. That would mean that whoever receives a message sent with this data had the same pad, and that isn't the case.If it were, a 12-terabit stamp-size one-time pad would still be rather good.
I'm a bit unclear how this works in practice though. They say they can check the patterns the thing makes against a "secure" database. They can't store all the 12 terabits there.
So, I assume, they pick some number (say, 100) of ways to shine a laser at it at random, and store those in the server. When it's time for identification, the server tells the token reading gadget which position(s) the laser should be in, it sends the pattern back, and it can be checked.
One possible attack is obvious, it may be possible to find out which random spots for the laser have been stored for this token by asking for a verification enough times. However, that gives you the task of making an object that fits into a reader, that gives the right patterns for all the 100 ways... And that's Hard. So it may not even be necessary to randomize the laser positions, just check some number of standard patterns, and it will be too hard to make an item that can fake them all.
Thanks for listening to my train of thought. I think I get it now :)
I believe posters are recognized by their sig. So I made one.
will bill this as "Cryptography with balls."
I'd imagine it'll take a little work to keep these things from getting scuffed or otherwise damaged beyond recognition through regular handling, especially if they end up on your key chain.
Of course, a really sophisitcated system might take that into account, and update the key profile to recognize each key's unique wear and tear.
One of the nice things about a smart card system is that it doesn't have to go onlne for each transaction. From the descriptions it seems that this system does have to check with a database at the time of purchase. So the speedup from a smartcard is lost.
Lasers Controlled Games!
The MSNBC article goes on and on about how this is great for 'Smart Cards' but in reality it doesn't make them that much more secure that credit cards because most of the theft that happens with credit cards is not breaking into computers, rather it's physical theft of the cards themselves.
/. before? It seems vaguely familiar.
A 'smart card' isn't going to stop a pick pocket from theiving your wallet so we're back to square one.
And not to be troll but has this been on
The Anti-Blog
Oh wait, what's this? Oh, there's an ARTICLE to read? One which discussed exactly that, and how the laser can be shone through the fob at multiple angles, requiring the correct 3D structure? Hmm.
I recall reading something very similar in I believe Scientific American (which is not searchable, unfortunately), oh, ages ago. Used to identify ICBMs / warheads / other missiles during arms reduction discussions between the US & Russia (might even have been so far back as to make that USSR). Basically a splash of epoxy with sparkles mixed in on some disasterously-expensive-to-replace part of the device, snap a photograph and/or hologram, and the device is reliably tagged.
... unless of course Fritz [Hollings] gets his palladium-plated way and we at some point do get tamperproof, "trusted" hardware (... to play around with - I'm looking forward to that).
... it raises the price of duplicating a unique physical dongle.
... what was the author of this /. article taking? I want some.
So it's become cheaper, cheap enough even for everyday use. However, the possible uses I can see are rather limited: local authentication, and pretty much nothing else.
It's good for credit cards, but only if the card is physically read by the entity requestion authentication, and only if that entity is online (or has a local database of the speckle pattern of all cards worldwide, plus a magically updated revocation list).
For any non-local authentication it doesn't seem much good
So
But it definitely has nothing to do with crypto (i.e. encryption)
yes, we have no bananas
Although it is a very simple concept, the complexity of creating a transportable medium was the limiting factor. This could not have been done 20 years ago, as the lasers then looked like flashlight beams compared to today. Computer processing power was also a limiting factor.
Intelligence is only a small part of the equation. It is difficult to come up with a very simple solution to a problem that uses technology and manufacturing processes that are years away.
20 years ago, this thing would have had to be about the size of a brick, as beam density, laser accuracy, and manufacturing processes were not advanced enough to create something portable.
For other applications, the dream can drive technology. Weapons systems, space travel, and a utopian society are but a few things that can drive technology to create. A credit card that can't be copied is not a big enough dream to create technology, but it is big enough to take existing technology and innovate.
As for your second point, here's a thought.
The card currently would be useless to stop physical theft, right now. The scheme just relies on the frefraction of light to create patterns. Once you have the card, then Bam, you have the money.
But what if you could arrange these flakes into such a pattern that when light is passed through at a predetermined angle, it provides a composite of the card holder, which will appear on the POS terminal screen. Match the picture with the cardholder, then go ahead. The weakest link falls to the clerk.
-This idea has been released under the GPL. It may be freely distributed or modified under said terms.
You think that I'm crazy, you should see this guy!
This is an improvement on an idea from the 1980s called "quantum subway tokens". There have also been a few schemes involving 2D speckle patterns as unique, hard to forge data items. But they're not challenge/response, like this. Challenge/response devices exist (Sun's Java-powered jewelry, the Dallas Semiconductor button) but they're more complex. On the other hand, their readers are simpler than this optical system will require.
The useful advancement in this thesis is in section 5.3.4, where the authors demonstrate that the registration of the scanning beam doesn't have to be extremely tight. You'd think this scheme would involve optical-bench precision, but it doesn't. (Well, actually it does, but not wavelength-precise optical bench precision. Still, it involves micrometers driven by computer-controlled stepping motors and a very rigid fixture. It's not a "just swipe the card" system.)
The trouble with this system is that there's no public key associated with the object - only a huge number of possible challenge/response pairs. Validation at an untrusted reader is done by probing the object using challenges previously performed at a trusted reader. Those challenges are "used up" as the object is validated, because otherwise, they could be replayed. This is much less convenient than a public/private key system. It's more like one of those systems where you have a wallet card with a long list of challenge/response pairs for logging in. The only advantage here is that the object isn't copyable. It's still stealable, of course.
It's kind of neat, but probably not commercially useful.
The idea was that the hull of each spacecraft was coated in embedded diamonds (cheap in the future because DeBeers' monopoly is gone). The police can then read your hull with a laser from 1 million miles away and you can't forge the "number plate".
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Also, if the connection between a store and the pattern validation server is ever intercepted, a hacker could just save your patterns and re-send them whenever they want to purchase pr0n or something. So I think the original poster was right: this is just like stealing credit card numbers. As long as validation is done by passing around a bunch of digital data, that will always be the point of weakness. Even now, the vast majority of credit card fraud happens not because somebody's magnetic strip gets duplicated, but because somebody's credit card numbers get stolen. It seems like making the physical cards harder to duplicate is barking up the wrong tree.
The only solution I can see is this: There wouldn't be a unique resultant diffraction pattern that gets passed around, but rather a two-way conversation between the validation server and the card reader. The server would ask three random questions of the sort "what pattern is produced when the laser shines from angle 1, what about angle 2, etc. The problem with this is that the validation server would have to know what the right answers are to all of the possible questions, and that creates a problem: either there would be waay too much data stored for each card, or there would only be a limited number of "questions" the server could ask. In the latter case, a thief's computer could just memorize all the answers to the few questions, and produce them without the card whenever the validation server actually asks.
Drilling a small hole in the tokens changes their internal structure enough to unleash the avalanche effect, so that the outputs from the same token before and after drilling differ by roughly half of their bits. Yet the process that transforms the speckle pattern into a string of digits can be modified to ignore accidental surface scratches.
I would imagine that since it's the internal structure of the token which determines the output, surface scratches don't have as dramatic an effect.
It breaks my pluginses, my precious!
Also this stops mafia-types from mass producing fake cards. At CTST this year an IBM team presented a paper in which they read the keys off several cards through RF leakage, making it easy to make fake cards. This would prevent such fake cards, at least until a way of faking these patterns comes about.
Lasers Controlled Games!
All the device would need to do is check at least two angles simultaneously. No 2D forgery can bypass that.
1. sub-space projection
2. uniqueness
Think of it as the bubble patterns is one member of a very-very large set (the "bubble" set) and the laser is a projection or mapping function of this member of the bubble set on to a much smaller "diffraction pattern" set. Since the different laser angles can be used, that's like using different mapping functions.
A verification agency isn't gonna store which member of the bubble set each token is and do a diffraction simulaton with computers everytime the token is scanned, but more likely they will store the one or two projections on to the diffraction pattern set which are created by the one or two reader devices that are marketed. Also the whole diffraction pattern isn't gonna be stored, but just the part of the pattern sampled by the device.
This seems like a much easier problem to solve for the token forgers. All they have to do is make a token that when projected to the one or two sampled diffraction sets stored by the verification agency instead the the infinite possible diffraction patterns of arbitrary precision.
Then you have the uniqueness problem. Since the verification agencies are likely only storing sub-space projections which are finitely sampled, there's the possibility of collisions between two cards. At least with a non-one-way function, you can detect collisions beforehand, now you have to make the card with bubbles and project them to you subspaces and only then discover there's a collision and you have to throw the token away. This also defeats the feature alluded to that you can always use another projection. If you don't check for collisions ahead of time, they will inevitably occur (think of the birthday paradox).
There are fundamental mathematics working against any scheme that depends on low probability of collision. You don't have to duplicate a specific thing, but you hope for a collision (which is duplicating any one of a large set). This of course is much easier to do and is the known as the birthday paradox in probability theory. This has been used as theoretical fodder to break many encryption systems (meets in the middle attacks).
Here's another way to think of it. You have a zillion digit credit card number (token) and you apply a few different hash functions (laser angles) to the number to get a "signature" (diffraction pattern). The only advantage of this technology is that it's hard to duplicate this zillion digit number where most things electronic are easily duplicated. But some of the other "features" don't seem easy to take advantage of.
It's like the phreakers of yesteryear where they just guessed long-distance calling card codes if the set is large enough, collisions are inevitable. That's when companies invented PIN numbers. What it probably means that these tokens will probably end up being only as secure as your 4 digit ATM PIN... Something to think about...
Sometimes when you think outside the box, you realize that the box was green and the grass is really dead out there too...
I think most people here are missing the point of this.
I am not an optical engineer, but the important part of this is not "you cannot duplicate this token", since that didn't appear to be in anything I read; it's "you cannot duplicate this token _by reading the interference pattern or disassembling/probing inside_", which is a different problem entirely.
I suspect that with sufficiently high-quality materials and production controls, it _is_ possible to duplicate these in the production phase, which then makes it a useful toy; make two of them that have the same interference pattern, and given identical readers, you have a one-time pad that you can use for quite a while. I don't know how they're embedding the glass spheres in the epoxy, but with a finite number of positions for each glass ball in the epoxy (small enough to be useful, large enough to be secure), you might be able to have either coded duplicates (like keys; "2488210366" == "glass balls in pattern X") or a "mold" system where you position the balls identically for a pair of tokens and then destroy the mold, making it impossible to recreate the tokens. Either way has its useful features.
--
SD
I am Chaos. I am alive, and I tell you that you are Free. -Eris