Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australian Gov't Offers $560k Cryptographic Protocol For Free

Posted by Soulskill on from the as-in-beer dept.

mask.of.sanity writes "Australia's national welfare agency will release its 'unbreakable' AU$560,000 smart card identification protocol for free. The government agency wants other departments and commercial businesses to adopt the Protocol for Lightweight Authentication of ID (PLAID), which withstood three years of design and testing by Australian and American security agencies. The agency has one of Australia's most advanced physical and logical converged security systems: staff can access doors and computers with a single centrally-managed identity card, and user identities can be automatically updated as employees leave, are recruited or move to new departments. PLAID, which will be available soon, is to be used in the agency's incoming fleet of contact-less smartcards that are currently under trial by staff. It will replace existing identity cards that operate on PKI encryption."

12 of 163 comments (clear)

  1. Surprisingly sedate acronym by Sockatume · · Score: 3, Insightful

    Somehow that makes it more sinister than calling it "RAZORBAK" or "AOK JINGOSIM".

    --
    No kidding!!! What do you say at this point?
  2. Yeah Right... by Frosty+Piss · · Score: 4, Insightful

    Given Australian government's views on privacy, I wonder when the back door will be discouvered? Or is looking for it agianst the law?

    --
    If you want news from today, you have to come back tomorrow.
  3. Mmmh by Britz · · Score: 5, Insightful

    "Here, have my lock and key. Nobody will be able to get into your home. Except, maybe, me :-)"

    1. Re:Mmmh by MobyDisk · · Score: 2, Insightful

      They aren't giving a way the lock and key. They are giving away a design for locks and keys.

  4. I laugh ... by Morphine007 · · Score: 4, Insightful

    ... when an organization claims that they're going to provide something that's unbreakable

    The claim is usually an open invitation to reduce the "unbreakable" object to ashes.

    --
    Oh god, that woman is John Romero!
    1. Re:I laugh ... by Confuse+Ed · · Score: 2, Insightful

      3.The source and destination then compute Ys and Yd, respectively, such that their own X*Y is congruent to 1 mod (A*B). They do not share this information.

      Should that be 1 mod ((A-1)*(B-1))?

      I'm not that convinced that relying on the discrete logarithm problem (at the cost of 4x as much network communication) rather than directly on the factoring problem (like more commonly discussed PK based systems) has any additional security : aren't the 2 problems of identical complexity?

  5. Re:contactless smart cards are the way to go by Anonymous Coward · · Score: 1, Insightful

    Especially if I find your wallet after you lose it.

  6. Re:A little more info by oldhack · · Score: 2, Insightful

    If it's so unremarkable, what makes it worth half million Australian dollars, then? Unremarkable patent, perhaps?

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  7. Re:contactless smart cards are the way to go by profplump · · Score: 4, Insightful

    The government never issued SSN with the intent of being a universal identifier.

  8. Re:A little more info by swillden · · Score: 2, Insightful

    If it's so unremarkable, what makes it worth half million Australian dollars, then? Unremarkable patent, perhaps?

    How do you define the "worth" of a protocol?

    Secure protocols are hard to design because there are a lot of subtle errors that can be made. It takes a lot of work by a lot of smart people to make sure that none have been -- and it's even harder if the protocol breaks new ground.

    I suspect that the half-million figure is an estimate of how much has been put into the design and verification of the protocol. That's a goodly amount of work. Had the protocol been extremely novel, verifying it to the world's satisfaction would have been *much* more expensive that 0.5M AUD.

    --
    Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  9. Re:A little more info by PitaBred · · Score: 2, Insightful

    Hell, if you're really worried, make an "airlock" gate, where the outside door is free to open, but it is built like a faraday cage for the frequencies uses, and the reader is inside that.

    --
    My blog. Good stuff (when I remember to update it). Read it.
  10. Re:You are correct by MobyDisk · · Score: 2, Insightful

    From the summary:

    which withstood three years of design and testing by Australian and American security agencies.

    I took that to mean the crypto-community had a long hard look at it.