Slashdot Mirror

← Back to Stories (view on slashdot.org)

Xerox Creates Printed Labels With Rewritable Memory

Posted by Soulskill on from the mundane-futurism dept.

Lucas123 writes: Xerox has announced a line of printed labels that can store up to 36 bits of data that can be used to track shipped products, determine the authenticity and condition of products, and even identify if a medication refill has been authorized, or if a shipping tax has been paid. The key verification features, which are targeted at thwarting counterfeiters, will work offline, allowing secure validation of an object or process without being bound to the Internet. The memory labels can be encrypted for added security and can store up to 68 billion data points.

3 of 48 comments (clear)

  1. You cannot do anything secure with 36 bits by gweihir · · Score: 4, Insightful

    In order to do things like authenticity securely, you need to sign the contained data cryptographically. The very least number of bits needed for a signature that can be called secure in any way is around 80 bits today, and you need the data to that is signed in addition.

    I conclude that this thing offers no actual security whatsoever, besides the mechanism needed to write the bits.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. What is the big deal? by Michael+Woodhams · · Score: 4, Insightful

    From the article (and the announcement it links to), I'm really struggling to figure out what the big deal is.

    A rewritable 36 bit label. Presumably that means you have 36 dots, each of which can be black or white (say) and you can change their state somehow. I could (a little less conveniently) do the same with a sticker with 36 dots on it, each either filled or hollow. Whenever I want to change it, I just print a new sticker with the new bit pattern and stick it over the old one.

    How does this give all the cryptographic goodness they talk about?

    They say you'll be able to cryptographically confirm authenticity off-line. But 36 bits is easily brute-forcible. If you can check the authenticity of the 36 bit pattern, the man in the middle can check all 2^36 bit patterns for authenticity and use whichever authenticated bit patterns give the message they want.

    The engineers at Xerox aren't stupid, so presumably there is something to this. However in going from the minds of the engineers to the mind of the journalist to the article to my mind, somewhere something vital has been lost.

    --
    Quattuor res in hoc mundo sanctae sunt: libri, liberi, libertas et liberalitas.
    1. Re:What is the big deal? by konohitowa · · Score: 3, Insightful

      When the journalist started to explain binary, I sort of lost hope of any technical explanation materializing.