Slashdot Mirror
Australian PLAID Crypto, ISO Conspiracies, and German Tanks
New submitter Gaglia writes: PLAID, the Australian 'unbreakable' smart card identification protocol has been recently analyzed in this scientific paper (disclaimer: I am one of the authors, and this is a personal statement.)
Technically, the protocol is a disaster. In addition to many questionable design choices, we found ways for tracing user identities and recover card access capabilities. The attacks are efficient (few seconds on 'home' hardware in some cases), and involve funny techniques such as RSA moduli fingerprinting and... German tanks. See this entry on Matt Green's crypto blog for a pleasant-to-read explanation.
But the story behind PLAID's standardization is possibly even more disturbing. PLAID was pushed into ISO with a so-called "fast track" procedure. Technical loopholes made it possible to cut off from any discussion the ISO groups responsible for crypto and security analysis. Concerns from tech-savvy experts in the other national panels were dismissed or ignored. We contacted ISO and CERT Australia before going public with our paper, but all we got was a questionable and somewhat irate response (PDF) by PLAID's project editor (our reply here). Despite every possible evidence of bad design, PLAID is now approved as ISO standard, and is coming to you very soon inside security products which will advertise non-existing privacy capabilities.
The detailed story of PLAID in the paper is worth a read, and casts many doubts on the efficacy of the most important standardizing body in the world. It is interesting to see how a "cryptography" product can be approved at ISO without undergoing any real security scrutiny.
On a related note, the enthusiastic comments to PLAID's design made by a few readers in the old Slashdot story reminds us as a cautionary tale that you need cryptographers to assess the security of cryptography. Quoting Bruce Schneier: amateurs produce amateur cryptography.
Technically, the protocol is a disaster. In addition to many questionable design choices, we found ways for tracing user identities and recover card access capabilities. The attacks are efficient (few seconds on 'home' hardware in some cases), and involve funny techniques such as RSA moduli fingerprinting and... German tanks. See this entry on Matt Green's crypto blog for a pleasant-to-read explanation.
But the story behind PLAID's standardization is possibly even more disturbing. PLAID was pushed into ISO with a so-called "fast track" procedure. Technical loopholes made it possible to cut off from any discussion the ISO groups responsible for crypto and security analysis. Concerns from tech-savvy experts in the other national panels were dismissed or ignored. We contacted ISO and CERT Australia before going public with our paper, but all we got was a questionable and somewhat irate response (PDF) by PLAID's project editor (our reply here). Despite every possible evidence of bad design, PLAID is now approved as ISO standard, and is coming to you very soon inside security products which will advertise non-existing privacy capabilities.
The detailed story of PLAID in the paper is worth a read, and casts many doubts on the efficacy of the most important standardizing body in the world. It is interesting to see how a "cryptography" product can be approved at ISO without undergoing any real security scrutiny.
On a related note, the enthusiastic comments to PLAID's design made by a few readers in the old Slashdot story reminds us as a cautionary tale that you need cryptographers to assess the security of cryptography. Quoting Bruce Schneier: amateurs produce amateur cryptography.
1 and 4 together make me think that the author is saying that shill is completely irrelevant to privacy and the rest of plaid is just as private as advertised. The problem is that while shill may have been intended as a bolt-on to distract and slow attackers, it apparently also can be used to do the tracking that the rest of plaid was designed to avoid. The author claims that's not a problem because it wasn't designed to be private, but the end effect seems to be that the card is more trackable than intended. A better implementation of the shillkey could help with this, but is not required by the standard nor implemented by the reference, so how many commodity hardware makers are going to bother?
Australia is at about 1 homicide per 100,000 inhabitants per year. The rate has been steadily declining since 1990. In the US it's at around 4.5 homicides per 100,000 inhabitants per year.
Robberies are at around half the rate of what they are in the US. Sexual assault is about equivalent, though it used to be higher before the new gun legislation.
Here, now you know how to fish.
Australia's robbery rate is about half (55%) that of the US, overall murder rate is about 1/4.
http://www.nationmaster.com/co...
And I'll just throw this out there, last night in my town, someone not only managed to shoot himself in the foot, but the same bullet seriously injured a 9 year old neighbor:
http://abc7news.com/news/san-j...