All Things Microsoft > Microsoft as a Company

Microsoft doesn't want passwords for Longhorn

<< < (3/3)

muzzy:
Uh, the idea of invalidate-database would be that it's not secret data. It'd just contain information which keys have been revoked. You could basically have two attacks against such database: Add key, or remove key. If you've managed to clone a card, and you can then remove the revocation status of it, then you could authenticate as the user. However, merely compromising the database wouldn't alone be effective, and with keys naturally expiring at some point, you couldn't just collect keys for a few years and then pull a big stunt. The less serious attack of adding key into the database would just make someone unable to authenticate.

What comes to smart criminals, yeah, I know. There are many attacks even against smart cards, but they tend to require quite a bit of sophistication and you can't just ask the card to give its information to you. The swipe cards can be completely read since you can touch the media directly, but with smart card you have to ask the card for the data. They're designed to never release private key and only answer challenge-responses against it, which cannot be used to determine the private key itself, only authenticate that that it's indeed the pair for the expected public key.

Navigation

[0] Message Index

[*] Previous page