Re: ArcotSign (was Re: Does security depend on hardware?)

Douglas Hoover (doug@arcot.com)
Mon, 21 Sep 1998 17:55:12 -0700

• Next message: Colin Plumb: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• Previous message: Bruce Schneier: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• In reply to: bram: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• Next in thread: Colin Plumb: "Re: ArcotSign (was Re: Does security depend on hardware?)"

In response to the interest indicated by the discussion on CodherPlunks/cipherpunks
mailing lists, we have put a technical note about the Arcot key container
("software smart card") on our site at:

        http://www.arcot.com/camo2.html

We would appreciate your comments.

This note doesn't tell everything about our method--we *are* developing a
commercial product, after all--but we hope that it will suffice to show
knowledgeable readers our main ideas and convince them that a software key
container that provides protection similar to that of a smart card is in fact
possible.

I should remark that:

- Arcot key protection does not depend on making client-side
  software complicated or on keeping the algorithms secret. It
  depends on making it hard for an attacker to tell when he has
  cracked it, by keeping information that the attacker might use
  to identify the private key out of his reach (such as the
  public key).

- Consequently, there are significant restrictions on the
  situations in which Arcot key protection works. For example:

  - It isn't useful for encryption.
  - It isn't good for stranger-to-stranger authentication.
  - It is good for authenticating yourself to your bank, an
    online merchant with whom you have an account, or to your
    employer.

- Like smartcards, it provides two-factor authentication--you
  need to have the key container and know the password in order
  to authenticate. Its key protection is slightly weaker because
  it is easier to steal (just copy) a card without the theft being
  noticed.

- Of course, the crypto has to be done in software. If your
  application warrants that level of paranoia, then maybe you
  really should be using hardware--but are you sure that your
  smart card is really signing the document you think it
  is? Most commercial applications don't warrant this level
  of paranoia. And hardware costs money.

Regards,

Doug Hoover

• Next message: Colin Plumb: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• Previous message: Bruce Schneier: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• In reply to: bram: "Re: ArcotSign (was Re: Does security depend on hardware?)"
• Next in thread: Colin Plumb: "Re: ArcotSign (was Re: Does security depend on hardware?)"