Re: Information on Arcot for two-factor software strong authentication

Bill Stewart (bill.stewart@pobox.com)
Mon, 01 Mar 1999 23:06:57 -0800

• Next message: Dave Del Torto: "Re: Information on Arcot for two-factor software strong authentication"
• Previous message: Vin McLellan: "Re: RSA Test"
• Next in thread: Sameer Parekh: "Re: Information on Arcot for two-factor software strong authentication"
• Reply: Sameer Parekh: "Re: Information on Arcot for two-factor software strong authentication"
• Reply: Ge' Weijers: "Re: Information on Arcot for two-factor software strong authentication"

At 02:36 PM 3/1/99 -0800, Sameer Parekh wrote:
>> who wanted to clarify that while it's not the same security as a
>> crypto smartcard, it is basically as secure as a memory smartcard,
>
> Which it is, of course, not.

It's at least a better argument. A memory smartcard is pretty much
at the mercy of any computer you plug it in to, just like a floppy
with a hunk of software on it (or data for the software).
You can clone memory cards, and unless they're doing some sort of
read-only, you can write them.

On the other hand, memory smartcards just barely deserve the name smartcard;
anything with processing in it has some chance of defending itself,
which the Arcot software stuff doesn't.
                                Thanks!
                                        Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639

• Next message: Dave Del Torto: "Re: Information on Arcot for two-factor software strong authentication"
• Previous message: Vin McLellan: "Re: RSA Test"
• Next in thread: Sameer Parekh: "Re: Information on Arcot for two-factor software strong authentication"
• Reply: Sameer Parekh: "Re: Information on Arcot for two-factor software strong authentication"
• Reply: Ge' Weijers: "Re: Information on Arcot for two-factor software strong authentication"