Innovative and Flawed MintChip Challenge by The Royal Canadian Mint

Sunday, 22 April, 2012

Innovative and Flawed MintChip Challenge by The Royal Canadian Mint

It is refreshing to see the Royal Canadian Mint (RCM) innovatively create and launch the MintChip Challenge to solicit ideas, software apps submissions and discussions from the public. At the same time, I find it very troubling to see the core security basis of the MintChip system has not been released for public review and discussion. In fact, here is the official RCM line in this forum discussion thread,

While we appreciate your interest in the physical chip’s trusted hardware, public-key infrastructure and encryption methods, we are not in a position to release that information at this time.

Well “… not in a position to release that information …”, really? I can appreciate the “coolness” in seeing interesting apps and use cases, but security has to be the foundation of MintChip and other similar products, without a properly reviewed, fully inspected, time-tested cryptographic system as a solid foundation, the rest of the “cool apps” & interesting use cases will not be of use to anyone.

I’ve been a long time reader of security industry expert Bruce Schneier’s ideas and ground breaking book Applied Cryptography (1995) out of curiosity and interest. Bruce wrote this insightful warning signs “Snake Oil” post in 1999

The problem with bad security is that it looks just like good security. You can’t tell the difference by looking at the finished product. Both make the same security claims; both have the same functionality. Both might even use the same algorithms: triple-DES, 1024-bit RSA, etc. Both might use the same protocols, implement the same standards, and have been endorsed by the same industry groups. Yet one is secure and the other is insecure.

Many cryptographers have likened this situation to the pharmaceutical industry before regulation. The parallels are many: vendors can make any claims they want, consumers don’t have the expertise to judge the accuracy of those claims, and there’s no real liability on the part of the vendors (read the license you agree to when you buy a software security product).”

After rereading the listed nine snake-oil warning signs, I get very uncomfortable when I see these words in the MintChip Challenge,

“Using innovative technology, for which the Mint has prototypes and five patents pending, MintChip uses a secure chip to hold electronic value and a protocol to transfer it from one chip to another.

What are in these “prototypes”? How are they tested and verified? How much of the crypto system are kept in these pending patents and how much will remain part of the “trade secrets”? Security through obscurity is a very bad idea.

Of course, in the minds of RCM, they may think the $52,000+ MintChip Challenge prize money is totally worthwhile in exchange of the hundreds of developers’ time and effort. At the same time, if project MintChip fail due to flawed security in the crypto system, the credibility of Royal Canadian Mint will unfortunately be tarnished. So the price is the $52K and the Mint’s reputation!

I urge the Royal Canadian Mint to publish the technical details of the MintChip cryptographic system and invite the security community to properly review and inspect the whole system to ensure it has a solid foundation to avoid wasting people’s time and, more importantly, maintain the Mint‘s hard earned credibility.

MintChipChallenge promo video

[HT Dwayne L in the discussion thread for the link to Bruce's "Snake Oil"]

2012 Special-Purpose Hardware for Attacking Cryptographic Systems Conference

Saturday, 31 March, 2012

If you are interested in understanding more about cryptographic systems, you may be interested in the ~200 pages presentations from the 2012 SHARCS (Special-Purpose Hardware for Attacking Cryptographic Systems) conference downloadable online. [HT Bruce]

Lockheed Martin’s networks breached by hackers using counterfeit RSA SecurID electronic keys

Saturday, 28 May, 2011

- PC World, “Lockheed-Martin Attack Signals New Era of Cyber Espionage

- CNN, “Lockheed Martin detects ‘significant’ attack on information network

- CNet, “Report: Major weapons makers see networks breached by hackers

- Bloomberg, “U.S. Government Offers Lockheed Assistance After ‘Tenacious’ Cyber Attack

- AFP, “Lockheed Martin confirms attack on its IT network

- CBC, “Lockheed Martin hit by cyberattack

NOTE: Here is a March 2011 CNet background story, “What the RSA breach means for you (FAQ)

Schneier’s Law

Saturday, 16 April, 2011

Something fun about cryptography. Enjoy.

“Schneier’s Law”

by Bruce Schneier on Friday, April 15, 2011 at 12:45pm

Back in 1998, I wrote:

Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.

In 2004, Cory Doctorow called this Schneier’s law:

…what I think of as Schneier’s Law: “any person can invent a security system so clever that she or he can’t think of how to break it.” Read the rest of this entry »

CUHK Bioencryption – Just storage, no encryption?

Sunday, 30 January, 2011

It was interesting to read about a team of students and their advisors from Chinese University of Hong Kong (CUHK) School of Life Sciences won gold with their bioencryption project (see more news) at the International Genetically Engineered Machine (iGEM) 2010 competition organized by the Massachusetts Institute of Technology (MIT).

While the team has certainly made some interesting progress, security technologist and author Bruce Schneier has questions about the team’s “bioencryption” claims (emphasis),

Why can’t bacteria be hacked? If the storage system is attached to a network, it’s just as vulnerable as anything else attached to a network. And if it’s disconnected from any network, then it’s just as secure as anything else disconnected from a network. The problem the U.S. diplomats had was authorized access to the WikiLeaks cables by someone who decided to leak them. No cryptography helps against that.

And Bruce even started his article with, “The article talks about how secure it is, and the students even coined the term “bioencryption,” but I don’t see any encryption. It’s just storage.

I can’t find a full technical paper to read but after reading the above press reports and the team’s iGEM project description, project principle, and project results, I have to say, like Bruce, I also don’t see any encryption and it looks like just storage to me.

And reading scientist’s quotes like the following in popular press,

Bacteria can’t be hacked. All kinds of computers are vulnerable to electrical failures or data theft. But bacteria are immune from cyber attacks. You can safeguard the information.

just don’t exactly give me confidence that the scientist fully appreciate/understand computer security/cryptography.

I don’t mean to be too critical of some of the CUHK team’s achievements. I think they have done well. At the same time, I think it is very important for serious scientists to know the limits of their scientific claims and don’t overextend without proper justified support.

Of course, I might be wrong, and it will be wonderful if someone can explain to me what I missed so that I can learn and understand. If I am mistaken, it will be my pleasure to correct this article.

The Price of RIM averting BlackBerry ban in UAE

Saturday, 9 October, 2010

On the surface, it seems nice that RIM averts BlackBerry ban in UAE. For those who actually knows more about security like Bruce Schneier, here he talked about the possible price RIM might have paid in detriment to RIM users’ secure communications. Have a read of this telling excerpt,

“Am I missing something here? RIM isn’t providing a file storage service, where user-encrypted data is stored on its servers. RIM is providing a communications service. While the data is encrypted between RIM’s servers and the BlackBerrys, it has to be encrypted by RIM — so RIM has access to the plaintext.

In any case, RIM has already demonstrated that it has the technical ability to address the UAE’s concerns. Like the apocryphal story about Churchill and Lady Astor, all that’s left is to agree on a price.”

Without transparency of the compromises made, reading the following gives me no additional confidence of RIM’s “promise”,

“In a response to news of the agreement with the UAE, a RIM spokesperson e-mailed CNET the following statement dated today:

RIM cannot discuss the details of confidential regulatory matters that occur in specific countries, but RIM confirms that it continues to approach lawful access matters internationally within the framework of core principles that were publicly communicated by RIM on August 12.””

The following excerpted opinion makes sense to me,

“I’m actually sympathetic to the need for government to engage in surveillance where appropriate. But even if you think you can trust the government not to abuse this access—and I don’t think you can—backdoors in systems like RIM’s Blackberry e-mail may become available to other parties, including criminal enterprises.”

Wiretapping the Internet

Monday, 4 October, 2010

Here is an excerpt from Bruce Schneier’s insightful article “Wiretapping the Internet” (emphasis added),

“Surveillance infrastructure is easy to export. Once surveillance capabilities are built into Skype or Gmail or your BlackBerry, it’s easy for more totalitarian countries to demand the same access; after all, the technical work has already been done.

Western companies such as Siemens, Nokia and Secure Computing built Iran’s surveillance infrastructure, and U.S. companies like L-1 Identity Solutions helped build China’s electronic police state. The next generation of worldwide citizen control will be paid for by countries like the United States.

We should be embarrassed to export eavesdropping capabilities. Secure, surveillance-free systems protect the lives of people in totalitarian countries around the world. They allow people to exchange ideas even when the government wants to limit free exchange. They power citizen journalism, political movements and social change. For example, Twitter’s anonymity saved the lives of Iranian dissidents — anonymity that many governments want to eliminate.

Yes, communications technologies are used by both the good guys and the bad guys. But the good guys far outnumber the bad guys, and it’s far more valuable to make sure they’re secure than it is to cripple them on the off chance it might help catch a bad guy. It’s like the FBI demanding that no automobiles drive above 50 mph, so they can more easily pursue getaway cars. It might or might not work — but, regardless, the cost to society of the resulting slowdown would be enormous.”

Sergey Brin on Google’s China decision @ TED

Sunday, 28 February, 2010

First time I heard a little more discussion about the China situation.

Sergey Brin on Google’s China decision @ TED

TED BLOG EXCLUSIVE: Onstage at TED2010, TED curator Chris Anderson interviews Google’s Sergey Brin about the company’s recent statement on China. (Recorded at TED2010, in Long Beach, California, February 2010. Duration: 8:24.)

Eurocard Mastercard Visa “chip and PIN” credit card payment system is broken

Tuesday, 16 February, 2010

For my own information later, I want to make a note and remember Eurocard Mastercard Visa (EMV) “chip and PIN” credit card payment system is broken.

1) [HT Schneier] – Man-in-the-Middle Attack Against Chip and PIN

2) UK BBC – New flaws in chip and pin system revealed (with video)

3) Telegraph – Chip and pin should be overhauled to protect millions of bank customers

4) The Register – Chip and PIN security busted – UnVerified by PIN attack undermines bank security assurances

5) SECURITY THREATS TOOLKIT – Chip and PIN is broken, say researchers

Quantum Cryptography Cracked

Wednesday, 30 December, 2009

Interesting “Quantum Cryptography Cracked“.

GSM Mobile phone security cracked, says German hacker

Tuesday, 29 December, 2009

UK Guardian is reporting (emphasis added),

A German computer scientist has cracked the codes used to encrypt calls made from more than 80% of the world’s mobile phones.

Karsten Nohl [K: Nohl's U of Virginia page] and his team of 24 hackers began working on the security algorithm for GSM (Global System for Mobiles) in August.

[...] Nohl claims that armed with the code, which has been published online, and a laptop with two network cards, an eavesdropper could be recording phone calls within 15 minutes.

“This shows that existing GSM security is inadequate,” Nohl told the Chaos Communication Congress, an international annual meeting of hackers taking place in Berlin this week.

Nohl insisted that he had deciphered the code to force the global telecommunications industry to upgrade its security.

Nohl told the Guardian that important negotiations involving politicians or business leaders could easily be intercepted and they should invest in further encryption software to protect their privacy. “If there is anything secret going on using GSM, this should be of concern.”

More report in NYT and The Register.

Anyone who cares about our communication security based on Cryptography should know that the only way to keep our communication secure is to conduct open and active research in the field where weakness and problems are dealt with in a prompt and appropriate manner. Security through obscurity is NOT an option, and if I were less diplomatic, I would say it is plain stupid to rely our treasured security on obscurity.

Download this: LESSONS FROM THE IDENTITY TRAIL – Anonymity, Privacy and Identity in a Networked Society

Sunday, 19 April, 2009

You can download and read the following book here.

******* Intro excerpt *******


Anonymity, Privacy and Identity in a Networked Society

Edited by:

Ian Kerr
Valerie Steeves
Carole Lucock

During the past decade, rapid developments in information and communications technology have transformed key social, commercial, and political realities. Within that same time period, working at something less than Internet speed, much of the academic and policy debate arising from these new and emerging technologies has been fragmented. There have been few examples of interdisciplinary dialogue about the importance and impact of anonymity and privacy in a networked society. Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society fills that gap, and examines key questions about anonymity, privacy, and identity in an environment that increasingly automates the collection of personal information and relies upon surveillance to promote private and public sector goals.

This book has been informed by the results of a multi-million dollar research project that has brought together a distinguished array of philosophers, ethicists, feminists, cognitive scientists, lawyers, cryptographers, engineers, policy analysts, government policy makers, and privacy experts. Working collaboratively over a four-year period and participating in an iterative process designed to maximize the potential for interdisciplinary discussion and feedback through a series of workshops and peer review, the authors have integrated crucial public policy themes with the most recent research outcomes.

The book is available for download under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 Canada License by chapter below. Hard copies are available for purchase at Amazon & at Oxford University Press.

‘Unbreakable’ quantum encryption in action

Monday, 13 October, 2008

BBC News is reporting ‘Unbreakable’ encryption unveiled. Here is an excerpt (emphasis added),

The basic idea of quantum cryptography was worked out 25 years ago by Charles Bennett of IBM and Gilles Brassard of Montreal University, who was in Vienna to see the network in action.

“All quantum security schemes are based on the Heisenberg Uncertainty Principle, on the fact that you cannot measure quantum information without disturbing it,” he explained.

“Because of that, one can have a communications channel between two users on which it’s impossible to eavesdrop without creating a disturbance. An eavesdropper would create a mark on it. That was the key idea.

In practice this means using the ultimate quantum objects: photons, the “atoms of light”. Incredibly faint beams of light equating to single photons fired a million times a second raced between the nodes in the Vienna network.

Each node, housed in a different Siemens office (Siemens has provided the fibre links), contains a small rack of electronics – boxes about the size of a PC – and a handful of sensitive light detectors.

Numerical key

From the detected photons, a totally secret numerical key can be distilled, which encodes the users’ data much like the keys used in normal computer networks do.

Read the rest of this entry »

Links for 2007-11-30

Friday, 30 November, 2007
  1. Meric Kara at the research centre of Benetton
  2. Why judicial independence matters?
  3. Mind Games: FREDA. Focus, Reinvention, Execution, Delivery and Accountability.
  4. TiVo To Enter the Canadian Market – with interesting comment from a reader
  5. IEEE Spectrum: Internet Censorship: As Bad As You Thought It Was [via RConversation]

University Cryptography Course Online (with video)

Tuesday, 27 November, 2007

The 2006 University of Washington course “Practical Aspects of Modern Cryptography” (with video of lectures) is still online and providing some good and relevant information. [via Bruce Schneier]

P.S. The instructors recommend Handbook of Applied Cryptography (all chapters downloadable).

Bruce Schneier Q&A at DefCon 15

Friday, 12 October, 2007

Bruce Schneier is one of the world best experts in security and cryptography. Here is Bruce’s Q&A at DefCon 15. [via Bruce]

Bruce starts by talking about his interview with Kip Hawley, head of the US Transportation Security Administration. And he talks about how he flies without ID to the conference (thought experiment: if you lost your id while traveling to, say PEI, are you going to be forced to stay there until you get your id?) Great Talk.

Privacy by design in the post-9/11 world

Wednesday, 10 October, 2007

[via Office of the Privacy Commissioner]

Dr. Ann Cavoukian, the Ontario Information and Privacy Commissioner, recently spoke to the Computer Science Club at the University of Waterloo. (video available in several formats) … and her speech is receiving favourable attention online …

I highly recommend watching Dr. Cavoukian’s speech in our post-9/11 world. Especially in light of what I read from a friend’s posting, which is not uncommon thinking these days,

So, let’s all just take a deep breath and say “Privacy is dead.” So if you don’t want the world to know that you did something – just don’t do it in the first place.

We should not give up our privacy easily without some proper understanding of what some of the potential solutions are. And definitely not without a fight.

Discussed concepts/tools/sites:

King of Infinite Space – the man who saved geometry

Friday, 6 April, 2007

I attended a great lecture at U. of Toronto with the passionate and insightful Donald Coxeter when he was merely 83 years young years ago. By some people, Prof. Coxeter was known as the man who saved geometry. Here are excerpts from the Boston Globe article (K: emphasis, comments and links mine),

We owe a lot to geometry, however. Geometric algorithms generate the aerodynamic curves of Mercedes-Benz sedans and Boeing aircraft, make possible computer-animated films such as Pixar’s “The Incredibles,” and power the data-mining technology used by to find patterns in massive amounts of raw information. Geometry governs in things small (the molecular structure of pharmaceuticals [and proteins]) and large (the shape of our universe). [...]

[Coxeter ] was muse to artist M.C. Escher, famous for works like “Ascending and Descending,” [K: I love Reltivity] a seemingly precarious building of stairs winding in an infinite loop. Coxeter and Escher became friends in the 1950s, and the mathematician’s work assisted the artist in his quest to convincingly capture the concept of infinity. (Escher was known to say, “I’m Coxetering today!”) It was a unique collaboration, since Escher, who had no mathematical background, drew entirely from Coxeter’s geometric diagrams for inspiration, referring to the accompanying equations as Coxeter’s “hocus-pocus math.”

Deep down to my core, I am a romantic man. I believe there are things that are beautiful for their own sakes and should be pursued. Sometimes, if by chance and imagination, we may even find some great use of them. But lets not short chain ourselves and stop learning if we don’t see immediate use on things (in math and fundamental sciences).

Below is an article (click to zoom) in the Spring 2007 issue of University of Toronto Magazine for your enjoyment. (I hope no copyright lawyer will be talking to me about this. (smile))


RFID chip in passport is probably a very bad idea

Saturday, 16 September, 2006

Bruce Schneier is one of top cryptographer and computer security specialists in the world. Bruce’s Applied Cryptography is a popular and widely regarded reference work for cryptography and the book I personally used and highly recommend.

Today, Bruce wrote an article in the Washington Post entitled “The ID Chip You Don’t Want in Your Passport” and I think every citizens in the world should pay attention to it. I have known about the RFID problem in passport for a while and it is great to have an expert like Bruce to write this article for the general public to express the concern of him, many other security specialists and technology geeks like me.

“RFID stands for “radio-frequency identification.” Passports with RFID chips store an electronic copy of the passport information: your name, a digitized picture, etc. And in the future, the chip might store fingerprints or digital visas from various countries.

By itself, this is no problem. But RFID chips don’t have to be plugged in to a reader to operate. Like the chips used for automatic toll collection on roads or automatic fare collection on subways, these chips operate via proximity. The risk to you is the possibility of surreptitious access: Your passport information might be read without your knowledge or consent by a government trying to track your movements, a criminal trying to steal your identity or someone just curious about your citizenship.”

“The shielding does no good when the passport is open. Travel abroad and you’ll notice how often you have to show your passport: at hotels, banks, Internet cafes. Anyone intent on harvesting passport data could set up a reader at one of those places. And although the State Department insists that the chip can be read only by a reader that is inches away, the chips have been read from many feet away.”

“Many other countries are in the process of changing over. So get a passport before it’s too late. With your new passport you can wait another 10 years for an RFID passport, when the technology will be more mature, when we will have a better understanding of the security risks and when there will be other technologies we can use to cut the risks. You don’t want to be a guinea pig on this one.”

IMHO, this is quite bad for US citizens needing passport. I wonder what is the Canadian situation? May be it is time to call up our MPs to express our concerns or call the passport offices to find out. Here is an Wikipedia entry on e-passport (or Biometric passport).


Get every new post delivered to your Inbox.

Join 656 other followers

%d bloggers like this: