Innovative and Flawed MintChip Challenge by The Royal Canadian Mint

Sunday, 22 April, 2012

Innovative and Flawed MintChip Challenge by The Royal Canadian Mint

It is refreshing to see the Royal Canadian Mint (RCM) innovatively create and launch the MintChip Challenge to solicit ideas, software apps submissions and discussions from the public. At the same time, I find it very troubling to see the core security basis of the MintChip system has not been released for public review and discussion. In fact, here is the official RCM line in this forum discussion thread,

While we appreciate your interest in the physical chip’s trusted hardware, public-key infrastructure and encryption methods, we are not in a position to release that information at this time.

Well “… not in a position to release that information …”, really? I can appreciate the “coolness” in seeing interesting apps and use cases, but security has to be the foundation of MintChip and other similar products, without a properly reviewed, fully inspected, time-tested cryptographic system as a solid foundation, the rest of the “cool apps” & interesting use cases will not be of use to anyone.

I’ve been a long time reader of security industry expert Bruce Schneier’s ideas and ground breaking book Applied Cryptography (1995) out of curiosity and interest. Bruce wrote this insightful warning signs “Snake Oil” post in 1999

The problem with bad security is that it looks just like good security. You can’t tell the difference by looking at the finished product. Both make the same security claims; both have the same functionality. Both might even use the same algorithms: triple-DES, 1024-bit RSA, etc. Both might use the same protocols, implement the same standards, and have been endorsed by the same industry groups. Yet one is secure and the other is insecure.

Many cryptographers have likened this situation to the pharmaceutical industry before regulation. The parallels are many: vendors can make any claims they want, consumers don’t have the expertise to judge the accuracy of those claims, and there’s no real liability on the part of the vendors (read the license you agree to when you buy a software security product).”

After rereading the listed nine snake-oil warning signs, I get very uncomfortable when I see these words in the MintChip Challenge,

“Using innovative technology, for which the Mint has prototypes and five patents pending, MintChip uses a secure chip to hold electronic value and a protocol to transfer it from one chip to another.

What are in these “prototypes”? How are they tested and verified? How much of the crypto system are kept in these pending patents and how much will remain part of the “trade secrets”? Security through obscurity is a very bad idea.

Of course, in the minds of RCM, they may think the $52,000+ MintChip Challenge prize money is totally worthwhile in exchange of the hundreds of developers’ time and effort. At the same time, if project MintChip fail due to flawed security in the crypto system, the credibility of Royal Canadian Mint will unfortunately be tarnished. So the price is the $52K and the Mint’s reputation!

I urge the Royal Canadian Mint to publish the technical details of the MintChip cryptographic system and invite the security community to properly review and inspect the whole system to ensure it has a solid foundation to avoid wasting people’s time and, more importantly, maintain the Mint‘s hard earned credibility.

MintChipChallenge promo video

[HT Dwayne L in the discussion thread for the link to Bruce's "Snake Oil"]

iPhone Tracking Discussion – iPhone keeps record of everywhere you go in secret file

Wednesday, 20 April, 2011

iPhone Tracking Discussion

Have a read of “Researchers raise privacy concerns over location tracking in Apple’s iOS 4” for more info. See also: an earlier article here, CNet “Your iPhone’s watching you. Should you care? (FAQ)“.

Schneier’s Law

Saturday, 16 April, 2011

Something fun about cryptography. Enjoy.

“Schneier’s Law”

by Bruce Schneier on Friday, April 15, 2011 at 12:45pm

Back in 1998, I wrote:

Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.

In 2004, Cory Doctorow called this Schneier’s law:

…what I think of as Schneier’s Law: “any person can invent a security system so clever that she or he can’t think of how to break it.” Read the rest of this entry »

Secrets of Bank of Canada’s new plastic money: An advance look of 12 possible security features

Friday, 11 March, 2011

Nov 17th update:  Happy to say I finally got a chance to play with my new Canada polymer C$100 bill (with video).
June 20, 2011 Update: Today (June 20th), the Bank of Canada actually shows us the new polymer $100 notes. I’ve more coverage and technical analysis (with video) here in “Canada New Polymer $100 Notes in Nov 2011 – Now your money is smooth & will bounce!


The Bank of Canada today (March 11, 2011) announced that it will begin circulating new polymer (plastic) banknotes starting with $100 in Nov 2011 ($50 in Mar 2012, $20, $10, and $5 notes to be issued by end of 2013). Publicly, BoC has NOT disclosed what security features will be deployed in these polymer banknotes. But basing on research using publicly available information, I will try to give you an advance look of 12 **possible** security features in the new Canadian polymer money.

Clues that lead to the “secret”/unannounced 12 possible security features

I know Hong Kong has issued polymer $10 note (in fact I have one in my hand) and some googling lead me to the interesting HKU technical note “Ten-dollar polymer note: Polymer currency technology” (pdf) and the HK government info about the $10 note (pdf). Here is an excerpt from the tech note,

“Different polymer substrates are available for manufacturing purposes, but the one used in printing banknotes is unique and is not commercially available. Hong Kong is using the polymer type called Guardian®, and they are made from polymer biaxially-oriented polypropylene (BOPP).”

From Guardian®, I then found that it is made by Securency International. And if I had known what to look, I would have found BoC actually stated this in its backgrounder: the polymer substrate will be supplied by Securency International.

Bank of Canada’s new polymer banknote uses Securency International polymer substrate

An advance look

I want to be clear that the following are 12 security features of Securency International‘s Guardian substrate. Since I don’t think Securency make any other polymer substrate, therefore logically BoC must be using Guardian so these 12 security features are all possible/available to BoC.

Here are the 12 possible security features with emphasis added. Since I don’t have the costs associated with these features and I don’t have any inside knowledge whatsoever, I am only taking some wild guesses and base my comments on what I see in the HK$10 note (about less than C$2).

[March 11th, 2011 Update: I did some more research and added this article, "Bank of Canada’s new polymer banknote – Patents & technologies by Securency International".]

12 **possible** security features of Canada’s new polymer money

1. LATITUDE™ (link to pix) [Kempton: likely, especially on higher value banknote like $100]


“LATITUDE™ is an optically variable device (OVD) that is integrated into the transparent window area of the substrate and allows for design freedom, which enhances the security of the banknote. Through tilting the banknote, multiple images and optical effects are observed. “

2. WinTHRU® (Complex Window) (link to pix) [K: very likely, it is very easy for users to identify a fake]


The ability to create transparent areas (or clear and complete windows) is a prime security feature within Guardian® substrate. Including a clear area in a banknote has proven to virtually eliminate the problem of the ‘casual counterfeiter’, who tries to copy or scan banknotes on readily available reprographic equipment (like colour copiers and scanners) [... more ...]“

3. WinDOE® (Diffractive Optical Element) (link to pix) [K: don't see why not?]

“The WinDOE® (Diffractive Optical Element) is a holographic structure applied to the surface of the clear window. When collimated light such as a distant point light source passes through the WinDOE®, it is transformed by the WinDOE® structure into a recognisable pattern (image) by the process of diffraction. The user can view the image in two ways. By holding the WinDOE® up to the eye and looking directly at a distant point source the user will see the image appear in space between the note and the light source. The appearance of the image will depend on the light source used. [... more ...]“

4. G-switch® (Dynamic optical colour shift) [K: Hmmm, why not?]

“G-switch® is a dynamic optical feature that changes colour when tilted under a light source. Read the rest of this entry »

Reconceptualizing Security – Bruce Schneier @ TEDxPSU

Friday, 29 October, 2010

Bruce Schneier (wikipedia bio) talking about reconceptualizing security @ TEDxPSU. Bruce is an insightful man that knows a lot about security. [HT Bruce]

Security researchers intercepted cell phone calls & hacked ATMs

Saturday, 31 July, 2010

Two security researchers demoed vulnerabilities with worldwide implications on stage,

- Hacker shows how he can intercept cell phone calls with $1,500 device

- Researcher shows how to hack ATMs with “Dillinger” tool. Update: Also check out these two articles. [HT Bruce Schneier]

Remotely Spying on Kids with School Laptops

Wednesday, 24 February, 2010

An excerpt from an insightful blog entry from Bruce Schneier “Remotely Spying on Kids with School Laptops“,

“It’s a really creepy story. A school issues laptops to students, and then remotely and surreptitiously turns on the camera. (Here’s the lawsuit.)” [note: read more from Bruce's entry]

GSM Mobile phone security cracked, says German hacker

Tuesday, 29 December, 2009

UK Guardian is reporting (emphasis added),

A German computer scientist has cracked the codes used to encrypt calls made from more than 80% of the world’s mobile phones.

Karsten Nohl [K: Nohl's U of Virginia page] and his team of 24 hackers began working on the security algorithm for GSM (Global System for Mobiles) in August.

[...] Nohl claims that armed with the code, which has been published online, and a laptop with two network cards, an eavesdropper could be recording phone calls within 15 minutes.

“This shows that existing GSM security is inadequate,” Nohl told the Chaos Communication Congress, an international annual meeting of hackers taking place in Berlin this week.

Nohl insisted that he had deciphered the code to force the global telecommunications industry to upgrade its security.

Nohl told the Guardian that important negotiations involving politicians or business leaders could easily be intercepted and they should invest in further encryption software to protect their privacy. “If there is anything secret going on using GSM, this should be of concern.”

More report in NYT and The Register.

Anyone who cares about our communication security based on Cryptography should know that the only way to keep our communication secure is to conduct open and active research in the field where weakness and problems are dealt with in a prompt and appropriate manner. Security through obscurity is NOT an option, and if I were less diplomatic, I would say it is plain stupid to rely our treasured security on obscurity.


Get every new post delivered to your Inbox.

Join 656 other followers

%d bloggers like this: