Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [Muscle] NIST Services
From: Scott Guthery (sgutherymobile-mind.com)
Date: Tue Apr 12 2005 - 12:51:32 CDT
1) In the ISO/IEC 24727 WG4/TF9 effort we've explictly stated that the
work product is independent of transport protocols.
2) Furthermore, AFAIK none of the ISO/IEC 7816 standards speak to any
properties of the processor nor are there any ISO test methods that
speak to physical security of integrated circuit cards. This is neither
a NIST position nor a US position. It's simply a reading of the
documents on the table.
3) And, yes, it is strange that an industry that claims it is all about
security has done virtually nothing when it comes to defining it or
measuring it or standardizing it. When it comes to these supposedly
core matters about all we hear is "It's all very complicated and
confidential. You'll just have to trust me."
4) Part 4 in the ISO/IEC 24727 series is chartered to address end-to-end
security in the ISO/IEC 24727 framework.
[mailto:muscle-bounceslists.musclecard.com] On Behalf Of Peter Williams
Sent: Tuesday, April 12, 2005 1:31 PM
Subject: RE: [Muscle] NIST Services
> -----Original Message-----
> From: muscle-bounceslists.musclecard.com [mailto:muscle-
> bounceslists.musclecard.com] On Behalf Of Scott Guthery
> Sent: Tuesday, April 12, 2005 9:30 AM
> To: MUSCLE
> Cc: home_pwmsn.com; anders.rundgrentelia.com
> Subject: RE: [Muscle] NIST Services
> NIST/PIV has nothing whatsoever to do with physical transmission or
> the physicality of the platform. You can run it on a USB token, a
> PCMCIA token, a harddisk, a TPM, a cell-phone or a tom-tom.
That's interesting. So in the NIST vision (i.e. US position to ISO), one
can ping the TPM as a PIV device, and transfer the keying material to a
soft cryptomodule, like a harddrive. And the transfer format is a
PKCS#12 file, or something similar.
Presumably, the TPM will have multiple personalities - the PIV set
(which facilitate key export and mobility of "personal id" information
between form factors, and other sets that identify you otherwise for non
PIV purposes (e.g. DRM enforcement, evidentiary purposes, crypto export
control enforcement per login, etc). There will be a distinction between
id information that you have privacy rights over (the PIV set), and
other identification data that is "non-personal" and you probably wont
really know even exist.
When I talked to Wave at the RSA Show, they were singularly unable to
articulate how the fixed motherboard TPM would interact with the
smartcard/mobile-device: as a cooperating peer, and as a secure channel
partner. They just went on and on about the usual HP Bristol Labs
integrity metrics stuff for controlling what particular users might do
with a software platform (i.e. the Personal Computer). Viewing the PIV
as a common interface, with mobility and roaming properties, and as the
linkup between the TPM and one or other mobile token (that is not a TPM)
is an interesting concept.
Still doesn't address the end-end security problem tho., one PIV device
to another, with some degree of writer-to-reader security suited to
personal id information flow. If the PIV is on a near field device,
users don't want the RFID personal privacy problem - where any other
local NF terminal can scan your existence and presence, usefully, and
possibly pull your data. There has to be PIV-PIV authentication -
independent of the mobile form factor - and some W3C-like privacy
handling scheme for then controlling the automatic release of personal
data items, to authenticated peers.
Muscle mailing list
Muscle mailing list