Crypto with Epoxy Tokens, Glass Balls and Lasers 265
Anonymous Coward writes "Scientists from MIT and ThingMagic have collaborated and developed an innovative crypto mechanism using epoxy tokens, glass spheres and lasers. They have actually created a physical one-way function that cannot be tampered, copied or faked! The full scoop can be found at MSNBC, and also at Nature, & TOI."
Obvious circumvention scheme (Score:2, Insightful)
A crummy piece of film exposed at the sensor plane, then developed, could be used to get around this. Lay the film on the 2D sensor, and voila - the 2D pattern is duplicated!
Re:Obvious circumvention scheme (Score:2, Insightful)
Impossible to Compromise? (Score:2, Insightful)
how is stealing speckle patterns gonna be any different from stealing credit card numbers from "secure" servers?
Durability? (Score:5, Insightful)
How Big a Problem Is This with Credit Cards? (Score:1, Insightful)
How big of a problem is this with Credit cards though? Don't the problems normally arise when a card is stolen, or accuired under false pretenses? Not that there aren't other applications for it, just the one they gave seems a little weak.
Function that cannot be tampered, copied or faked (Score:3, Insightful)
Not too useful.. (Score:1, Insightful)
So what exactly is new here? (Score:2, Insightful)
I also don't see why this is any different than any other hardware based authentication (RSA tokens, smart cards, etc.) The tokens might be cheaper, but I bet the scanner is not going to be cheap.
And as with most authentication systems the big problem is going to be protocol attacks, not attacks on the cryptography itself. I don't see little glass balls changing this fact.
Yes I'm cynical. But probably with good reason.
Re:Impossible to Compromise? (Score:3, Insightful)
Because stealing the speckle pattern does you no good. You need to create a device that makes that pattern, when light is shone through it and an inaccessible air gap onto a sensor. You can't just lay something on top of the sensor itself because, in any even half-way sensible design, you couldn't get to the sensor itself without disabling the entire reader.
I actually think this idea is extremely clever, but I don't know if I'd consider it a method of encryption. Even if you had an LED grid representing cleartext on one side, so you could read the "ciphertext" speckle pattern on the other side, how do you decrypt that? What kind of resolution, frequency and loss ratio are we talking about? This seems like it might be a really good authentication mechanism, where a known input will only be converted to a known output in the presence of a unforgeable secret, but I don't see how it can work for encryption where the input varies.
Re:Durability? (Score:3, Insightful)
This is similar to the trick they use in CD's. At the metal layer containing the information the light is focused to a few micron. This layer is burried almost a millimeter deep inside the plastic. At the surface the beam has a much larger diameter and tiny scratches are no problem.
Easily Damaged? (Score:3, Insightful)
I'd imagine it'll take a little work to keep these things from getting scuffed or otherwise damaged beyond recognition through regular handling, especially if they end up on your key chain.
Of course, a really sophisitcated system might take that into account, and update the key profile to recognize each key's unique wear and tear.
Still a major flaw in this for 'Smart Cards' (Score:3, Insightful)
A 'smart card' isn't going to stop a pick pocket from theiving your wallet so we're back to square one.
And not to be troll but has this been on
Re:Old Technology, new twist (Score:3, Insightful)
Because the manufacturers are not trying to create pseudo-randomness themselves (invariably according to some algorithm, like creditcard numbers), it really is much harder for blackhats to reverse the one-way function. However, because there are no rules governing what a "valid" key looks like (they're just supposed to be unique), someone could very carefully create a number of these token that are, instead of random, very similar. Because practical implementations of this scheme are likely to scan these keys from pre-determines angles, the amount of difference allowed between these similar keys may be large enough to create "duplicates".
Note that this doesn't mean that blackhats can duplicate your key, but they may be able to create a matching pair and swap yours with theirs in the middle of the night...
Re:Obvious circumvention scheme (Score:2, Insightful)
This is what this technology is meant to prevent. First, you'd need the laser equipment to read the fob to get the dot pattern. Then, to be sure, you'd need to make sure that you illuminate the fob from all sides, since the dot pattern is different depending on where the laser is shown from. Next, you need a fabrication facility to create these crystal fobs (currently not available, I imagine that'll change, too) and finally, you need a boatload of math to figure out what set of microscopic bubbles works together to form the set of dot patterns you scanned previously.
This last bit, the forcing function, if you will, is the clincher. I imagine that the reversal of the dot patterns to a layout of microscopic bubbles in the fob is an f(x) that's particularly difficult to reverse, at least on the order of factoring the product of large primes (if not more difficult).
Possible? Maybe - eventually, certainly. More secure than credit cards? You betcha. Especially since credit card fraud/theft is amazingly low-tech these days
Cheers.
Re:Obvious circumvention scheme (Score:3, Insightful)
Oh wait, what's this? Oh, there's an ARTICLE to read? One which discussed exactly that, and how the laser can be shone through the fob at multiple angles, requiring the correct 3D structure? Hmm.
Re:How Big a Problem Is This with Credit Cards? (Score:3, Insightful)
Intelligence is only a small part of the equation. It is difficult to come up with a very simple solution to a problem that uses technology and manufacturing processes that are years away.
20 years ago, this thing would have had to be about the size of a brick, as beam density, laser accuracy, and manufacturing processes were not advanced enough to create something portable.
For other applications, the dream can drive technology. Weapons systems, space travel, and a utopian society are but a few things that can drive technology to create. A credit card that can't be copied is not a big enough dream to create technology, but it is big enough to take existing technology and innovate.
As for your second point, here's a thought.
The card currently would be useless to stop physical theft, right now. The scheme just relies on the frefraction of light to create patterns. Once you have the card, then Bam, you have the money.
But what if you could arrange these flakes into such a pattern that when light is passed through at a predetermined angle, it provides a composite of the card holder, which will appear on the POS terminal screen. Match the picture with the cardholder, then go ahead. The weakest link falls to the clerk.
-This idea has been released under the GPL. It may be freely distributed or modified under said terms.
Re:Impossible to Compromise? (Score:4, Insightful)
Also, if the connection between a store and the pattern validation server is ever intercepted, a hacker could just save your patterns and re-send them whenever they want to purchase pr0n or something. So I think the original poster was right: this is just like stealing credit card numbers. As long as validation is done by passing around a bunch of digital data, that will always be the point of weakness. Even now, the vast majority of credit card fraud happens not because somebody's magnetic strip gets duplicated, but because somebody's credit card numbers get stolen. It seems like making the physical cards harder to duplicate is barking up the wrong tree.
The only solution I can see is this: There wouldn't be a unique resultant diffraction pattern that gets passed around, but rather a two-way conversation between the validation server and the card reader. The server would ask three random questions of the sort "what pattern is produced when the laser shines from angle 1, what about angle 2, etc. The problem with this is that the validation server would have to know what the right answers are to all of the possible questions, and that creates a problem: either there would be waay too much data stored for each card, or there would only be a limited number of "questions" the server could ask. In the latter case, a thief's computer could just memorize all the answers to the few questions, and produce them without the card whenever the validation server actually asks.
It's in the article (Score:3, Insightful)
I would imagine that since it's the internal structure of the token which determines the output, surface scratches don't have as dramatic an effect.
Re:Old Technology, new twist (Score:2, Insightful)
I think the correct term would be quasirandom. A quasirandom sequence is one that fills a space in a sort of random manner while observing some constraints. For example, when performing a monte carlo integration, you would rather avoid sampling data points that are very close, so a quasirandom sequence can give better convergence. On the other hand (in the case of the integration) you sacrifice the rigorous error estimation that is possible using true pseudorandom numbers.
can we all say:.... (Score:2, Insightful)
couple problems (Score:3, Insightful)
2. uniqueness
Think of it as the bubble patterns is one member of a very-very large set (the "bubble" set) and the laser is a projection or mapping function of this member of the bubble set on to a much smaller "diffraction pattern" set. Since the different laser angles can be used, that's like using different mapping functions.
A verification agency isn't gonna store which member of the bubble set each token is and do a diffraction simulaton with computers everytime the token is scanned, but more likely they will store the one or two projections on to the diffraction pattern set which are created by the one or two reader devices that are marketed. Also the whole diffraction pattern isn't gonna be stored, but just the part of the pattern sampled by the device.
This seems like a much easier problem to solve for the token forgers. All they have to do is make a token that when projected to the one or two sampled diffraction sets stored by the verification agency instead the the infinite possible diffraction patterns of arbitrary precision.
Then you have the uniqueness problem. Since the verification agencies are likely only storing sub-space projections which are finitely sampled, there's the possibility of collisions between two cards. At least with a non-one-way function, you can detect collisions beforehand, now you have to make the card with bubbles and project them to you subspaces and only then discover there's a collision and you have to throw the token away. This also defeats the feature alluded to that you can always use another projection. If you don't check for collisions ahead of time, they will inevitably occur (think of the birthday paradox).
There are fundamental mathematics working against any scheme that depends on low probability of collision. You don't have to duplicate a specific thing, but you hope for a collision (which is duplicating any one of a large set). This of course is much easier to do and is the known as the birthday paradox in probability theory. This has been used as theoretical fodder to break many encryption systems (meets in the middle attacks).
Here's another way to think of it. You have a zillion digit credit card number (token) and you apply a few different hash functions (laser angles) to the number to get a "signature" (diffraction pattern). The only advantage of this technology is that it's hard to duplicate this zillion digit number where most things electronic are easily duplicated. But some of the other "features" don't seem easy to take advantage of.
It's like the phreakers of yesteryear where they just guessed long-distance calling card codes if the set is large enough, collisions are inevitable. That's when companies invented PIN numbers. What it probably means that these tokens will probably end up being only as secure as your 4 digit ATM PIN... Something to think about...
Sometimes when you think outside the box, you realize that the box was green and the grass is really dead out there too...
Missing the point? (Score:3, Insightful)
I am not an optical engineer, but the important part of this is not "you cannot duplicate this token", since that didn't appear to be in anything I read; it's "you cannot duplicate this token _by reading the interference pattern or disassembling/probing inside_", which is a different problem entirely.
I suspect that with sufficiently high-quality materials and production controls, it _is_ possible to duplicate these in the production phase, which then makes it a useful toy; make two of them that have the same interference pattern, and given identical readers, you have a one-time pad that you can use for quite a while. I don't know how they're embedding the glass spheres in the epoxy, but with a finite number of positions for each glass ball in the epoxy (small enough to be useful, large enough to be secure), you might be able to have either coded duplicates (like keys; "2488210366" == "glass balls in pattern X") or a "mold" system where you position the balls identically for a pair of tokens and then destroy the mold, making it impossible to recreate the tokens. Either way has its useful features.
--
SD