Thou shalt have no other gods before the ANSI C standard 1449

Hank Oredson

You picked a very important example. In continuance of that topic let us observe that a very important possibility arose a few years ago in connection with the security of monetary "plastic"credit-debut cards. One solution to the widespread theft of credit info from the retail chain is to provide derivative credit instruments that are only valid for a limited period of time or for a limited audience. This is exactly analogous to session keys that are derived from a superior, longer-term main key.

The technique involves creating a sequence of derivative credit card numbers which can be traced (billed) back to the main number without revealing that number. The derivative CC numbers can be limited to a single transaction, a single vendor, or a short period of time, such as a vaction.

Now this technique help solve the problem of credit-identify theft because it allows a customer to provide less useful information in order to perform a purchase.

But it alao allows for a new form of theft. A thief in posession of basic id info and a main creditcard number could create a fake derivative credit card number. Such parasitic or vampire numbers could be created without possession of the main credit card. Ie., rather than stealing the credit card from the mail box the thief only has to obtain the information from it. Or the thief can obtain the informaiton anytime the main card is used to make a purchase.

Clearly there are crypto implications for the derivation process. But just as clearly there are software implications in that the necessarily more complex system of multi-level credit card numbers provides more opportunity for exploits against the system than the simpler legacy system.

Will the users care? No. That's an invariant. Will the vendors care? Probably not. After all they only have to limit their losses rather than eliminate them. So as long as the new technology keeps them "enough" ahead of the adversaries they will adopt it.

From this perspective the security field is something like an arms race. Stability is only available by dint of constant running in place. And that equilibrium will occasionally be punctuated by technical failures of the security system or technical breakthroughs of the attackers. The goal of good security should be to eliminate the former and mitigate the potential downside of the latter.

tj3