Accueil > Blog > The opportunity in security
Blog

The opportunity in security

Week 39, 2010

Now, Dr. Nohl announced he is about to publish details about security issues in the new German ID card, based on the fact many cards share the same secret key. The German ID card is already under pressure from the Chaos Computer Club (cf. SIW #10-38).

Also, he plans to disclose weaknesses in the Navigo card used in public transport in Paris, France, and the Calypso standard it uses. According to Dr. Nohl, Calypso is based on a very old ST chip that runs a symmetric cryptography algorithm, making it a prime target for attacks through obtaining the master key from readers.

Ultimate security is a moving target. A cryptographic system that is secure at a time can become unsecure later on as the means of cryptanalysts improve. Also the issue is the cost of attack related to what is at stake, attacking a government ID credential has a different impact from the ability to generate subway tickets.

Dr. Nohl fully implements General Douglas MacArthur quote “There is no security on this earth, there is only opportunity”

Thierry Spanjaard

Chief Editor

Smart Insights