idcards – WindowsTechs.com

ID Systems Throughout the 50 States

Posted on October 31, 2018 by Bruce Schneier

Jim Harper at CATO has a good survey of state ID systems in the US…. Continue reading ID Systems Throughout the 50 States→

Lessons Learned from the Estonian National ID Security Flaw

Posted on December 18, 2017 by Bruce Schneier

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident: In the future, the infrastructure dependency on one digital identity platform must be decreased,… Continue reading Lessons Learned from the Estonian National ID Security Flaw→

Lessons Learned from the Estonian National ID Security Flaw

Posted on December 18, 2017 by Bruce Schneier

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident: In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be encouraged and promoted. In addition, the update and replacement capacity, both remote and… Continue reading Lessons Learned from the Estonian National ID Security Flaw→

Security Flaw in Infineon Smart Cards and TPMs

Posted on October 17, 2017 by Bruce Schneier

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith’s attack: While all keys generate… Continue reading Security Flaw in Infineon Smart Cards and TPMs→

Security Flaw in Infineon Smart Cards and TPMs

Posted on October 17, 2017 by Bruce Schneier

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes creates public keys that are vulnerable to Coppersmith’s attack: While all keys generated with the library are much weaker than they should be, it’s not currently practical to factorize all of them. For example,… Continue reading Security Flaw in Infineon Smart Cards and TPMs→

Security Flaw in Estonian National ID Card

Posted on September 5, 2017 by Bruce Schneier

We have no idea how bad this really is: On 30 August, an international team of researchers informed the Estonian Information System Authority (RIA) of a vulnerability potentially affecting the digital use of Estonian ID cards. The possible vulnerability affects a total of almost 750,000 ID-cards issued starting from October 2014, including cards issued to e-residents. The ID-cards issued before… Continue reading Security Flaw in Estonian National ID Card→