Nick, I am somewhat puzzled by your response. Do you assert that a software based solution, executed on a general purpose CPU under a general purpose OS, can afford the same protection of whatever the secret in question may be as a hardware token, such as a smartcard? A hardware token lacking the very API to extract the secret through software based attacks? If so, could you please share with us the revolutionary breakthrough in computer science that negates the effect of decompilers and runtime debuggers on Arcot's software? Furthermore, how do you consolidate the claim on Arcot's website that "ArcotSignTM [...] offers [hardware solution] tamper resistance in software" with the statement by Arcot's very own cryptographic advisor, Bruce Schneier, that "Of course. It's less secure than hardware solutions". Perhaps I have worked in this industry for too long to fully adjust to the novel genius displayed in "virtual one-time pads", "virtual smartcards", and "virtual security". Thanks, --Lucky Green <shamrock@netcom.com> PGP 5.x encrypted email preferred

-----Original Message----- From: owner-cryptography@c2.net [mailto:owner-cryptography@c2.net]On Behalf Of Nick Szabo Sent: Monday, September 21, 1998 18:31 To: rdl@MIT.EDU; scott@loftesness.com Cc: cryptography@c2.net; libtech@lists.best.com Subject: Re: ArcotSign (was Re: Does security depend on hardware?)

I have consulted at both DigiCash and Arcot. I am still under nondisclosure to Arcot, so I can't answer any questions about this that go beyond the publicly available information. Arcot has recently made available on their public web site "Software Smart Cards via Cryptographc Camouflage", at http://www.arcot.com/camo2.html. At the end of this paper is referenced Rivest's "Chaffing and Winnowing" paper. These give a good overview of how such a technology can work, and the scope of its application.

Nick Szabo szabo@best.com http://www.best.com/~szabo/