From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WmNmd-0008Dk-P4 for bitcoin-development@lists.sourceforge.net; Mon, 19 May 2014 13:39:15 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of midnightdesign.ws designates 50.87.144.70 as permitted sender) client-ip=50.87.144.70; envelope-from=boydb@midnightdesign.ws; helo=gator3054.hostgator.com; Received: from gator3054.hostgator.com ([50.87.144.70]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1WmNmc-0004d1-3G for bitcoin-development@lists.sourceforge.net; Mon, 19 May 2014 13:39:15 +0000 Received: from [209.85.215.45] (port=60577 helo=mail-la0-f45.google.com) by gator3054.hostgator.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.82) (envelope-from ) id 1WmNH9-0007H7-IA for bitcoin-development@lists.sourceforge.net; Mon, 19 May 2014 08:06:43 -0500 Received: by mail-la0-f45.google.com with SMTP id gl10so4088520lab.32 for ; Mon, 19 May 2014 06:06:40 -0700 (PDT) X-Gm-Message-State: ALoCoQmAJ1GyRVDQyEx5AEINfCT2VRoMm1CcK6eTH/bpUwOweBhGzeXzbgJS/+nhpdp+0H86UHmE MIME-Version: 1.0 X-Received: by 10.152.87.52 with SMTP id u20mr2307035laz.52.1400504800881; Mon, 19 May 2014 06:06:40 -0700 (PDT) Received: by 10.152.47.50 with HTTP; Mon, 19 May 2014 06:06:40 -0700 (PDT) In-Reply-To: References: <5377892C.8080402@gmail.com> Date: Mon, 19 May 2014 08:06:40 -0500 Message-ID: From: Brooks Boyd To: Bitcoin Dev Content-Type: text/plain; charset=ISO-8859-1 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - gator3054.hostgator.com X-AntiAbuse: Original Domain - lists.sourceforge.net X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - midnightdesign.ws X-BWhitelist: no X-Source-IP: 209.85.215.45 X-Exim-ID: 1WmNH9-0007H7-IA X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (mail-la0-f45.google.com) [209.85.215.45]:60577 X-Source-Auth: midnight X-Email-Count: 1 X-Source-Cap: bWlkbmlnaHQ7bWlkbmlnaHQ7Z2F0b3IzMDU0Lmhvc3RnYXRvci5jb20= X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1WmNmc-0004d1-3G Subject: Re: [Bitcoin-development] Paper Currency X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2014 13:39:16 -0000 >> 2014-05-18 13:14 GMT+01:00 Andreas Schildbach : >> One problem we couldn't figure out here though - how to protect the >> notes from unauthorized redeem. Like if someone else tries to reach your >> wallet with his own NFC - how can we distinguish between deliberate >> redeem by owner and fraudulent redeem by anybody else with custom built >> long range NFC antenna? Any ideas? >> >> I think you'd need multiple factors to protect against that attack. Like >> encrypting with a key that is printed on the note as an QR code. > >On Sun, May 18, 2014 at 7:51 AM, Alex Kotenko wrote: > > Yes, but it must not sacrifice usability. It's paper money, people are used to it and they have rather high standard of expectations in this area. Any usbility sacrifices in this area result into failure of the whole thing. > > Best regards, > Alex Kotenko One thought I had reading through this exchange: I think the general public is becoming more aware of the "hacker with a long range antenna" sort of attack, since credit cards are getting microchips that can be scanned. There's a few videos I've seen of white hat hackers demonstrating how a suitcase-sized apparatus carried by someone walking down the street can scan and make charges on cards in people's pockets as the attacker brushes past. Hence RFID-blocking sleeves/wallets are on the market, such that your smart credit card can't make a purchase while its in your wallet. Is a RFID-blocking wallet also NFC-blocking? Irregardless of whatever "future cash" you choose to carry (be it credit card or bitcoin card/coin/cash), perhaps its the wallet/purse that needs an upgrade, to ensure your money doesn't spend itself while its in your pocket, but you can easily remove it and spend it conveniently? Brooks