access revocation

• poison pill

  • payload in every ADU - may be null
  • tamper-proofed by message auth'n code (MAC)- session key known to sender and smartcards
  • smartcard will not give key unless given 'pill'
  • may be addressed to that smartcard (in the clear)
  • "commit suicide" or "contact sender" flags

• not scalable for bulk revocations

  • need arbitrary receiver sub-group addressing

Previous slide

Next slide

Back to first slide

View graphic version