Replying to Avatar Garbage nsec

I'm all for dunking on Prada, but that's probably not a bad use case for one of those PoA chains. There are multiple competing luxury brands on it I'm guessing, they trust each other to a degree, but the volume, legal stuff and whatnot mean you need a single source of truth and immutability after approval. So blockchain probably beats the headache of trying to manage everyone's access in some multi-tenancy cloud database environment.

The way those secure NFC tags (the ones inside the bag) are resistant to cloning is also kinda neat.

But yeah, in spirit it's obviously a multi-tenancy private database, that goes without saying.
Avatar
semisol 6mo ago

Or you can just use PKI or a database

Reply to this note

Please Login to reply.

Discussion

Avatar
semisol 6mo ago

Almost all of these systems that I have worked with either fall into symmetric or PKI.

For symmetric, this would be products like the NTAG 424 DNA, they are pretty cheap at <$0.3/tag, how they work is they encrypt a challenge value with a key. Then the client sends this to a server which also has the key and it tells you “this is legit”.

Of course with some anti-replay and key diversification

On PKI systems, these cost $1/tag, you issue a certificate to the chip. Then it can sign challenge messages. The benefit is that you can put other logic as well and validate these online, alongside stronger protection.

But PKI is usually extremely application-specific.