[Muscle] Protecting a PIN with keyed hashing?
Joao Pedro
countzero at sapo.pt
Fri Jul 17 04:57:18 PDT 2009
Hi all,
Recently, I've been wondering about ways to mitigate the problem of
the PINs, in the Muscle applet, being transmitted in clear text from
the terminal to the card. The reason is we are seeing more and more
wireless smart card readers and sniffing is a threat that can not be
dismissed.
A obvious way would be implementing secure messaging and I think one
should look into it, but that solution requires a bigger effort...
So, what do you think about the idea of protecting PINs in the Muscle
applet using keyed hashing, something along the lines of HMAC-SHA1, or
any other derivative. I think that, in a way, the External
Authentication code in the applet is supposed to do this, but using
keys (DES, 3DES, RSA, etc.).
The idea is the following:
If a user wishes to verify its PIN, instead of just using sending a
INS_VERIFY_PIN APDU with the PIN clear text, the following would happen:
Pre-condition: The card has the PIN stored in clear text.
1. [Terminal] Sends a INS_GET_CHALLENGE message to the card.
2. [Card] Sends a NONCE to the terminal.
3. [Terminal] Computes RT = HMAC-SHA1(PIN, NONCE); sends RT to the card.
4. [Card] Computes RC = HMAC-SHA(PIN, NONCE); RT == RC ? OK : Fail.
What do you think of it? Is it stupid/flawed/insecure/reinventing the
wheel and serves no purpose at all. Or could it be used in real life?
Thank you.
Regards,
Joao
More information about the Muscle
mailing list