[Muscle] Protecting a PIN with keyed hashing?

Joao Pedro countzero at sapo.pt
Fri Jul 17 05:31:02 PDT 2009 

Replying to myself here to leave a note:

This mechanism if susceptible to offline attacks, i.e. if an attacker  
can sniff the challenge and response messages, he/she can try to brute  
force the PIN.

The level of protection offered by this mechanism is directly related  
with the strength of the PIN, e.g. a PIN like '1234' would be quickly  
cracked - so a strong password should be selected as the PIN. This, of  
course, would cause problems with numeric only pinpad readers...

Joao Pedro <countzero at sapo.pt> wrote:

> Hi all,
>
> Recently, I've been wondering about ways to mitigate the problem of  
> the PINs, in the Muscle applet, being transmitted in clear text from  
> the terminal to the card. The reason is we are seeing more and more  
> wireless smart card readers and sniffing is a threat that can not be  
> dismissed.
>
> A obvious way would be implementing secure messaging and I think one  
> should look into it, but that solution requires a bigger effort...
>
> So, what do you think about the idea of protecting PINs in the  
> Muscle applet using keyed hashing, something along the lines of  
> HMAC-SHA1, or any other derivative. I think that, in a way, the  
> External Authentication code in the applet is supposed to do this,  
> but using keys (DES, 3DES, RSA, etc.).
>
> The idea is the following:
>
> If a user wishes to verify its PIN, instead of just using sending a  
> INS_VERIFY_PIN APDU with the PIN clear text, the following would  
> happen:
>
> Pre-condition: The card has the PIN stored in clear text.
>
> 1. [Terminal] Sends a INS_GET_CHALLENGE message to the card.
> 2. [Card] Sends a NONCE to the terminal.
> 3. [Terminal] Computes RT = HMAC-SHA1(PIN, NONCE); sends RT to the card.
> 4. [Card] Computes RC = HMAC-SHA(PIN, NONCE); RT == RC ? OK : Fail.
>
> What do you think of it? Is it stupid/flawed/insecure/reinventing  
> the wheel and serves no purpose at all. Or could it be used in real  
> life?
>
> Thank you.
>
> Regards,
> Joao
>
> _______________________________________________
> Muscle mailing list
> Muscle at lists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>

More information about the Muscle mailing list