[Muscle] Protecting a PIN with keyed hashing?
Miller, Timothy J.
tmiller at mitre.org
Fri Jul 17 06:07:31 PDT 2009
As I understand it, the symmetric key secured channel is for card management (e.g., PIN unblock, applet load, key injection, etc.), not for normal access.
-- Tim
>-----Original Message-----
>From: muscle-bounces at lists.musclecard.com [mailto:muscle-
>bounces at lists.musclecard.com] On Behalf Of Sébastien Lorquet
>Sent: Friday, July 17, 2009 7:56 AM
>To: MUSCLE
>Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>
>the muscle applet is for global platform javacards right?
>
>Then about the GP secure channel already implemented
>(org.globalplatform.SecureChannel
>org.globalplatform.GPSystem.getSecureChannel() ) in these cards for
>secure messaging? it provides a mac+tdes encryption. also, writing a
>software implementation is not difficult, if needed (to use other keys
>than SD's ones)
>
>sebastien
>
>ps: the muscle applet also support strong authentication with a
>challenge/response exchange. A 128 bits TDES key can be seen as a 16-
>character PIN, that can be right padded with zeroes or other if needed.
>what do you think of this?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3510 bytes
Desc: not available
Url : http://lists.drizzle.com/pipermail/muscle/attachments/20090717/47e7009a/smime.bin
More information about the Muscle
mailing list