[Muscle] Protecting a PIN with keyed hashing?
Ludovic Rousseau
ludovic.rousseau at gmail.com
Fri Jul 17 06:33:02 PDT 2009
2009/7/17 Joao Pedro <countzero at sapo.pt>:
> Hi all,
Hello,
> Recently, I've been wondering about ways to mitigate the problem of the
> PINs, in the Muscle applet, being transmitted in clear text from the
> terminal to the card. The reason is we are seeing more and more wireless
> smart card readers and sniffing is a threat that can not be dismissed.
What wireless smart card readers do you have in mind? I don't know any
wireless readers.
> What do you think of it? Is it stupid/flawed/insecure/reinventing the wheel
> and serves no purpose at all. Or could it be used in real life?
How it is supposed to work with a pinpad reader?
Bye
--
Dr. Ludovic Rousseau
More information about the Muscle
mailing list