[Muscle] Protecting a PIN with keyed hashing?

Joao Pedro countzero at sapo.pt
Fri Jul 17 07:00:55 PDT 2009 

Hi Timothy,

"Miller, Timothy J." <tmiller at mitre.org> wrote:

> I presume such a scheme would apply a KDF of some kind to the PIN or  
> PIN + nonce (e.g., PBKDF2 from PKCS#5) in order to derive the  
> symmetric key for this secure channel.  This is still subject to  
> simple offline attack because PINs don't have enough entropy on  
> their own, and the nonce would still have to be shared over the  
> insecure channel.  I'd also worry about speed of the KDF on the  
> card, but that's probably minor.
>
> Maybe SRP would be a better solution.
Could you please explain, or provide a reference to what SRP is?

Thank you.

Regards,
Joao

>
> -- Tim
>
>
>> -----Original Message-----
>> From: muscle-bounces at lists.musclecard.com [mailto:muscle-
>> bounces at lists.musclecard.com] On Behalf Of Sébastien Lorquet
>> Sent: Friday, July 17, 2009 8:17 AM
>> To: MUSCLE
>> Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>>
>> I know it, but you can easily write a class implementing the
>> org.globalplatform.SecureChannel interface to mimick the card manager's
>> secure channel, and reuse host-side tools that "talk" this protocol :)
>>
>>
>> On Fri, Jul 17, 2009 at 3:07 PM, Miller, Timothy J. <tmiller at mitre.org>
>> wrote:
>>
>>
>> 	As I understand it, the symmetric key secured channel is for card
>> management (e.g., PIN unblock, applet load, key injection, etc.), not
>> for normal access.
>>
>> 	-- Tim
>>
>>
>>
>> 	>-----Original Message-----
>> 	>From: muscle-bounces at lists.musclecard.com [mailto:muscle-
>> 	>bounces at lists.musclecard.com] On Behalf Of Sébastien Lorquet
>> 	>Sent: Friday, July 17, 2009 7:56 AM
>> 	>To: MUSCLE
>> 	>Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>> 	>
>> 	>the muscle applet is for global platform javacards right?
>> 	>
>> 	>Then about the GP secure channel already implemented
>> 	>(org.globalplatform.SecureChannel
>> 	>org.globalplatform.GPSystem.getSecureChannel() ) in these cards
>> for
>> 	>secure messaging? it provides a mac+tdes encryption. also,
>> writing a
>> 	>software implementation is not difficult, if needed (to use other
>> keys
>> 	>than SD's ones)
>> 	>
>> 	>sebastien
>> 	>
>> 	>ps: the muscle applet also support strong authentication with a
>> 	>challenge/response exchange. A 128 bits TDES key can be seen as a
>> 16-
>> 	>character PIN, that can be right padded with zeroes or other if
>> needed.
>> 	>what do you think of this?
>>
>>
>>
>> 	_______________________________________________
>> 	Muscle mailing list
>> 	Muscle at lists.musclecard.com
>> 	http://lists.drizzle.com/mailman/listinfo/muscle
>>
>>
>>
>
>

More information about the Muscle mailing list