[Muscle] GlobalPlatform keys

Daniel Benoy daniel at benoy.name
Tue Jun 16 20:33:17 PDT 2009 

So the card user could put an applet on the card that used up all the
space, and that would be bad for the card issuer?  Are there any other
reasons a business would keep their key secret?

Can you download applet code?  I guess that would be a good reason.

On Wed, 2009-06-17 at 02:40 +0200, Sébastien Lorquet wrote:
> That's not cruel, that's a business and security practice: imagine
> that card free space is sorta "rented" by card owners to application
> providers :-)
> And allowing to install evil applications on already issued cards is
> always a bad thing, even if it cannot harm other on-card
> applications : There's an applet firewall that enforces strict data
> sharing rules, who usually prevent any bit to cross application
> boundaries!
> 
> Sebastien
> 
> On Wed, Jun 17, 2009 at 1:30 AM, Daniel Benoy <daniel at benoy.name>
> wrote:
>         Great, thanks for the reply :)  I've been googling all over,
>         but I
>         couldn't really find an explanation for this basic question.
>          For some
>         reason that baffles me, smart cards aren't popular even among
>         the nerdy
>         community :p
>         
>         So, would I be correct in saying that you get no security
>         benefit from
>         changing the issuer domain key, except that whoever gets your
>         card would
>         be unable to use it for their own stuff?  That actually sounds
>         like a
>         cruel 'feature', to poison the cards against competitors.
>          (Prevent me
>         from wiping out my visa card and installing MuscleCard on it,
>         for
>         example :p)
>         
>         I suppose perhaps there's some hypothetical scenario, though,
>         where
>         someone could secretly take your card, and install some
>         malicious
>         program on it, which stores their pin or otherwise does
>         something
>         tricky...  Hm.
>         
>         
>         On Tue, 2009-06-16 at 23:11 +0200, Sébastien Lorquet wrote:
>         > Hi,
>         >
>         > GP keys are used to manage the card contents, ie add/remove
>         applets
>         > and packages.
>         >
>         > The worst an attacker can do is remove the applet instance
>         along with
>         > its data and reinstanciate it. But data allocated in the
>         applet is
>         > never readable from the outside, otherwise banks would not
>         use chip
>         > credit cards :-)
>         >
>         > You current keys are probably
>         404142434445464748494A4B4C4D4E4F, like
>         > all development cyberflex cards :)
>         > So they're not really secret until you change them using the
>         PUT KEY
>         > command.
>         > but don't forget to write them down somwewhere in a secure
>         place :-)
>         >
>         > In general if the card is for you only, you don't need to
>         change the
>         > security domain keys.
>         >
>         > Regards,
>         > Sebastien
>         >
>         
>         > _______________________________________________
>         > Muscle mailing list
>         > Muscle at lists.musclecard.com
>         > http://lists.drizzle.com/mailman/listinfo/muscle
>         
>         _______________________________________________
>         Muscle mailing list
>         Muscle at lists.musclecard.com
>         http://lists.drizzle.com/mailman/listinfo/muscle
>         
> 
> _______________________________________________
> Muscle mailing list
> Muscle at lists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle

More information about the Muscle mailing list