[Muscle] GlobalPlatform keys

Michael StJohns mstjohns at comcast.net
Wed Jun 17 09:40:46 PDT 2009 

At 09:12 AM 6/17/2009, Daniel Benoy wrote:
>On Wed, 2009-06-17 at 00:11 -0400, Michael StJohns wrote:
>> At 11:33 PM 6/16/2009, Daniel Benoy wrote:
>> >So the card user could put an applet on the card that used up all the
>> >space, and that would be bad for the card issuer?  Are there any other
>> >reasons a business would keep their key secret?
>> 
>> Say you insert your card into a hacked machine.  Hacked machine erases your company's applet and your keys.  Card is useless.  Hacked machine "TERMINATES" your card (see GlobalPlatform specs).  Card is useless.
>> 
>> You start hacking on the card and accidentally delete the company applet and your cert - company has to go through the process of re-issuing which is time and money.
>
>If the card is in your possession, you can render it useless in more
>direct ways.

Yup - but bending/breaking it is generally more of an acceptable failure mode and figured into the cost of operations.  Having someone come in with a hacked card tends to be a red flag to most companies - as in why was he hacking on this and was he trying to break into company systems?


>> 
>> You claim the card is lost - company reissues you a new one, but you erase and repurpose the card.
>
>I guess that one makes sense.
>
>> 
>> 100 unissued cards are stolen from the company locker and erased, sold and repurposed.
>
>Those would probably have the default key on them.

Go read the Global Platform life cycle discussions.  What would generally be in stock are non-personalized cards with the applets the company had placed on there by the card provider - a specific card profile if you will.  At this point the card would be locked and the only thing the issuer would be talking to is the specific applets (rather than the card management applet).  So no, no default key.  C.f. the US DOD CAC card for example.  Or various smart cards provided by VARs.


>> 
>> The keys are a way of locking the card to the issuers purpose.  They impose policy on the end user that the end user can't defeat.  
>
>I guess that makes sense.

More information about the Muscle mailing list