Gambin Dejan wrote:
Thanks Karsten,
The thing is, I am not too much familiar with MUSCLE, we were using
opensc in a project to test smartcard enabled PKI applications so we
need to hold the certificates with the keypair on the card. Also, we
were using javacard based cards because of future needs of building
javacard applications on it. Before the test we have bought a number of
JCOP21id cards but they are not fully supported because of secure
messaging requirement.
Read this:
http://www.inf.tu-dresden.de/~ko189283/MuscleCard/MuscleCardArticle.html
So I just wanted to know if maybe this is supported in Muscle to help me
implement it in opensc or maybe to make me go to Muscle. What are the
main differences between the Muscle and opensc? I have heard Muscle has
some limitations regarding my "cryptograhic needs"? Sorry to bother
you...
http://www.inf.tu-dresden.de/~ko189283/MuscleCard/MCardAppletChanges.html
I don't know how fast you need a solution, but this will be ready in
some time. (The Garbage Collection does not work at the moment, aside
from this everything is functional.)
Look in the section ComputeCrypt to see the supported cipher and
signature algorithms. Also the rest should give an insight what the
applet can do.
Look in the section TODO, where I propose another solution instead the
OpenPlatform Secure Channel protocol.
Elliptic Curves is also still missing. With some time I will include the
code, but I know no card, which supports EC.
But, obey, how much memory does the JCOP21id card have? Does it support
Garbage Collection? Because of the memory limitation it will not be
possible to allow all algorithms.
Karsten
thanks very much
regards
dejan gambin
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Karsten Ohme
Sent: Monday, August 22, 2005 11:14 PM
To: MUSCLE
Subject: Re: [Muscle] JCOP21id with secure messaging support
Gambin Dejan wrote:
Hi,
would like to know if JCOP21id is fully supported by Muscle regarding
the secure messaging/channel requirement? Is this protocol implemented
in Muscle? If it is, where in the code?
No.
I have a number of JCOP21id cards that I need to fully suport.
What is your task?
You want to use the secure channels? What means need? Is the integrity
and confidentiality really important? Is the card user the same like the
card issuer (Else this does not work, because the user has access to the
secret keys of the card issuer and can install untrusted applications.
Aside from this, this means that the user has to enter every time these
secret keys or at least a pass phrase for the encryption of the keys (if
these keys are stored encrypt on a media) (storing this keys in plain
text would violate any idea of this system.) at each computer system. At
the keyboard. In an untrusted environment the system knows the keys and
the whole secure channel system is broken ...)
If you are adept with this technology then you certainly know all the
above things and an adaption of MuscleCard is possible.
Karsten
thanks very much
regards, dejan
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
