Re: [Muscle] is there some methods to unblock the key setofCyberflex 64k v2 smart card?

Wed, 27 Feb 2008 19:26:49 -0800 

At 10:07 28/02/2008 +0800, you wrote:
Actually I see no reason why a card could not be rest to the default key set and empty state. If all data is zeroed out, nothing should happen. But maybe there a some security problems I do not see. or the manufacturer wants to earn more money. 

?!? and what is a default ket-set ??????

Every Security Domain have one or more Key sets, which are used to manage
the the Security Domain, such as loading applets, creating instance.

For details, please see the documensts of Global Platform



Thanks ! I think I know very well these specifications.
Consequently I can say that the concept of "default key" does not exist.
May be you mean the "default key-set" used when the Initialize Update is issued w/o /key-Set Version/ indicator, it's not exactly the same. OOH, the card domain may be locked, not a key-set, meaning that the number of available key-sets or the version (index) of the one used during invalid / incomplete secure channel opening attempts is not relevant.
you really want a GP card to reset all its internal protection to a dummy 000...000 key when one try to attack it ? you really want your credit card to reset its PIN to '0000' after 3 invalid verif. attempts ? 
humm, hopefully nobody introduces such "feature" in the spec.
btw, if you're using a test card (and I can not imagine that we did manage a key ceremony with Axalto) the keys are likely to be 7071...7F, 6061..6F, 8081..8F and are very likely present in the first pages of your user guide (or dev. datasheet); normal use will so never lock the Card Domain. 

I do not know if there is a test card. Where can i buy a test card?
"test cards" simply means card issued w/o key agreement between you and a personalization bureau. they contains /well known/ keys for immediate use but all security features are present and enabled.
test cards are available from customer services of most of card manufacturers, some of them provide an online shop (merchant web site) where you can order them. 

Sylvain.


_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to