I know it, but you can easily write a class implementing the org.globalplatform.SecureChannel interface to mimick the card manager's secure channel, and reuse host-side tools that "talk" this protocol :)
On Fri, Jul 17, 2009 at 3:07 PM, Miller, Timothy J. <[email protected]>wrote: > As I understand it, the symmetric key secured channel is for card > management (e.g., PIN unblock, applet load, key injection, etc.), not for > normal access. > > -- Tim > > > >-----Original Message----- > >From: [email protected] [mailto:muscle- > >[email protected]] On Behalf Of Sébastien Lorquet > >Sent: Friday, July 17, 2009 7:56 AM > >To: MUSCLE > >Subject: Re: [Muscle] Protecting a PIN with keyed hashing? > > > >the muscle applet is for global platform javacards right? > > > >Then about the GP secure channel already implemented > >(org.globalplatform.SecureChannel > >org.globalplatform.GPSystem.getSecureChannel() ) in these cards for > >secure messaging? it provides a mac+tdes encryption. also, writing a > >software implementation is not difficult, if needed (to use other keys > >than SD's ones) > > > >sebastien > > > >ps: the muscle applet also support strong authentication with a > >challenge/response exchange. A 128 bits TDES key can be seen as a 16- > >character PIN, that can be right padded with zeroes or other if needed. > >what do you think of this? > > > _______________________________________________ > Muscle mailing list > [email protected] > http://lists.drizzle.com/mailman/listinfo/muscle > >
_______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
