RE: [Muscle] Protecting a PIN with keyed hashing?

Fri, 17 Jul 2009 06:33:10 -0700 

I presume such a scheme would apply a KDF of some kind to the PIN or PIN + 
nonce (e.g., PBKDF2 from PKCS#5) in order to derive the symmetric key for this 
secure channel.  This is still subject to simple offline attack because PINs 
don't have enough entropy on their own, and the nonce would still have to be 
shared over the insecure channel.  I'd also worry about speed of the KDF on the 
card, but that's probably minor.

Maybe SRP would be a better solution.

-- Tim


>-----Original Message-----
>From: [email protected] [mailto:muscle-
>[email protected]] On Behalf Of Sébastien Lorquet
>Sent: Friday, July 17, 2009 8:17 AM
>To: MUSCLE
>Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>
>I know it, but you can easily write a class implementing the
>org.globalplatform.SecureChannel interface to mimick the card manager's
>secure channel, and reuse host-side tools that "talk" this protocol :)
>
>
>On Fri, Jul 17, 2009 at 3:07 PM, Miller, Timothy J. <[email protected]>
>wrote:
>
>
>       As I understand it, the symmetric key secured channel is for card
>management (e.g., PIN unblock, applet load, key injection, etc.), not
>for normal access.
>
>       -- Tim
>
>
>
>       >-----Original Message-----
>       >From: [email protected] [mailto:muscle-
>       >[email protected]] On Behalf Of Sébastien Lorquet
>       >Sent: Friday, July 17, 2009 7:56 AM
>       >To: MUSCLE
>       >Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>       >
>       >the muscle applet is for global platform javacards right?
>       >
>       >Then about the GP secure channel already implemented
>       >(org.globalplatform.SecureChannel
>       >org.globalplatform.GPSystem.getSecureChannel() ) in these cards
>for
>       >secure messaging? it provides a mac+tdes encryption. also,
>writing a
>       >software implementation is not difficult, if needed (to use other
>keys
>       >than SD's ones)
>       >
>       >sebastien
>       >
>       >ps: the muscle applet also support strong authentication with a
>       >challenge/response exchange. A 128 bits TDES key can be seen as a
>16-
>       >character PIN, that can be right padded with zeroes or other if
>needed.
>       >what do you think of this?
>
>
>
>       _______________________________________________
>       Muscle mailing list
>       [email protected]
>       http://lists.drizzle.com/mailman/listinfo/muscle
>
>
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to