RE: [Muscle] Protecting a PIN with keyed hashing?

Fri, 17 Jul 2009 07:01:37 -0700 

Hi Timothy,

"Miller, Timothy J." <[email protected]> wrote:
I presume such a scheme would apply a KDF of some kind to the PIN or PIN + nonce (e.g., PBKDF2 from PKCS#5) in order to derive the symmetric key for this secure channel. This is still subject to simple offline attack because PINs don't have enough entropy on their own, and the nonce would still have to be shared over the insecure channel. I'd also worry about speed of the KDF on the card, but that's probably minor. 

Maybe SRP would be a better solution.

Could you please explain, or provide a reference to what SRP is?

Thank you.

Regards,
Joao



-- Tim



-----Original Message-----
From: [email protected] [mailto:muscle-
[email protected]] On Behalf Of Sébastien Lorquet
Sent: Friday, July 17, 2009 8:17 AM
To: MUSCLE
Subject: Re: [Muscle] Protecting a PIN with keyed hashing?

I know it, but you can easily write a class implementing the
org.globalplatform.SecureChannel interface to mimick the card manager's
secure channel, and reuse host-side tools that "talk" this protocol :)


On Fri, Jul 17, 2009 at 3:07 PM, Miller, Timothy J. <[email protected]>
wrote:


        As I understand it, the symmetric key secured channel is for card
management (e.g., PIN unblock, applet load, key injection, etc.), not
for normal access.

        -- Tim



        >-----Original Message-----
        >From: [email protected] [mailto:muscle-
        >[email protected]] On Behalf Of Sébastien Lorquet
        >Sent: Friday, July 17, 2009 7:56 AM
        >To: MUSCLE
        >Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
        >
        >the muscle applet is for global platform javacards right?
        >
        >Then about the GP secure channel already implemented
        >(org.globalplatform.SecureChannel
        >org.globalplatform.GPSystem.getSecureChannel() ) in these cards
for
        >secure messaging? it provides a mac+tdes encryption. also,
writing a
        >software implementation is not difficult, if needed (to use other
keys
        >than SD's ones)
        >
        >sebastien
        >
        >ps: the muscle applet also support strong authentication with a
        >challenge/response exchange. A 128 bits TDES key can be seen as a
16-
        >character PIN, that can be right padded with zeroes or other if
needed.
        >what do you think of this?



        _______________________________________________
        Muscle mailing list
        [email protected]
        http://lists.drizzle.com/mailman/listinfo/muscle









_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to