Douglas E. Engert wrote: > On 9/22/2010 1:04 PM, Felipe Blauth wrote: > >> Hello to all. >> >> Do you know any way of secure pin while it travels from the computer to >> the card? >> >> More precisely, I have two cryptographic perimeters, one is an HSM, and >> the other is the Smart Card. >> The HSM communicates with the Smart Card trough a normal USB reader, >> using OpensSC and PCSCD. >> (the HSM runs a freeBSD inside it, so we normally install OpenSC and PCSCD). >> >> The problem here is that the pin needed to log in the Smart Card travels >> in an insecure way, while it goes trough the wire from the HSM to the >> Smart Card. >> >> I've been trying to create a protocol in which I could make a key >> agreement before sending the pin, but I didn't find >> any way to do it without having do log in inside a token (slot -> token). >> >> Any ideas would be very apreciated. >> > > (I assume that a PIN Pad reader is not what you are looking for.) > > Look for Secure Messaging. > http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-f.aspx > YOu would have to see if your cards support this. > > I have not looked at what support OpenSC has for Secure Messaging. >
In the IAS/ECC branch SM is supported for the AuthentIC v3 (Global Platform SCP01) and IAS/ECC cards. > >> >> _______________________________________________ >> opensc-devel mailing list >> opensc-devel@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-devel >> > > -- Viktor Tarasov <viktor.tara...@opentrust.com> _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
