Thank you for the answers. 2010/9/23 Viktor TARASOV <viktor.tara...@opentrust.com>
> Douglas E. Engert wrote: > > On 9/22/2010 1:04 PM, Felipe Blauth wrote: > > > >> Hello to all. > >> > >> Do you know any way of secure pin while it travels from the computer to > >> the card? > >> > >> More precisely, I have two cryptographic perimeters, one is an HSM, and > >> the other is the Smart Card. > >> The HSM communicates with the Smart Card trough a normal USB reader, > >> using OpensSC and PCSCD. > >> (the HSM runs a freeBSD inside it, so we normally install OpenSC and > PCSCD). > >> > >> The problem here is that the pin needed to log in the Smart Card travels > >> in an insecure way, while it goes trough the wire from the HSM to the > >> Smart Card. > >> > >> I've been trying to create a protocol in which I could make a key > >> agreement before sending the pin, but I didn't find > >> any way to do it without having do log in inside a token (slot -> > token). > >> > >> Any ideas would be very apreciated. > >> > > > > (I assume that a PIN Pad reader is not what you are looking for.) > > > > Look for Secure Messaging. > > > http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-f.aspx > > YOu would have to see if your cards support this. > > > > I have not looked at what support OpenSC has for Secure Messaging. > > > > In the IAS/ECC branch SM is supported for the AuthentIC v3 (Global > Platform SCP01) > and IAS/ECC cards. > > > > >> > >> _______________________________________________ > >> opensc-devel mailing list > >> opensc-devel@lists.opensc-project.org > >> http://www.opensc-project.org/mailman/listinfo/opensc-devel > >> > > > > > > > -- > Viktor Tarasov <viktor.tara...@opentrust.com> > > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel >
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
