Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
[Muscle] INITIALIZE UPDATE & secure channels support
From: Clement Seveillac (clementnist.gov)
Date: Sat Mar 20 2004 - 11:21:27 CST
We would like to experiment smart card scenarios where the client and
the card talk over an insecure channel (e.g. wireless). We are quite
interested in the Secure Channel Protocol '01' defined in GlobalPlatform
(aka Visa OpenPlatform) card specifications  . This protocol
modifies APDUs, using some pre-established symmetric keys on both sides,
to secure the original APDUs with MAC checks and optional encryption.
 some slides: http://www.cs.utexas.edu/users/jurgens/Lectur16.pdf
Unfortunately the Muscle API, which we would like to use, does not seem
to implement (yet?) the necessary instructions for this Secure Channel
Protocol (let's call it SCP 01).
Indeed, SCP 01 flow can be drawn like this:
---SELECT Security Domain------>
and the SCP 01 establishment itself:
---INITIALIZE UPDATE-----------> Key ID + host challenge
<----INITIALIZE UPDATE Response- 'signed' host challenge +
---EXTERNAL AUTHENTICATE-------> Security level (MAC or/and
encryption) + signed card
challenge + MAC
<---EXT AUTHENTICATE Response--- 90 00 if success or 63 00
for failed authentication
Then both sides have keys to check and encrypt/decrypt the encapsulated
and secured APDUs they will now send to each other.
...But the Muscle API v1.3.0 seems to implement only EXTERNAL
AUTHENTICATE for the moment (page 31 of the API doc ), so we only get
one-side authentication and no confidentiality.
 http://tinyurl.com/yw8hk , which points to:
SCP 01 is already used by several Javacard vendors SDK to load applets,
but then you have to use their proprietary code (not often portable) for
this, whereas SCP01 is supposed to be a standard, available not only for
secure Javacard applet loading but for any scenario when you could need
a secure channel...
Could you tell me if you plan or if you would like to implement this
protocol in the Muscle project, or even if I may help implement this?
SCP 01 is pretty well defined in , and the crypto behind it is not
Many thanks in advance,
Muscle mailing list