Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Miller, Timothy J. (tmillermitre.org)
Date: Fri Jul 17 2009 - 08:07:31 CDT
As I understand it, the symmetric key secured channel is for card management (e.g., PIN unblock, applet load, key injection, etc.), not for normal access.
>From: muscle-bounceslists.musclecard.com [mailto:muscle-
>bounceslists.musclecard.com] On Behalf Of Sébastien Lorquet
>Sent: Friday, July 17, 2009 7:56 AM
>Subject: Re: [Muscle] Protecting a PIN with keyed hashing?
>the muscle applet is for global platform javacards right?
>Then about the GP secure channel already implemented
>org.globalplatform.GPSystem.getSecureChannel() ) in these cards for
>secure messaging? it provides a mac+tdes encryption. also, writing a
>software implementation is not difficult, if needed (to use other keys
>than SD's ones)
>ps: the muscle applet also support strong authentication with a
>challenge/response exchange. A 128 bits TDES key can be seen as a 16-
>character PIN, that can be right padded with zeroes or other if needed.
>what do you think of this?
Muscle mailing list
- application/x-pkcs7-signature attachment: smime.p7s