|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joao Pedro (countzero
sapo.pt)
Date: Fri Jul 17 2009 - 08:30:03 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thanks Sébastien and everyone else who is participating!
Sébastien Lorquet <squalylgmail.com> wrote:
> the muscle applet is for global platform javacards right?
>
> Then about the GP secure channel already implemented
> (org.globalplatform.SecureChannel
> org.globalplatform.GPSystem.getSecureChannel() ) in these cards for
> secure messaging? it provides a mac+tdes encryption. also, writing
a
> software implementation is not difficult, if needed (to use other
> keys than SD's ones)
>
I think secure messaging could work well (I'm still trying to
understand all the mechanisms involved in it).
But, if I'm not mistaken, secure messaging involves the existence of
pre-shared keys. They can be symmetric (3DES), or assymetric (RSA) +
Diffie-Hellman parameters to establish the session keys. So, this
could be a bit of a hassle for users? I.e. the middleware would have
to know/generate these keys, etc.
> sebastien
>
> ps: the muscle applet also support strong authentication with a
> challenge/response exchange. A 128 bits TDES key can be seen as a
> 16-character PIN, that can be right padded with zeroes or other if
> needed. what do you think of this?
It's an idea, but what are the security implications of just zero
padding a PIN? It's an honest question :)
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]