Encrypted contactless data transmission?
|
View:
New views
10 Messages
—
Rating Filter:
Alert me
|
 |
Encrypted contactless data transmission?
by Linux User-11
::
Rate this Message:
Hello All,
When a contactless smart card transmits data stored on a smart card to a contactless smart card reader, is the wireless communication between the card and the reader encrypted? --- Thanks, "Max" _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Burak Ilgicioglu
::
Rate this Message:
Depends on the application design. Encrypted transmission is possible, but in the contactless world, transaction speed is the most important factor to consider.
On Wed, Sep 23, 2009 at 11:52 AM, Linux User <linux@...> wrote: Hello All, -- Burak ILGICIOGLU Marie von Ebner-Eschenbach - "Even a stopped clock is right twice a day." _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Linux User-11
::
Rate this Message:
On Wed September 23 2009 03:03:35 Burak Ilgicioglu wrote:
> Depends on the application design. Encrypted transmission is possible, but > in the contactless world, transaction speed is the most important factor to > consider. > > On Wed, Sep 23, 2009 at 11:52 AM, Linux User <linux@...> wrote: > > Hello All, > > > > When a contactless smart card transmits data stored on a smart card to a > > contactless smart card reader, is the wireless communication between the > > card > > and the reader encrypted? > > --- > > Thanks, > > "Max" > > _______________________________________________ > > Muscle mailing list > > Muscle@... > > http://lists.drizzle.com/mailman/listinfo/muscle Thank you for that reply. As an end user and not a developer, how can I determine if the wireless communication between the card and reader are encrypted? --- Thanks, "Max" _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Andreas Jellinghaus-2
::
Rate this Message:
Am Mittwoch 23 September 2009 10:52:52 schrieb Linux User:
> When a contactless smart card transmits data stored on a smart card to a > contactless smart card reader, is the wireless communication between the > card and the reader encrypted? yes and no - if you setup encryption first and send commands using the encrypted channel: yes.if you don't (e.g. because the code was written for normal cards in normal readers without the need for encryption): no. Regards, Andreas _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Andreas Jellinghaus-2
::
Rate this Message:
Am Mittwoch 23 September 2009 11:19:26 schrieb Linux User:
> Thank you for that reply. > > As an end user and not a developer, how can I determine if the wireless > communication between the card and reader are encrypted? enable debugging, so you see each packet going forth and back,and sit down with the developer APDU manual and lookup each packet to see what it does. yes, that is hard and time-consuming, but there is no easier way I guess. Andreas _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Linux User-11
::
Rate this Message:
On Wed September 23 2009 02:52:52 Linux User wrote:
> Hello All, > > When a contactless smart card transmits data stored on a smart card to a > contactless smart card reader, is the wireless communication between the > card and the reader encrypted? > --- > Thanks, > "Max" I should have mentioned that my question was from the perspective of an end user, not a developer. I'm sorry for that omission; I did not realize this list was so developer-centric. ---- Thanks, "Max" _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Burak Ilgicioglu
::
Rate this Message:
>From the end user's perspective, it's almost impossible to identify if a transmission is encrypted or not. You must be able to sniff the transmission between card and the reader and then you must have the ability to decode it, which takes you out of the end user category if you can do these stuff.
user, not a developer. I'm sorry for that omission; I did not realize this -- Burak ILGICIOGLU Marie von Ebner-Eschenbach - "Even a stopped clock is right twice a day." _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Andreas Jellinghaus-2
::
Rate this Message:
Am Mittwoch 23 September 2009 12:09:49 schrieb Linux User:
> I should have mentioned that my question was from the perspective of an end > user, not a developer. I'm sorry for that omission; I did not realize this > list was so developer-centric. thats perfectly fine, user questions are very welcome here. but as free software developer I'm not used to say what someone can or cannot do - but rather point out how easy or difficult something would be. we all used to be only users, till at some point we said "it can't be that hard" and got into trying out things, little changes or modifications at first, and thus got on the road to be able to not only use things, but improve them too. Regards, Andreas _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Ludovic Rousseau
::
Rate this Message:
Hello,
2009/9/23 Linux User <linux@...>: > When a contactless smart card transmits data stored on a smart card to a > contactless smart card reader, is the wireless communication between the card > and the reader encrypted? What is your threat model? What do you want to avoid and why? You can have a look at Mifare [1]. You should define what exactly is "contactless" for you. Many smart card technologies are contactless but are different. See [2]. [1] http://en.wikipedia.org/wiki/MIFARE [2] http://en.wikipedia.org/wiki/Radio-frequency_identification -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
|
|
Re: Encrypted contactless data transmission?
by Linux User-11
::
Rate this Message:
On Wed September 23 2009 06:40:00 Ludovic Rousseau wrote:
> Hello, > > 2009/9/23 Linux User <linux@...>: > > When a contactless smart card transmits data stored on a smart card to a > > contactless smart card reader, is the wireless communication between the > > card and the reader encrypted? > > What is your threat model? > What do you want to avoid and why? I should mention first that my questions are from an end user perspective, not as a developer. I have not yet had any experience using smart cards, and am struggling to learn basic information about using smart cards before I buy a smart card reader. I want to use only already existing i586 and x86_64 Linux software to solve my problem, without modifying the software or writing any software. I do not know if the scenario below is possible, or if I selected the correct tool for the job when I chose contactless smart cards. My description below is my best guess at how to achieve the goal stated immediately below. In simple, overview terms, I need to protect the data on a laptop from being accessed by anyone who is not me, in case the laptop is stolen or I die before I can destroy the data. I want to protect the confidentiality of the data stored on a laptop, ensure that in any case only I can access the data stored on the laptop, and do so using a method that is secure, fast, and convenient to use. If it is possible, I want to: * Use an encrypted filesystem to ensure data stored on a laptop hard drive remains confidential. * I want to securely store the password for the encrypted filesystem in a contactless smart card in such a manner that the smart card would be useless to an unauthorized person in physical possession of the smart card, for the purpose of decrypting the data stored on the laptop. * I want to position the contactless smart card within 10 cm of a contactless smart card reader connected to the laptop, without any physical connection between the smart card and the smart card reader or the laptop; then I want the LAPTOP to immediately and automatically execute the following actions such that it appears to me as a single step: the password on the smart card is wirelessly transmitted to the laptop, the password is automatically used to log into the laptop, the password automatically functions as the decryption key for the encrypted filesystem, and automatically the laptop decrypts the encrypted filesystem on the laptop. * I want to prevent the filesystem decryption key from being sniffed as it travels wirelessly from the contactless smart card to the contactless smart card reader; or, I want any sniffed data to be completely useless, jumbled nonsense. > You can have a look at Mifare [1]. The MIFARE DESFire EV1seems to fit my application. I am still quite ignorant about smart cards, so I do not really know if the MIFARE DESFire EV1 is appropriate for solving my problem. > You should define what exactly is "contactless" for you. Many smart > card technologies are contactless but are different. See [2]. contactless = usage of a smart card that transmits data via radio waves to a smart card reader for a distance of up to 10 cm, and never physically touches the smart card reader. > [1] http://en.wikipedia.org/wiki/MIFARE > [2] http://en.wikipedia.org/wiki/Radio-frequency_identification Thank you for those references and your assistance. --- "Max" _______________________________________________ Muscle mailing list Muscle@... http://lists.drizzle.com/mailman/listinfo/muscle |
| Free embeddable forum powered by Nabble | Forum Help |
