lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200408040845.27609.lionel.ferette@belnet.be>
Date: Wed, 4 Aug 2004 08:45:21 +0200
From: Lionel Ferette <lionel.ferette@...net.be>
To: vuln@...view.com, full-disclosure@...ts.netsys.com
Cc: bugtraq@...urityfocus.com
Subject: Re: Clear text password exposure in Datakey's tokens and smartcards


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

In the wise words of vuln@...view.com, on Wednesday 04 August 2004 07:08:
> Clear text password exposure in Datakey's tokens and smartcards
[SNIP]

> Cause and Effect:
> =================
> The communication channel between the token and the driver is not
> encrypted. User's PIN can be retrieved using proxy driver or hardware
> sniffer.
Note that this is true for almost all card readers on the market, not only for 
Datakey's. Having worked for companies using crypto smart cards, I have 
conducted a few risk analysis about that. The conclusion has always been that 
if the PIN must be entered from a PC, and the attacker has means to install 
software on the system (through directed viruses, social engineering, etc), 
the game's over.

The only solution against that problem is to have the PIN entered using a 
keypad on the reader. Only then does the cost of an attack raise 
significantly. But that is opening another can of worms, because there is 
(was?) no standard for card readers with attached pin pad (at the time, 
PC/SCv2 wasn't finalised - is it?).

[SNIP]

Cheers,

Lionel

- -- 
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety." -- Benjamin Franklin

Lionel Ferette
BELNET CERT Coordinator

Rue de la Science 4                 Tel: +32 2 7903385
1000 Brussels                       Fax: +32 2 7903375
Belgium                             PGP Key Id: 0x5662FD4B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBEIYGDd3gqVZi/UsRAqEMAKDAISNaTuvH8eH37ER1wSO/zUq22gCgsG9W
PqY79HOMC3f+CWkUQXLPp1E=
=k9PO
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ