Forum › MIFARE SmartCard IC`s › Restrict the Mifare SAM AV3 Authentications if fails › Reply To: Restrict the Mifare SAM AV3 Authentications if fails
Hi Mgruver,
It is not clear for me what the use-case is which you are using. Host mode should not be used on target environments.
Please let me explain what the typical use-case for a MIFARE SAM is. First, you have a target system, let say, a card reader terminal on a secured door. This is a “hostile environment”, because it can be wiretapping or attacked by other methods. The SAM makes authentications or encryptions, but the keys are protected inside of the SAM. Even if the authentication is wiretapped, you cannot resolve from plain blocks (which are random bytes) to encrypted blocks to key (and vice versa).
The second environment is the secured office where a SAM is prepared. Here—only here—you go into host mode for changing keys. In host mode you can also change key parameters, for instance allowing dumping etc. This is what you never, never do in a hostile environment. On the reader terminal, there is no need to have host keys for using host mode! Otherwise you can also deal with plain keys.
Sorry,
The TapLinx team
It is not clear for me what the use-case is which you are using. Host mode should not be used on target environments.
Please let me explain what the typical use-case for a MIFARE SAM is. First, you have a target system, let say, a card reader terminal on a secured door. This is a “hostile environment”, because it can be wiretapping or attacked by other methods. The SAM makes authentications or encryptions, but the keys are protected inside of the SAM. Even if the authentication is wiretapped, you cannot resolve from plain blocks (which are random bytes) to encrypted blocks to key (and vice versa).
The second environment is the secured office where a SAM is prepared. Here—only here—you go into host mode for changing keys. In host mode you can also change key parameters, for instance allowing dumping etc. This is what you never, never do in a hostile environment. On the reader terminal, there is no need to have host keys for using host mode! Otherwise you can also deal with plain keys.
Sorry,
The TapLinx team
+ 0
|
- 0