Tagged: SAM Authentication attempts
Hi, I would like to know if we can limit the maximum number of consecutive failed access attempts by using the SAM_AuthenticateHost. I mean, to let it works as SIM in mobiles when the users enter an invalid PIN.
+ 0 | - 0
It is not clear for me what the use-case is which you are using. Host mode should not be used on target environments.
Please let me explain what the typical use-case for a MIFARE SAM is. First, you have a target system, let say, a card reader terminal on a secured door. This is a “hostile environment”, because it can be wiretapping or attacked by other methods. The SAM makes authentications or encryptions, but the keys are protected inside of the SAM. Even if the authentication is wiretapped, you cannot resolve from plain blocks (which are random bytes) to encrypted blocks to key (and vice versa).
The second environment is the secured office where a SAM is prepared. Here—only here—you go into host mode for changing keys. In host mode you can also change key parameters, for instance allowing dumping etc. This is what you never, never do in a hostile environment. On the reader terminal, there is no need to have host keys for using host mode! Otherwise you can also deal with plain keys.
The TapLinx team
+ 0 | - 0
Viewing 2 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic.