Closed aki8 closed 6 years ago
Protocol: Implement the Provision of User PIN (atleast 6 digit) for using card such that every moment the card is connected it will ask for PIN. There should be a separate Master PIN hard-coded which is allowed to change only after its verification. Only 3 attempts of wrong user PIN entry is allowed and thereafter the card should be permanently locked which could reset the user only with Master PIN in single attempt. Applet shall not allow setting of Any PIN unless the Master PIN is verified After successful verification of the User PIN only, the Applet should process any APDU Master PIN should be used for resetting the user PIN only and not for applet usage
There can be various solution to implement the authentication such that PAKE is one of the options. We have been taught the same. We can make use of PIN based authentication prior to key agreement between user and App. Further, PIN can be 4 digits and max trials can be kept as 3 , however , PIN will be user prompted and not hardcoded.
Thus, this is partially related to #10. Regarding authentication, there will be the following basic states
The PIN APDUs will be in plaintext for now.
Ok , This seems to be a possible solutions
Finalized Authentication Protocol: (Two PINs: Master PIN & User PIN)
Note: As of now, the plaintext PIN data shall be used in the respective APDUs. But it would be better if some standard authentication protocols like PAKE, ECDH etc. be used for PIN authentication/verification.
Ok, now it seems to be prefect solution
Added Verification of User PIN and Master PIN Added Setting of New User PIN @McCio please check the same and improve if required
Now it should be improved as much as possible, also with heavy testing.
Only thing that is missing, as per original protocol idea, is the setting of the PINs during installation.
Added tests for same
User and Master Pin verification alongwith tests is updated as above. So, the issue seems to be resolved and worth closing.
Implement an authentication protocol to make sure user is correctly authorized and safely authenticated in card usage. A safe solution could include PIN usage.