dcsimg
security ?
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   abghour_noreddine
Posted On:   Saturday, December 29, 2001 10:36 AM

hi all, I 'm using gemplus toolkit for Java Card which is complaint to VISA OP 2.0.1 . But here all the static keys are stored in the a file(card.properties file) as plain text .these keys are required for authentication with the card and loading deleting or doing any operation on the card . Before authentication I have to mention the path of that property file using the following Visa Open Platform API. my questions here are: - What is the security involved if the keys are stored in a file in plain text ? what's the meaning of the mother key for diversification located in the (card.properties) ? (which is declared as folows :    More>>


hi all,


I 'm using gemplus toolkit for Java Card which is complaint to VISA OP 2.0.1 . But here all the static keys

are stored in the a file(card.properties file) as plain text .these keys are required for authentication with

the card and loading deleting or doing any operation on the card .

Before authentication I have to mention the path of that property file using the following Visa Open

Platform API.

my questions here are:

-
What is the security involved if the keys are stored in a file in plain text ?

what's the meaning of the mother key for diversification located in the (card.properties) ?

(which is declared as folows :

diversification = name / mode / parameter for diversification)



Regards,


Noreddine abghour

abghour@laas.fr

   <<Less

Re: security ?

Posted By:   Julien_SIMON  
Posted On:   Monday, January 7, 2002 12:50 AM

This way of storing keys makes sense for a development environment, where you want to be able to update things quickly and where securoty is not an issue. Of course, in the real world, all these keys will be stored securely in the card itself !
About | Sitemap | Contact