Comments on: Understanding the DNIe, Part I : Device Authentication

By: Understanding the DNIe, Part III: Hashing and signing « Limited Entropy Dot Com

Tue, 27 Apr 2010 16:46:02 +0000

[...] I come with yet another post about the DNIe. In the previous posts, we have seen how the device authentication procedure works and how to use the resulting keys to perform secure messaging. Now it's time to see [...]

By: Understanding the DNIe, Part II : Secure Messaging « Limited Entropy Dot Com

Mon, 12 Apr 2010 00:56:48 +0000

[...] go a little further in our way to understand the way the DNIe works. In my previous post I talked about the device authentication procedure and today I'll talk about what happens next, how [...]

By: Felipe

Felipe — Sun, 21 Mar 2010 11:23:03 +0000

Thanks for the article.

I’m trying to use DNIe for starting session (Gnome, KDE, ssh, …)
Any suggestion about how to do it? I’ve found some documentation, but up to now, it has no worked.
I use opensuse 11.2 and Kubuntu 9.04.

Thanks

By: Login with SmartCard - openSUSE Forums

[...] [...]

By: KaR]V[aN

KaR]V[aN — Sun, 07 Mar 2010 22:38:46 +0000

Seems to be pretty secure… I think.

Great article, can’t wait for next one.

By: vierito5

vierito5 — Sat, 06 Mar 2010 00:35:25 +0000

Great post! I can’t wait for further posts about DNIe and its implementation.

I hope this comment it’s not caught again by Akismet’s jaws

By: Eloi Sanfèlix

Eloi Sanfèlix — Thu, 04 Mar 2010 18:24:39 +0000

@Alvaro yes, that’s right. The IFD has its own 1024 bit RSA key pair, with a card verifiable certificate signed by the CA of the DNIe.

AFAICT both linux and OS X versions of the drivers use the same certificate, which leads me to believe that ALL computers will use the same public/private key pair.

So it’s not very useful as an authentication mechanism actually…and I initially thought it would not be useful for protecting the privacy and integrity of the secure channel but now I think it actually is unless you hook the RNG of the driver and are able to discover the 32 byte random number the IFD picks.

I’d have to look more into it, but my current feeling is that eavesdropping a communication requires both knowing the private key and the random number sent by the IFD, while establishing a secure channel of your own only requires knowing the private key .

And yes, the IFD is the computer in this case… it’s what the card sees “on the other end”, the logical entity that talks to the card using the iso7816 and the CWA 14980 protocols.

Hence, it’s the combination of reader+computer, since the reader implements the lower layers of the iso7816 stack (physical layer and link layer [T=0, T=1...] ) and the computer implements the upper layers.

By: Alvaro

Alvaro — Tue, 02 Mar 2010 09:47:36 +0000

So, if I understood it right: the IFD has his own public key?

And, another doubt: the IFD is the computer trying to access the card, or is it the reader device?