Mistial Developer
Mistial Developer
> It was designed to be used either over contact or contactless interface. Yes. This would be a non-standard extension. > So if you are trying to use the 9E...
> The card knows it is using contact or contactless but an attacker could switch a the reader from a contact reader to a contactless reader to gain access to...
> I can see your point with the Proxmark 3. Malware on user's computer could misuse the 9E key, but can also also steal PIN or misuse other keys on...
Thank you. I will reach out.
> I am tempted to suggest instead, though, having an option which separates the contactless and contact keys so that they can be entirely different. That would work as well,...
I was under the impression that the pairing code was available over the contact interface. NIST's slides on it states that it can be read from the card. https://csrc.nist.gov/csrc/media/events/ispab-june-2014-meeting/documents/ispab_jun2014_pairing-code_cooper.pdf Looking...
As far as the split chip emulation goes, there is unfortunately a part of the standard that denies it. > For dual chip implementations, for any container that can be...
> You are right the pairing code can be read over contact so attacker could read it. Sorry. The idea, from what I can tell, is to ensure that contact...
Travis-ci.org went commercial shortly after this issue was created, and then went read-only. @arekinath would you like me to take a look at building under Github Actions?
YubiKey has implemented Secure Channel into their newer devices. https://docs.yubico.com/hardware/yubikey/yk-5/tech-manual/yk5-overview-5.4.html#secure-channel-label https://docs.yubico.com/hardware/yubikey/yk-5/tech-manual/yk5-secure-channel-diverse-key-programming.html#yk5-secure-channel-diverse-key-programming-label They are using the ISD to handle it, which makes it much easier on the applet. ``` % java...