使用SAM模块存储安全密钥 [英] Using SAM modules for storing secure keys
问题描述
据我了解,SAM模块是一种SMART卡,它们通过ISO 7816协议连接到MCU.
As i understand SAM modules are kind of SMART Cards which connect to the MCU via ISO 7816 protocol.
- 除了安全存储之外,还有其他应用程序吗? 钥匙?
- 我可以使用普通的移动SIM卡代替SAM模块进行存储吗? 钥匙?
- 据我所知,当我们将密钥存储在SAM模块中时,几乎 无法检索密钥,& SAM使用了随机序列 挑战与多相身份验证以验证卡.然后如何进行SAM 将此验证发送给MCU吗?SAM&之间是否可以直接访问? 读者?还是通过MCU连接?用于存储密钥的命令 在SAM中?
- 此安全性是否有任何特殊的标准协议 传播? (SAM/验证之间的存储密钥 CARD-SAM-MCU/验证流程...)
- 为什么芯片制造商未为此安全配备其MCU 内部元素?
- Is there any other application for them except storing secure keys?
- Can I used usual mobile sim-cards instead of SAM module to storing keys?
- As i know when we store keys in the SAM module ,it is almost impossible to retrieve the keys, & SAM used a sequence of random challenge & polyphase authentication to verify the card.Then how SAM send this verification to MCU?is there direct access between SAM & Reader ? or they connected via MCU?which command used to store keys in the SAM?
- Is there any special standard protocol for this secure transmission? (storing key in SAM/ Authentication between CARD-SAM-MCU/ verifying process & ...)
- Why chip manufacturer does not equipped their MCU to this secure Element internally?
推荐答案
除了存储安全密钥外,还有其他应用程序吗?
Is there any other application for them except storing secure keys?
智能卡包含通用CPU,因此您可以想到的任何事物.但是,对存储的密钥执行操作确实是其主要目的.
Smart Cards contain a general purpose CPU, so anything you can think of. But performing operations on the stored keys are indeed their main purpose.
我可以使用普通的移动SIM卡代替SAM模块来存储密钥吗?
Can I used usual mobile sim-cards instead of SAM module to storing keys?
使用通用(Java)卡更有意义.
A generic (Java) card would make more sense.
据我所知,当我们将密钥存储在SAM模块中时,几乎不可能检索到密钥&. SAM使用了一系列随机质询和多相身份验证以验证卡.然后,SAM如何将此验证发送到MCU? SAM&之间是否可以直接访问?读者?还是通过MCU连接?哪个命令用于在SAM中存储密钥?
As i know when we store keys in the SAM module it is almost impossible to retrieve the keys, & SAM used a sequence of random challenge & polyphase authentication to verify the card. Then how SAM send this verification to MCU? Is there direct access between SAM & Reader? Or they connected via MCU? Which command used to store keys in the SAM?
这真的取决于实现方式.
This really depends on the implementation.
此安全传输是否有任何特殊的标准协议? (SAM中的存储密钥/CARD-SAM-MCU之间的身份验证/验证过程& ...)
Is there any special standard protocol for this secure transmission? (storing key in SAM/ Authentication between CARD-SAM-MCU/ verifying process & ...)
据我所知.可能有很多适用的标准",但据我所知,没有一个标准可以大致描述SAM卡的使用.
Not as far as I know. There are probably many "standards" that do apply, but to my knowledge there isn't a one that describes the use of SAM cards in general.
为什么芯片制造商内部没有为其安全性元件配备他们的MCU?
Why chip manufacturer does not equipped their MCU to this secure Element internally?
有时候是.
但是,保护芯片非常棘手.基本上,您是将密钥存储在知道攻击者即将使用的设备中.因此,您必须使用地址总线加扰,屏蔽等.等等.
Securing a chip is however very tricky. Basically you are storing a key in a device that you know an attacker is going to get its hands on. So you have to use address-bus scrambling, shields etc. etc. etc.
使用先前已获得认证并经过渗透测试的标准智能卡更具成本效益.
Using a standard smart card that has previously received certification and withstood penetration testing is much more cost effective.
这篇关于使用SAM模块存储安全密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!