From my understanding it should be possible to remotely authenticate a tag without saving the key on the reader by having another device handling the challenges. This way a remote server could securely identify a tag without trusting the reader. Is that correct?
If it is, I would continue to modify DESFire.authenticate so that the tag challenge, RndB_enc is sent to the remote server. To answer the challenge the server would have to answer with RndAB_enc. After the card reply, the server would check RndA_enc and return the session key comprised of RndA and RndB.
Does this make sense? Is it safe for an untrusted device to have both RndA/B and RndA/B_dec available? If so I would make a PR to add options to authenticate() for providing functions for the challenges and session key creation.
From my understanding it should be possible to remotely authenticate a tag without saving the key on the reader by having another device handling the challenges. This way a remote server could securely identify a tag without trusting the reader. Is that correct?
If it is, I would continue to modify
DESFire.authenticateso that the tag challenge,RndB_encis sent to the remote server. To answer the challenge the server would have to answer withRndAB_enc. After the card reply, the server would checkRndA_encand return the session key comprised ofRndAandRndB.Does this make sense? Is it safe for an untrusted device to have both RndA/B and RndA/B_dec available? If so I would make a PR to add options to
authenticate()for providing functions for the challenges and session key creation.