Echoes Corsac.net - Echoes camshot
lundi 16 octobre 2017 (1 post)

Following the news about the ROCA vulnerability (weak key generation in Infineon-based smartcards, more info here and here) I can confirm that the Almex smartcard I mentionned on my last post (which are Infineon based) are indeed vulnerable.

I've contacted Almex to have more details, but if you were interested in buying that smartcard, you might want to refrain for now.

It does *not* affect keys generated off-card and later injected (the process I use myself).

 

Yves-Alexis@17:32:01 (Debian)

Images
Stats
  • 1526 posts
  • 8197 jours
  • 0.19 posts/jour
  • IRC
  • Last.fm
Stuff
Tech
Weblogs
Desktop