status-im
/
status-keycard
mirror of https://github.com/status-im/status-keycard.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

add a not about replay attacks

This commit is contained in:
Michele Balistreri 2017-10-28 18:23:17 +03:00
parent 196e91f3ec
commit 8729768478
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
SECURE_CHANNEL.MD
View File

@ -5,7 +5,8 @@ A Secure Channel must be established to allow communication between the applet a
a secure channel is to avoid traffic snooping. What we achieve with the secure channel below is only secrecy, not
authentication. Authentication would require either a set of pre-shared keys or the usage of certificates. In particular,
it does not protect from MITM attacks. If the risk of such attacks exists, protection should be set up in a different
layer or the protocol must be extended for mutual authentication.
layer or the protocol must be extended for mutual authentication. A command counter should be added to protect from
replay attacks.
A short description of the protocol is as follows