Navigation

    • Login
    • Search
    • [[global:header.recent]]
    • [[global:header.tags]]
    • [[global:header.popular]]
    • [[global:header.groups]]
    • [[global:header.search]]

    Store certificate on NFC ring?

    General discussions and feedback
    4
    10
    9625
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Kingbob last edited by

      Im looking at getting an NFC ring, havent quite decided on whoch style yet, but one of the things id like to use it for is to store a certificate.

      Windows Bitlocker and other similar applications can use certificates to encrypt files/volumes, and those certificates can be stored on smart cards. Assuming i have a suitable NFC reader on my laptop or desktop, could a certificate be stored on an NFC ring to be used as a smart card?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • E
        Engarde last edited by

        Size is the issue you will struggle with.
        Whether the certificate has been issued with ye old RSA keys or new fangled ECC keys such a certificate is going to exceed the (original/1st gen) ring capacity.
        You could instead maybe store the hash/thumbprint of the cert or its serialnumber in the tag and then use something else to use that to 'play find the certificate' from your trusted certs store or whatever...

        1 Reply Last reply Reply Quote 0
        • E
          Engarde last edited by

          Looking at a completely arbitrary rsa2048 certificate and an ecdsa P384 one (just because I have them handy) they are around 1600 and 1400 bytes respectively.

          1 Reply Last reply Reply Quote 1
          • Lokki
            Lokki Community Helper last edited by

            It all comes down to the NTAG216 having 888 bytes of user accessible storage. So larger than that is a no, not yet.

            1 Reply Last reply Reply Quote 0
            • E
              Engarde last edited by

              There is also what it would mean in terms of having a certificate on the ring, even on the KS2016 rings.
              Kingbob, what would you be thinking of doing with such a certificate?

              1 Reply Last reply Reply Quote 0
              • K
                Kingbob last edited by

                Well like i said, to me it would be useful as an encryption key for unlocking things like Bitlocker volumes. Bitlocker supports certificates on smartcards, so an NFC ring treated as one, would be great.
                Very hard to lose, even give a level of deniability if no-one can tell thats what the ring is.

                1 Reply Last reply Reply Quote 1
                • Lokki
                  Lokki Community Helper last edited by

                  That would be the best part about the ring being programmable - it could be anything at all.

                  1 Reply Last reply Reply Quote 0
                  • K
                    Kingbob last edited by

                    I did a bit testing since i had some spare time, and a self-signed windows certificate for bitlocker that i created came in at 778 bytes. Looks like it will fit on the 2016 models with a whole 110 bytes spare!

                    N 1 Reply Last reply Reply Quote 4
                    • Lokki
                      Lokki Community Helper last edited by

                      That's pretty awesome.

                      1 Reply Last reply Reply Quote 0
                      • N
                        Natong @Kingbob last edited by

                        @Kingbob

                        Could you please teach us? how to use NFC with bitlocker. I did search google but no any result found.
                        Also can we use the simple USB NFC reader for PC ?

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post