Store certificate on NFC ring?
-
Im looking at getting an NFC ring, havent quite decided on whoch style yet, but one of the things id like to use it for is to store a certificate.
Windows Bitlocker and other similar applications can use certificates to encrypt files/volumes, and those certificates can be stored on smart cards. Assuming i have a suitable NFC reader on my laptop or desktop, could a certificate be stored on an NFC ring to be used as a smart card?
Thanks.
-
Size is the issue you will struggle with.
Whether the certificate has been issued with ye old RSA keys or new fangled ECC keys such a certificate is going to exceed the (original/1st gen) ring capacity.
You could instead maybe store the hash/thumbprint of the cert or its serialnumber in the tag and then use something else to use that to 'play find the certificate' from your trusted certs store or whatever...
-
Looking at a completely arbitrary rsa2048 certificate and an ecdsa P384 one (just because I have them handy) they are around 1600 and 1400 bytes respectively.
-
It all comes down to the NTAG216 having 888 bytes of user accessible storage. So larger than that is a no, not yet.
-
There is also what it would mean in terms of having a certificate on the ring, even on the KS2016 rings.
Kingbob, what would you be thinking of doing with such a certificate?
-
Well like i said, to me it would be useful as an encryption key for unlocking things like Bitlocker volumes. Bitlocker supports certificates on smartcards, so an NFC ring treated as one, would be great.
Very hard to lose, even give a level of deniability if no-one can tell thats what the ring is.
-
That would be the best part about the ring being programmable - it could be anything at all.
-
I did a bit testing since i had some spare time, and a self-signed windows certificate for bitlocker that i created came in at 778 bytes. Looks like it will fit on the 2016 models with a whole 110 bytes spare!
-
That's pretty awesome.
-
Could you please teach us? how to use NFC with bitlocker. I did search google but no any result found.
Also can we use the simple USB NFC reader for PC ?
