Eg.gnubby-protokoll explained.txt

From
Revision as of 17:17, 30 June 2015 by Wolfm (talk | contribs) (Created page with "<pre> Analyse aller APDU-Daten des Protokolls: Die INS-Bytes der Kommandos sind wie folgt definiert: #define U2F_REGISTER 0x01 // Registration command #define U2F_…")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Analyse aller APDU-Daten des Protokolls:

Die INS-Bytes der Kommandos sind wie folgt definiert:
#define U2F_REGISTER            0x01    // Registration command
#define U2F_AUTHENTICATE        0x02    // Authenticate/sign command
#define U2F_VERSION             0x03    // Read version string command
#define U2F_VENDOR_FIRST        0xc0    // First vendor defined command
#define U2F_VENDOR_LAST         0xff    // Last vendor defined command

Nur die ersten drei findet man im Protokoll.

Registration CAPDU
=======================================
(Frame 5)
00 01 03 00 00 00 40 27 de 26 93 d1 df b9 ae 61 9b 6e b5 26 05 12 a1 d7
bb 46 53 7c 79 f3 a6 34 ac 84 3d de b2 82 27 a1 aa 11 af f7 e7 12 52 fe
5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73 16 a2 56 2a b4 8d bf 56 00
00

: CLA : 00
: INS : 01
: P1 P2 : 03 00
: Lc : 00 00 40
: registration request challenge RGCH :
27 de 26 93 d1 df b9 ae 61 9b 6e b5 26 05 12 a1 d7 bb 46 53 7c 79 f3 a6
34 ac 84 3d de b2 82 27
: application parameter APID :
a1 aa 11 af f7 e7 12 52 fe 5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73
16 a2 56 2a b4 8d bf 56
: Le (maximum) : 00 00


Registration RAPDU
=======================================
(Frame 42)
05 04 c8 e6 bf d7 d8 a6 5d 72 fe 13 bc e4 9f 8e 0a a7 5e e3 f4 88 34 4d
cd 73 2b 31 97 cc ee 25 99 f2 9b 65 05 f2 99 6c 4a 59 6a c5 df e7 b8 fd
df 04 bb 4b 99 7c a1 80 9e 8a 95 42 a5 5c 87 5a 98 4b 40 84 f2 01 9b d9
5d 1e 0d 86 72 c4 54 48 86 8c 41 89 4e df 95 7b f6 e9 ed 4b 80 17 35 2f
e9 bc 08 8e 0f ff 27 c1 d9 0d 1b 0a ee 2a 13 09 29 3c 7e 18 c5 24 58 e8
01 4a ac f1 7f f2 5a 44 2f a0 50 30 82 01 42 30 81 ea a0 03 02 01 02 02
09 01 23 33 ff ff ff ff 46 58 30 0a 06 08 2a 86 48 ce 3d 04 03 02 30 1b
31 19 30 17 06 03 55 04 03 13 10 47 6e 75 62 62 79 20 48 53 4d 20 43 41
20 30 30 30 22 18 0f 32 30 31 32 30 36 30 31 30 30 30 30 30 30 5a 18 0f
32 30 36 32 30 35 33 31 32 33 35 39 35 39 5a 30 30 31 19 30 17 06 03 55
04 03 13 10 47 6f 6f 67 6c 65 20 47 6e 75 62 62 79 20 76 30 31 13 30 11
06 03 55 04 2d 03 0a 00 01 23 33 ff ff ff ff 46 58 30 59 30 13 06 07 2a
86 48 ce 3d 02 01 06 08 2a 86 48 ce 3d 03 01 07 03 42 00 04 c1 c4 d0 26
3e 51 dd 29 49 8f 8b 8a 85 fa ea b5 04 9b 68 16 63 95 33 63 dd bf 2f e2
ca 25 10 cf cf d3 33 7c b8 0e 46 1a 05 24 08 23 8d 19 95 b3 db 0b 98 e5
1e 31 0a 34 73 69 c7 74 9b f7 94 47 30 0a 06 08 2a 86 48 ce 3d 04 03 02
03 47 00 30 44 02 20 1c 6e 09 73 03 ac e9 b9 7a fa f4 49 ca 54 3c af 76
27 df d4 5b 90 45 da 2c 7a e2 54 47 a9 6a 6e 02 20 53 66 d3 9a 92 9a 66
ba ae e4 c9 cd d1 cd f8 e9 9b 97 a1 19 83 4d 36 2b f9 cd 10 d3 42 0e ae
5d 30 44 02 20 2d 08 bb 43 fa bf e3 cc 66 ac 93 6a d4 59 ad 41 59 4c ff
67 be eb 00 56 11 6d 24 45 a4 9a b1 54 02 20 5f 43 95 33 91 aa bc e6 8e
69 48 01 ca 10 8f b9 8b e9 da af 3a fd 65 b3 3a d4 ce 2e 99 bc c5 ab 90
00

: fixed Byte 0x05 : 05
: public key PUBK :
04 c8 e6 bf d7 d8 a6 5d 72 fe 13 bc e4 9f 8e 0a a7 5e e3 f4 88 34 4d cd
73 2b 31 97 cc ee 25 99 f2 9b 65 05 f2 99 6c 4a 59 6a c5 df e7 b8 fd df
04 bb 4b 99 7c a1 80 9e 8a 95 42 a5 5c 87 5a 98 4b
: key handle length khl : 40
: key handle KEYH :
84 f2 01 9b d9 5d 1e 0d 86 72 c4 54 48 86 8c 41 89 4e df 95 7b f6 e9 ed
4b 80 17 35 2f e9 bc 08 8e 0f ff 27 c1 d9 0d 1b 0a ee 2a 13 09 29 3c 7e
18 c5 24 58 e8 01 4a ac f1 7f f2 5a 44 2f a0 50
: attestation cert ATTC :
30 82 01 42 30 81 ea a0 03 02 01 02 02 09 01 23 33 ff ff ff ff 46 58 30 
0a 06 08 2a 86 48 ce 3d 04 03 02 30 1b 31 19 30 17 06 03 55 04 03 13 10
47 6e 75 62 62 79 20 48 53 4d 20 43 41 20 30 30 30 22 18 0f 32 30 31 32
30 36 30 31 30 30 30 30 30 30 5a 18 0f 32 30 36 32 30 35 33 31 32 33 35
39 35 39 5a 30 30 31 19 30 17 06 03 55 04 03 13 10 47 6f 6f 67 6c 65 20
47 6e 75 62 62 79 20 76 30 31 13 30 11 06 03 55 04 2d 03 0a 00 01 23 33
ff ff ff ff 46 58 30 59 30 13 06 07 2a 86 48 ce 3d 02 01 06 08 2a 86 48
ce 3d 03 01 07 03 42 00 04 c1 c4 d0 26 3e 51 dd 29 49 8f 8b 8a 85 fa ea
b5 04 9b 68 16 63 95 33 63 dd bf 2f e2 ca 25 10 cf cf d3 33 7c b8 0e 46
1a 05 24 08 23 8d 19 95 b3 db 0b 98 e5 1e 31 0a 34 73 69 c7 74 9b f7 94
47 30 0a 06 08 2a 86 48 ce 3d 04 03 02 03 47 00 30 44 02 20 1c 6e 09 73
03 ac e9 b9 7a fa f4 49 ca 54 3c af 76 27 df d4 5b 90 45 da 2c 7a e2 54
47 a9 6a 6e 02 20 53 66 d3 9a 92 9a 66 ba ae e4 c9 cd d1 cd f8 e9 9b 97
a1 19 83 4d 36 2b f9 cd 10 d3 42 0e ae 5d
: EC-DSA-Signatur RSIG (registration.req.sig) :
30 44 02 20 2d 08 bb 43 fa bf e3 cc 66 ac 93 6a d4 59 ad 41 59 4c ff 67
be eb 00 56 11 6d 24 45 a4 9a b1 54 02 20 5f 43 95 33 91 aa bc e6 8e 69
48 01 ca 10 8f b9 8b e9 da af 3a fd 65 b3 3a d4 ce 2e 99 bc c5 ab
: Status Word : 90 00


Data to be signed (registration.req.dtbs)
: RFU byte : 00
: application parameter APID :
a1 aa 11 af f7 e7 12 52 fe 5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73
16 a2 56 2a b4 8d bf 56
: registration request challenge RGCH :
27 de 26 93 d1 df b9 ae 61 9b 6e b5 26 05 12 a1 d7 bb 46 53 7c 79 f3 a6
34 ac 84 3d de b2 82 27
: key handle KEYH :
84 f2 01 9b d9 5d 1e 0d 86 72 c4 54 48 86 8c 41 89 4e df 95 7b f6 e9 ed
4b 80 17 35 2f e9 bc 08 8e 0f ff 27 c1 d9 0d 1b 0a ee 2a 13 09 29 3c 7e
18 c5 24 58 e8 01 4a ac f1 7f f2 5a 44 2f a0 50
: public key PUBK :
04 c8 e6 bf d7 d8 a6 5d 72 fe 13 bc e4 9f 8e 0a a7 5e e3 f4 88 34 4d cd
73 2b 31 97 cc ee 25 99 f2 9b 65 05 f2 99 6c 4a 59 6a c5 df e7 b8 fd df
04 bb 4b 99 7c a1 80 9e 8a 95 42 a5 5c 87 5a 98 4b


attestation certificate ATTC (attestation.pem)
-----BEGIN CERTIFICATE-----
MIIBQjCB6qADAgECAgkBIzP/////RlgwCgYIKoZIzj0EAwIwGzEZMBcGA1UEAxMQ
R251YmJ5IEhTTSBDQSAwMDAiGA8yMDEyMDYwMTAwMDAwMFoYDzIwNjIwNTMxMjM1
OTU5WjAwMRkwFwYDVQQDExBHb29nbGUgR251YmJ5IHYwMRMwEQYDVQQtAwoAASMz
/////0ZYMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwcTQJj5R3SlJj4uKhfrq
tQSbaBZjlTNj3b8v4solEM/P0zN8uA5GGgUkCCONGZWz2wuY5R4xCjRzacd0m/eU
RzAKBggqhkjOPQQDAgNHADBEAiAcbglzA6zpuXr69EnKVDyvdiff1FuQRdoseuJU
R6lqbgIgU2bTmpKaZrqu5MnN0c346ZuXoRmDTTYr+c0Q00IOrl0=
-----END CERTIFICATE-----

extracted attestation key (attestation.key)
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwcTQJj5R3SlJj4uKhfrqtQSbaBZj
lTNj3b8v4solEM/P0zN8uA5GGgUkCCONGZWz2wuY5R4xCjRzacd0m/eURw==
-----END PUBLIC KEY-----


openssl dgst -verify attestation.key -signature registration.req.sig -sha256 registration.req.dtbs
Verified OK



Authentication CAPDU
=======================================
(Frame 47)
00 02 03 00 00 00 81 8d 60 e0 a2 80 9e 29 df 5b 7f 0b e4 8a 68 47 62 3d
5c 67 52 64 26 0c 38 0f 51 5b 9c 03 47 05 49 a1 aa 11 af f7 e7 12 52 fe
5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73 16 a2 56 2a b4 8d bf 56 40
84 f2 01 9b d9 5d 1e 0d 86 72 c4 54 48 86 8c 41 89 4e df 95 7b f6 e9 ed
4b 80 17 35 2f e9 bc 08 8e 0f ff 27 c1 d9 0d 1b 0a ee 2a 13 09 29 3c 7e
18 c5 24 58 e8 01 4a ac f1 7f f2 5a 44 2f a0 50 00 00

: CLA : 00
: INS : 02
: P1 P2 (enforce-user-presence-and-sign control byte) : 03 00
: Lc : 00 00 81
: authentication request challenge ATCH :
8d 60 e0 a2 80 9e 29 df 5b 7f 0b e4 8a 68 47 62 3d 5c 67 52 64 26 0c 38
0f 51 5b 9c 03 47 05 49
: application parameter APID :
a1 aa 11 af f7 e7 12 52 fe 5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73
16 a2 56 2a b4 8d bf 56
: key handle length khl : 40
: key handle KEYH :
84 f2 01 9b d9 5d 1e 0d 86 72 c4 54 48 86 8c 41 89 4e df 95 7b f6 e9 ed
4b 80 17 35 2f e9 bc 08 8e 0f ff 27 c1 d9 0d 1b 0a ee 2a 13 09 29 3c 7e
18 c5 24 58 e8 01 4a ac f1 7f f2 5a 44 2f a0 50
: Le (maximum) : 00 00


Authentication RAPDU
=======================================
(Frame 80)
01 00 00 00 32 30 45 02 20 46 28 27 a5 cd bc 04 87 31 cc 8a ac cb 30 fe
bc d9 d0 8e de 5e ac 18 cd 3a 93 ad 9b 34 85 77 3a 02 21 00 ad 49 09 ec
d7 73 03 d2 a9 cc 4a fa cb d0 9b 70 c1 6e b6 e3 0a bc 36 58 51 c6 d0 dc
2e f9 25 57 90 00

: user presence byte upb (presence verified) : 01
: counter CNTR : 00 00 00 32
: EC-DSA-Signatur ASIG (authentication.sig) :
30 45 02 20 46 28 27 a5 cd bc 04 87 31 cc 8a ac cb 30 fe bc d9 d0 8e de
5e ac 18 cd 3a 93 ad 9b 34 85 77 3a 02 21 00 ad 49 09 ec d7 73 03 d2 a9
cc 4a fa cb d0 9b 70 c1 6e b6 e3 0a bc 36 58 51 c6 d0 dc 2e f9 25 57
: Status Word : 90 00


Data to be signed (authentication.req.dtbs)
: application parameter APID :
a1 aa 11 af f7 e7 12 52 fe 5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73
16 a2 56 2a b4 8d bf 56
: user presence byte upb : 01
: Counter CNTR : 00 00 00 32
: authentication request challenge ATCH :
8d 60 e0 a2 80 9e 29 df 5b 7f 0b e4 8a 68 47 62 3d 5c 67 52 64 26 0c 38
0f 51 5b 9c 03 47 05 49


authentication key (authentication.pub)
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEyOa/19imXXL+E7zkn44Kp17j9Ig0
Tc1zKzGXzO4lmfKbZQXymWxKWWrF3+e4/d8Eu0uZfKGAnoqVQqVch1qYSw==
-----END PUBLIC KEY-----

openssl dgst -verify authentication.pub -signature authentication.sig -sha256 authentication.req.dtbs
Verified OK



FIDO GetVersion CAPDU
=======================================
(Frame 3)
00 03 00 00 00 00 00 00 00

: CLA : 00
: INS : 03
: P1 P2 (nothing required) : 00 00 
: Lc : 00 00 00
: Le (maximum) : 00 00


GetVersion RAPDU:
=======================================
(Frame 4)
55 32 46 5f 56 32 90 00

: Version "U2F_V2" : 55 32 46 5f 56 32
: Status Word : 90 00




Zeitanalyse
=======================================

Packet No.	Time	Source	Length	Packet Type
      5   0.032002	host	  107	Reg Request
      9   0.261015	host	  107	Reg Request
     13   0.492029	host	  107	Reg Request
     17   0.723041	host	  107	Reg Request
     21   0.953055	host	  107	Reg Request
     25   1.189069	host	  107	Reg Request
     29   1.419081	host	  107	Reg Request
     33   1.649095	host	  107	Reg Request
     37   1.882108	host	  107	Reg Request
     41   2.113121	host	  107	Reg Request
     42   2.376136	token	  563	Reg Response
     47   4.749271	Host	  172	Auth Request
     51   5.089290	Host	  172	Auth Request
     55   5.326304	Host	  172	Auth Request
     59   5.567317	Host	  172	Auth Request
     63   5.819332	Host	  172	Auth Request
     67   6.062346	Host	  172	Auth Request
     71   6.303360	Host	  172	Auth Request
     75   6.544373	Host	  172	Auth Request
     79   6.790387	Host	  172	Auth Request
     80   6.910393	token	  112	Auth Response

Der erste Registration Request (CAPDU) wurde zum Zeitpunkt 0.03 s gesendet und wurde wiederholt bis die Anwesenheit des Nutzers bestätigt wurde (Frame 42).
Bis dahin wiederholen sich immer die folgenden zwei Kommandos/Antwort-Paare:

packet 5: (registration request CAPDU)
11 00 00 02 83 00 49
00 01 03 00 00 00 40 27 de 26 93 d1 df b9 ae 61 9b 6e b5 26 05 12 a1 d7
bb 46 53 7c 79 f3 a6 34 ac 84 3d de b2 82 27 a1 aa 11 af f7 e7 12 52 fe
5e 32 aa 80 b4 25 a0 fa fb e5 f8 a5 ea 76 73 16 a2 56 2a b4 8d bf 56 00
00
packet 6: (token response APDU consists of the Status Word 0x6985 only)
11 00 00 02 83 00 02 69 85
packet 7: (USB command with empty payload)
11 00 00 02 88 00 00
packet 8: (token response with empty payload)
11 00 00 02 88 00 00

Die ersten vier Bytes der übermittelten Nutzdaten sind die Schnittstellen-ID, danach folgt das USB-Kommando und die Länge der folgenden Nutzdaten.
Die drei erkannten Kommandos sind 
#define TYPE_INIT  0x80
#define U2FHID_MSG   (TYPE_INIT | 3)	/** Send raw APDU 0x83*/
#define U2FHID_WINK  (TYPE_INIT | 8)	/** Send device identification wink 0x88*/
#define U2FHID_SYNC  (TYPE_INIT | 0x3c)	/** Protocol resync command 0xbc*/

Man findet im Protokoll die resync-, APDU- und Wink-Kommandos:

Frame  1:  35 bytes Time: 0.000 Capture Data: 11000002bc0001 01
Frame  2:  35 bytes Time: 0.005 Capture Data: 11000002bc0001 01
Frame  3:  43 bytes Time: 0.013 Capture Data: 11000002830009 000300000000000000
Frame  4:  42 bytes Time: 0.019 Capture Data: 11000002830008 5532465f56329000
Frame  5: 107 bytes Time: 0.032 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame  6:  36 bytes Time: 0.045 Capture Data: 11000002830002 6985
Frame  7:  34 bytes Time: 0.050 Capture Data: 11000002880000
Frame  8:  34 bytes Time: 0.052 Capture Data: 11000002880000
Frame  9: 107 bytes Time: 0.261 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 10:  36 bytes Time: 0.274 Capture Data: 11000002830002 6985
Frame 11:  34 bytes Time: 0.281 Capture Data: 11000002880000
Frame 12:  34 bytes Time: 0.284 Capture Data: 11000002880000
Frame 13: 107 bytes Time: 0.492 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 14:  36 bytes Time: 0.505 Capture Data: 11000002830002 6985
Frame 15:  34 bytes Time: 0.512 Capture Data: 11000002880000
Frame 16:  34 bytes Time: 0.514 Capture Data: 11000002880000
Frame 17: 107 bytes Time: 0.723 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 18:  36 bytes Time: 0.735 Capture Data: 11000002830002 6985
Frame 19:  34 bytes Time: 0.742 Capture Data: 11000002880000
Frame 20:  34 bytes Time: 0.745 Capture Data: 11000002880000
Frame 21: 107 bytes Time: 0.953 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 22:  36 bytes Time: 0.965 Capture Data: 11000002830002 6985
Frame 23:  34 bytes Time: 0.978 Capture Data: 11000002880000
Frame 24:  34 bytes Time: 0.981 Capture Data: 11000002880000
Frame 25: 107 bytes Time: 1.189 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 26:  36 bytes Time: 1.201 Capture Data: 11000002830002 6985
Frame 27:  34 bytes Time: 1.208 Capture Data: 11000002880000
Frame 28:  34 bytes Time: 1.211 Capture Data: 11000002880000
Frame 29: 107 bytes Time: 1.419 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 30:  36 bytes Time: 1.431 Capture Data: 11000002830002 6985
Frame 31:  34 bytes Time: 1.438 Capture Data: 11000002880000
Frame 32:  34 bytes Time: 1.441 Capture Data: 11000002880000
Frame 33: 107 bytes Time: 1.649 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 34:  36 bytes Time: 1.661 Capture Data: 11000002830002 6985
Frame 35:  34 bytes Time: 1.668 Capture Data: 11000002880000
Frame 36:  34 bytes Time: 1.672 Capture Data: 11000002880000
Frame 37: 107 bytes Time: 1.882 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 38:  36 bytes Time: 1.895 Capture Data: 11000002830002 6985
Frame 39:  34 bytes Time: 1.902 Capture Data: 11000002880000
Frame 40:  34 bytes Time: 1.904 Capture Data: 11000002880000
Frame 41: 107 bytes Time: 2.113 Capture Data: 11000002830049 0001030000004027de2693d1...
Frame 42: 563 bytes Time: 2.376 Capture Data: 11000002830211 0504c8e6bfd7d8a65d72fe13...
Frame 43:  35 bytes Time: 4.727 Capture Data: 11000003bc0001 01
Frame 44:  35 bytes Time: 4.732 Capture Data: 11000003bc0001 01
Frame 45:  43 bytes Time: 4.737 Capture Data: 11000003830009 000300000000000000
Frame 46:  42 bytes Time: 4.743 Capture Data: 11000003830008 5532465f56329000
Frame 47: 172 bytes Time: 4.749 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 48:  36 bytes Time: 4.869 Capture Data: 11000003830002 6985
Frame 49:  34 bytes Time: 4.881 Capture Data: 11000003880000
Frame 50:  34 bytes Time: 4.883 Capture Data: 11000003880000
Frame 51: 172 bytes Time: 5.089 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 52:  36 bytes Time: 5.110 Capture Data: 11000003830002 6985
Frame 53:  34 bytes Time: 5.116 Capture Data: 11000003880000
Frame 54:  34 bytes Time: 5.118 Capture Data: 11000003880000
Frame 55: 172 bytes Time: 5.326 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 56:  36 bytes Time: 5.347 Capture Data: 11000003830002 6985
Frame 57:  34 bytes Time: 5.354 Capture Data: 11000003880000
Frame 58:  34 bytes Time: 5.358 Capture Data: 11000003880000
Frame 59: 172 bytes Time: 5.567 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 60:  36 bytes Time: 5.588 Capture Data: 11000003830002 6985
Frame 61:  34 bytes Time: 5.602 Capture Data: 11000003880000
Frame 62:  34 bytes Time: 5.607 Capture Data: 11000003880000
Frame 63: 172 bytes Time: 5.819 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 64:  36 bytes Time: 5.839 Capture Data: 11000003830002 6985
Frame 65:  34 bytes Time: 5.849 Capture Data: 11000003880000
Frame 66:  34 bytes Time: 5.852 Capture Data: 11000003880000
Frame 67: 172 bytes Time: 6.062 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 68:  36 bytes Time: 6.083 Capture Data: 11000003830002 6985
Frame 69:  34 bytes Time: 6.090 Capture Data: 11000003880000
Frame 70:  34 bytes Time: 6.093 Capture Data: 11000003880000
Frame 71: 172 bytes Time: 6.303 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 72:  36 bytes Time: 6.324 Capture Data: 11000003830002 6985
Frame 73:  34 bytes Time: 6.331 Capture Data: 11000003880000
Frame 74:  34 bytes Time: 6.334 Capture Data: 11000003880000
Frame 75: 172 bytes Time: 6.544 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 76:  36 bytes Time: 6.565 Capture Data: 11000003830002 6985
Frame 77:  34 bytes Time: 6.572 Capture Data: 11000003880000
Frame 78:  34 bytes Time: 6.574 Capture Data: 11000003880000
Frame 79: 172 bytes Time: 6.790 Capture Data: 1100000383008a 000203000000818d60e0a280...
Frame 80: 112 bytes Time: 6.910 Capture Data: 1100000383004e 010000003230450220462827...

Die Zeit zur Erzeugung des öffentlichen Schlüssels und zur Signatur der Registierungsdaten beträgt 2.376 -2.113 = 0.263 s (Frame 41/42), eine Authentisierungsanfrage dagegen nur 6.910 - 6.790 = 0.120 s. Das passt aber zum Zeitverhalten einer ECC-Operation, für die Registrierungsanfrage benötigt man zwei Skalaroperationen, für die Authentisierung dagegen nur eine.