Smart Cards Todd Moran
What are Smart Cards? Data Storage Embedded System Hardware Software
Uses of Smart Cards Physical ID (Personal Information) Electronic ID (Mobile Phone SIMs) Physical Access (Access Control Cards) Financial Services (Credit Cards)
Types of Smart Cards
History of Smart Cards Invented in the late '60s Used with payphones in Europe Debit cards Mobile Phone SIMs
Components of Smart Cards Software – JAVA, Encryption Hardware - Integrated Circuits, Antennae, Casing
Smart Card Standards Encryption Standards Hardware Standards AES/DES EMV Integrated Circuit Card Specifications IEC 61967 Measurement of electromagnetic emissions 150kHz to 1GHz
Certification of Smart Cards Common Criteria Certification Smartcard Evaluation Protection Profile ISO - Physical, Electrical, Communications EMV (Europay, MasterCard and Visa) ANSI - Biometric ICAO (International Civil Aviation Organization)
Vulnerabilities of Smart Cards Power Analysis Attacks Hardware Vulnerabilities Software Vulnerabilities Encryption Vulnerabilities
The Future of Smart Cards Competition with Smart Phones The Incredibly Shrinking Smart Card
References AES Specification: http://csrc.nist.gov/publications/fips/fips197/fips- 197.pdf Protection Profile – Smartcard with Integrated Circuit - Common Criteria: http://www.commoncriteriaportal.org/files/ppfiles/PP9911.pdf Smartcard Evaluation - Common Criteria : http://www.commoncriteriaportal.org/files/supdocs/CCDB-2010-03- 001.pdf S. Mangard, E. Oswald, T. Popp, Power Analysis Attacks, Springer, 2007. Power Analysis Attacks, Book Website: http://dpabook.org/