Download presentation
Presentation is loading. Please wait.
Published byBarrett Ingledue Modified over 10 years ago
1
Smart Cards Our Inevitable Future Mark Shippy
2
What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card with an embedded chip. May come in 2 types: May come in 2 types: Memory Memory Micro-processor Micro-processor Contact and Contact-less type cards. Contact and Contact-less type cards. Used as a replacement for magnetic stripe cards. Used as a replacement for magnetic stripe cards.
3
Why use smart cards? Can store currently up to 7000 times more data than a magnetic stripe card. Can store currently up to 7000 times more data than a magnetic stripe card. Information that is stored on the card can be updated. Information that is stored on the card can be updated. Magnetic stripe cards are vulnerable to many types of fraud. Magnetic stripe cards are vulnerable to many types of fraud. Lost/Stolen Cards Lost/Stolen Cards Skimming Skimming Carding/ Phishing Carding/ Phishing Greatly enhances security by communicating with card readers using PKI algorithms. Greatly enhances security by communicating with card readers using PKI algorithms. A single card can be used for multiple applications (cash, identification, building access, etc.) A single card can be used for multiple applications (cash, identification, building access, etc.) Smart cards provide a 3-fold approach to authentic identification: Smart cards provide a 3-fold approach to authentic identification: Pin Pin Smartcard Smartcard Biometrics Biometrics
5
Security of Smart Cards Public Key Infrastructure (PKI) algorithms such as DES, 3DES, RSA and ECC. Public Key Infrastructure (PKI) algorithms such as DES, 3DES, RSA and ECC. Key pair generation. Key pair generation. Variable timing/clock fluctuation. Variable timing/clock fluctuation. 0.6 micron components. 0.6 micron components. Data stored on the card is encrypted. Data stored on the card is encrypted. Pin Blocking. Pin Blocking.
6
Elliptical Curve Cryptography y²=x³+ax+b y²=x³+ax+b Q(x,y) =kP(x,y) Q(x,y) =kP(x,y) Uses point multiplication to compute and ECDLP to crack. Uses point multiplication to compute and ECDLP to crack. Beneficial for portable devices. Beneficial for portable devices. Cryptographic coprocessors can be added to speed up encryption and decryption. Cryptographic coprocessors can be added to speed up encryption and decryption.
7
CAIN Confidentiality is obtained by the encryption of the information on the card. Confidentiality is obtained by the encryption of the information on the card. Authenticity is gained by using the PKI algorithm and the two/three factor authentication. Authenticity is gained by using the PKI algorithm and the two/three factor authentication. Integrity is maintained through error-checking and enhanced firmware. Integrity is maintained through error-checking and enhanced firmware. Repudiation is lower because each transaction is authenticated and recorded. Repudiation is lower because each transaction is authenticated and recorded.
8
Common and Future Uses of Smart Cards Current uses: Current uses: Chicago Transit Card Chicago Transit Card Speed Pass Speed Pass Amex Blue Card Amex Blue Card Phone Cards Phone Cards University ID cards University ID cards Health-care cards Health-care cards Access to high level government facilities. Access to high level government facilities. Future uses: Future uses: Federally Passed Real-ID act of 2005. Federally Passed Real-ID act of 2005. ePassports ePassports
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.