|
Tech
Decrypted
Taking the mystery out of learning cryptography
|
|
Seminar
Smartcard
Technology:
A Technical Overview
by H.X. Mel & Doris Baker
co-authors of Cryptography Decrypted
Goals Explain smartcard technical basics
Demonstrate real Javacard authentication system
Outline Brief history of smartcards
Smartcard fundamentals Microprocessor cards / memory cards Communicating to/from a smartcard Protocols Some standards and security guidelines ISO
7816 Javacard specifics Architecture (physical and logical) Javacard virtual machine
Off card VM Examples of cryptographic applets for:
Authentication Smartcard role in fulfilling HSPD-12, PIV-1 & REAL-ID Act
Smartcards enable Internet users to validate the authenticity of their Internet correspondent. They are the vessel that contains the digitized identity (as personal cryptographic key material) as well as other personal data (e.g. medical emergency data, authorizations, etc.) Security professionals (and maybe every Internet user) need to know smartcard potentials and shortfalls. This is especially true for Federal government staff and consultants who need to evaluate smartcard applicability in satisfying Federal mandates as specified in documents like HSPD-12, FIPS 201, PIV-I and II, etc. This
presentation provides a concise and descriptive overview of smartcard basic empowerments
and vulnerabilities, as well as illustrating an
online real time smartcard authentication and file transfer system.
|
|
(c) H. X. Mel & Doris Baker all rights reserved |