Secure Network Card
This paper covers the philosophy and techniques used for implementation of a standard networking stack, including the hardware interface, PPP, TCP, IP, SSL/TLS, HTTP, and applications within the resource constraints of a smart card. This implementation enables a smart card to establish secure TCP/IP connections using SSL/TLS protocols to any client or server on the Internet, using only standard networking protocols, and requiring no host middleware to be installed. A standard (unmodified) client or server anywhere on the network can securely communicate directly with this card; as far as the remote computer can tell, the smart card is just another computer on the Internet. No smart card specific software is required on the host or any remote computer.
Key wordsInternet smart card network SSL TLS TCP/IP PPP resource constraints
- 1.Rees, J., and Honeyman, P. “Webcard: a Java Card web server,” Proc. IFIP CARDIS 2000, Bristol, UK, September 2000.Google Scholar
- 2.Urien, P. “Internet Card, a smart card as a true Internet node,” Computer Communication, volume 23, issue 17, October 2000.Google Scholar
- 3.Guthery, S., Kehr, R., and Posegga, J. “How to turn a GSM SIM into a web server,” Proc. IFIP CARDIS 2000, Bristol, UK, September 2000.Google Scholar
- 4.Muller, C. and Deschamps, E. “Smart cards as first-class network citizens,” 4th Gemplus Developer Conference, Singapore, November 2002.Google Scholar
- 5.Itoi, N., Fukuzawa, T., and Honeyman, P. “Secure Internet Smartcards,” Proc. Java on Smart Cards: Programming and Security, Cannes, France, September 2000.Google Scholar
- 7.Postel, J. “Internet Protocol,” RFC 791, September 1981.Google Scholar
- 8.Postel, J. “Transmission Control Protocol,” RFC 793, September 1981.Google Scholar
- 9.Socolofsky, T. “A TCP/IP Tutorial,” RFC 1180, January 1991.Google Scholar
- 10.Almquist, P. “Type of Service in the Internet Protocol Suite,” RFC 1349, July 1992.Google Scholar
- 11.Simpson, W. “The Point-to-Point’ Protocol (PPP),” RFC 1661, July 1994.Google Scholar
- 12.Carlson, J. “PPP Design, Implementation, and Debugging,” second edition, Addison-Wesley, 2000.Google Scholar
- 13.Wright, G.R. and Stevens, W.R. “TCP/IP Illustrated, Volume 2,” Addison-Wesley professional Computing Series, 1995.Google Scholar
- 14.Dunkels, A. “IwIP-A Lightweight TCP/IP Stack.” More details are available at http://www.sics.se/~adam/lwip/.
- 15.Lancaster, G., et al. uC/IP (pronounced as meu-kip) is an open source project to develop TCP/IP protocol stack for microcontroller. It is based on BSD code. For details, see http://ucip.sourceforge.net/.
- 16.Chihaia, I. “Message Passing for Gigabite/s Networks with Zero-Copy under Linux,” Diploma Thesis Summer 1999, ETH Zurich.Google Scholar
- 17.Pai, V.S. and Druschel, P. and Zwaenepoel, W. “IO-Lite: A Unified I/O Buffering and Caching System,” Rice University.Google Scholar
- 18.Thadani, M. N. and Khalidi, Y.A. “An Efficient Zero-Copy I/O Framework for Unix,” SMLI TR-95-39.Google Scholar
- 20.Freier, Alan O., et al. “The SSL Protocol, Version 3.0,” Internet Draft, November 18, 1996. Also see the following Netscape URL: http://wp.netscape.com/eng/ssl3/.
- 21.Dierks, T., Allen, C., “The TLS Protocol, Version 1.0,” IETF Network Working Group. RFC 2246. See http://www.ietf.org/rfc/rfc2246.txt.
- 22.Elgamal, et al. August 12, 1997, “Secure socket layer application program apparatus and method.” United States Patent 5,657,390.Google Scholar
- 23.Rescorla, E., SSL and TLS, “Designing and Building Secure Systems,” 2001 Addison-Wesley. ISBN 0-201-61598-3.Google Scholar
- 24.Goldberg, I., and Wagner D., “Randomness and the Netscape Browser,” Dr. Dobbs Journal, January 1996.Google Scholar