Skip to main content
SpringerLink
Log in

Smart Card Security

  • Chapter
Computational Intelligence in Information Assurance and Security

Part of the book series: Studies in Computational Intelligence ((SCI,volume 57))

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 3GPP organisation. http://www.3gpp.org/

  2. 3GPP organisation. 3GPP TS 33.102 3G Security; Security Architecture (Release 99) V3.13.0 (2002-12), 2002

    Google Scholar 

  3. M.-L. Akkar and C. Giraud. An implementation of DES and AES secure against some attacks. In Ç . K. Koçc, D. Naccache, and C. Paar, editors, Cryptogaphic Hardware and Embedded Systems — CHES 2001, volume 2162 of Lecture Notes in Computer Science, pp. 309–318. Springer-Verlag, 2001

    Google Scholar 

  4. C. Aumüller, P. Bier, P. Hofreiter, W. Fischer, and J.-P. Seifert. Fault attacks on RSA with CRT: Concrete results and practical countermeasures. In B. S. Kaliski Jr., Ç. K. Koç, and C. Paar, editors, Cryptogaphic Hardware and Embedded Systems — CHES 2000, volume 2523 of Lecture Notes in Computer Science, pages 260–275. Springer-Verlag, 2002

    Google Scholar 

  5. F. Bao, R. H. Deng, Y. Han, A. Jeng, A. D. Narasimhalu and T. Ngair. Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults, the Proceedings of the 5th Workshop on Secure Protocols, volume 1361 of Lecture Notes in Computer Science, Springer-Verlag, pp. 115– 124, 1997

    Google Scholar 

  6. H. Bar-El, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan. The sorcerers apprentice guide to fault attacks. Proceedings of the IEEE: Special Issue on Cryptography and Security, 94(2):370–382, IEEE, 2006

    Google Scholar 

  7. G. Betarte, E. Gimenez, B. Chetali, and C. Loiseaux. FORMAVIE: Formal Modeling and Verification of Java Card 2.1.1 Security Architecture, In Proceedings of E-Smart 2002, pp. 215–229, 2002

    Google Scholar 

  8. E. Biham and A. Shamir. Differential cryptanalysis of DES-like cryptosystems. In A. Menezes and S. Vanstone, editors, Advances in Cryptology — CRYPTO ’90, volume 537 of Lecture Notes in Computer Science, pp. 2–21. Springer- Verlag, 1991

    Google Scholar 

  9. E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. In B. S. Kaliski Jr., editor, Advances in Cryptology — CRYPTO ’97, volume 1294 of Lecture Notes in Computer Science, pp. 513–525. Springer-Verlag, 1997

    Google Scholar 

  10. A. Biryukov, A. Shamir, and D. Wagner. Real time cryptanalysis of A5/1 on a PC, In B. Schneier, editor, Fast Software Ecryption — FSE 2000, volume 1978 of Lecture Notes in Computer Science, pp. 1–18, Springer-Verlag, 2000

    Google Scholar 

  11. J. Blömer and J.-P. Seifert. Fault based cryptanalysis of the advanced encryption standard (AES). In R. N. Wright, editor, Financial Cryptography, volume 2742 of Lecture Notes in Computer Science, pp. 162–181. Springer-Verlag, 2003

    Google Scholar 

  12. D. Boneh, R. A. DeMillo, and R. J. Lipton. On the importantce of checking computations. In W. Fumy, editor, Advances in Cryptology — EUROCRYPT ’97, volume 1233 of Lecture Notes in Computer Science, pages 37–51. Springer- Verlag, 1997

    Google Scholar 

  13. M. Briceno, I. Goldberg, and D. Wagner. GSM Cloning. 20 April 1998. http://www.isaac.cs.berkeley.edu/isaac/gsm.html

  14. E. Brier, C. Clavier and F. Olivier. Correlation power analysis with a leakage model. In M. Joye and J.-J. Quisquater, editors, Cryptographic Hardware and Embedded Systems — CHES 2004, volume 3156 of Lecture Notes in Computer Science, pp. 16–29. Springer-Verlag, 2004

    Google Scholar 

  15. S. Chari, C. S. Jutla, J. R. Rao, and P. Rohatgi. Towards approaches to counteract power-analysis attacks. In M. Wiener, editor, Advances in Cryptology — CRYPTO ’99, volume 1666 of Lecture Notes in Computer Science, pp. 398–412, Springer-Verlag, 1999

    Google Scholar 

  16. M. Ciet and M. Joye. Practical fault countermeasures for chinese remaindering based RSA. In L. Breveglieri and I. Koren, editors, Workshop on Fault Diagnosis and Tolerance in Cryptography 2005 — FDTC 2005, pp. 124–131, 2005

    Google Scholar 

  17. B. Chevallier-Mames, M. Ciet, and M. Joye. Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity. IEEE Transactions on Computers, 53(6):760–768, IEEE, 2004

    Article  Google Scholar 

  18. C. Clavier, J.-S. Coron, and N. Dabbous. Differential power analysis in the presence of hardware countermeasures. In Ç. K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2000, volume 1965 of Lecture Notes in Computer Science, pp. 252–263. Springer-Verlag, 2000

    Google Scholar 

  19. R. Cohen. The defensive Java virtual machine specification, Technical Report, Computational Logic Inc., 1997

    Google Scholar 

  20. Common Criteria. www.commoncriteria.org

  21. Z. Chen. Java Card Technology for Smart Cards : Architecture and Programmer’s Guide, Addison-Wesley, 2000

    Google Scholar 

  22. S. Chaumette and D. Sauveron. Some Security Problems Raised by Open Multiapplication Smart cards, 10th Nordic Workshop on Secure IT-systems — Nord- Sec 2005, 2005

    Google Scholar 

  23. S. Chaumette and D. Sauveron, An efficient and simple way to test the security of Java cards, In Proceedings of the 3rd International Workshop on Security in Information Systems — WOSIS 2005, pp. 331–341. INSTICC Press, 2005

    Google Scholar 

  24. European Technical Standards Institute, http://www.etsi.org/

  25. European Technical Standards Institute. GSM 11:11 - Digital cellular telecommunications system (phase 2+); Specification of the Subscriber Identity Module - Mobil Equipment (SIM-ME) interface, Version 8.3.0, 1999

    Google Scholar 

  26. European Technical Standards Institute, Security Algorithms Group of Experts (SAGE). http://portal.etsi.org/sage/sage tor.asp

  27. Europay International. MAOS Paltforms Status Technical Report, www.europay.com

  28. K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: concrete results. In Ç. K. Koç, D. Naccache and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2001, volume 2162 of Lecture Notes in Computer Science, pp. 251–261. Springer-Verlag, 2001

    Google Scholar 

  29. Gemplus. MPCOS Multi Application Payment Chip, Reference Manual Ver 4.0, 1994

    Google Scholar 

  30. C. Giraud and H. Thiebeauld. A survey on fault attacks. In Y. Deswarte and A. A. El Kalam, editors, Smart Card Research and Advanced Applications VI — 18th IFIP World Computer Congress, pp. 159–176. Kluwer Academic, 2004

    Google Scholar 

  31. Global Platfom. Global Platform Card Specification, Version 2.1, 2001, http://www.globalplatform.org

  32. L. Hemme. A differential fault attack against early rounds of (triple-)DES. In M. Joye and J.-J. Quisquater, editors, Cryptographic Hardware and Embedded Systems — CHES 2004, volume 3156 of Lecture Notes in Computer Science, pp. 254–267. Springer-Verlag, 2004

    Google Scholar 

  33. F. Hilebrand. GSM & UMTS, Wiley 2002

    Google Scholar 

  34. Intercede Group plc. OpenPlatform, http://www.intercede.com/Technology-OpenPlatform.htm

  35. International Standard Organisation. ISO/IEC 7816, Information technology — Identification cards — Integrated circuit(s) cards with contacts — Part 4: Interindustry commands for interchange, 1995

    Google Scholar 

  36. International Standard Organisation. ISO/IEC 7816, Information technology — Identification cards — Integrated circuit(s) cards with contacts — Part 5: Numbering system and registration procedure for application identifiers, 1994

    Google Scholar 

  37. International Standard Organisation. ISO/IEC 7816, Information technology — Identification cards — Integrated circuit(s) cards with contacts — Part 6: Inter-industry data elements, 1996.

    Google Scholar 

  38. D.H Habing. The use of lasers to simulate radiation-induced transients in semiconductor devices and circuits, In IEEE Transactions On Nuclear Science, volume 39, pp. 1647–1653, IEEE, 1992

    Google Scholar 

  39. Hive-Minded. Smartcard.NET, www.hiveminded.com

  40. M. Joye and F. Olivier. Side-channel attacks. In H. van Tilborg, editor, Encyclopedia of Cryptography and Security, pp. 571–576. Kluwer Academic Publishers, 2005

    Google Scholar 

  41. M. Joye, J.-J. Quisquater, F. Bao, and R.H. Deng. RSA-type signatures in the presence of transient faults, In M. Darnell, editor, Cryptography and Coding, volume 1355 of Lecture Notes in Computer Science, pp. 155–160, Springer-Verlag, 1997

    Google Scholar 

  42. P. Kocher. Timing attacks on implementations of diffe-hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology — CRYPTO ’96, volume 1109 of Lecture Notes in Computer Science, pp. 104–113. Springer- Verlag, 1996

    Google Scholar 

  43. P. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In M. J. Wiener, editor, Advances in Cryptology — CRYPTO ’99, volume 1666 of Lecture Notes in Computer Science, pp. 388–397. Springer-Verlag, 1999

    Google Scholar 

  44. ITSEC. http://www.ssi.gouv.fr/site documents/ITSEC/ITSEC-fr.pdf

  45. T. M. Jurgensen and S. B. Guthery. Smart cards : the developer’s toolkit, Prentice Hall, 2002

    Google Scholar 

  46. X. Leroy. Bytecode verification for java smart card. Software Practice & Experience, volume 32, pp. 319–340, 2002

    Google Scholar 

  47. MAOSCO Ltd. The MULTOSTMSpecification, http://www.multos.com/

  48. C. Markantonakis. The case for a secure multi-application smart card operating system. In E. Okamoto, G. I. Davida, and M. Mambo, editors, Information Security Workshop 97 — ISW ’97), volume 1396 of Lecture Notes in Computer Science, pp. 188–197. Springer-Verlag, 1997

    Google Scholar 

  49. G. McGraw and E. W. Felten. Securing java, J. Wiley & Sons, 1999

    Google Scholar 

  50. G. McGraw, K. Ayer, and E. W. Felten. Jave Security meets smart cards, security enhancements in java card 2.1.1 will help multi-application smart cards take off in U.S. markets, Information Security Magazin, http://www.infosecurity.com/articles/march01/cover.shtml, 2001

  51. T. S. Messerges. Power Analysis Attacks and Countermeasures for Cryptographic Algorithms. PhD thesis, University of Illinois, Chicago, 2000

    Google Scholar 

  52. T. S. Messerges. Using second-order power analysis to attack DPA resistant software. In Ç. K. Koç and C. Paar, editors, Cryptogaphic Hardware and Embedded Systems — CHES 2000, volume 1965 of Lecture Notes in Computer Science, pp. 71–77. Springer-Verlag, 2000

    Google Scholar 

  53. U. Meyer and S. Wetzel, On the Impact of GSM Encryption & Man-in-the- Middle Attacks on the Security of Interoperating GSM/YMTS Networks. In Proceedings of IEEE International Symposium on Personal, Indoor and Mobile Radio Communications — PIMRC 2004, volume 4, pp. 2876–2883, IEEE, 2004.

    Google Scholar 

  54. M. Montgomery, K. Krishna. Secure object sharing in Java card, In proceedings of the USENIXWorkshop on Smart Card Tehnology—Smartcard ’99, USENIX, 1999

    Google Scholar 

  55. D. Naccache, P. Q. Nguyên, M. Tunstall, and C. Whelan. Experimenting with faults, lattices and the DSA. In S. Vaudenay, editor, Public Key Cryptography — PKC 2005, volume 3386 of Lecture Notes in Computer Science, pp. 16–28. Springer-Verlag, 2005

    Google Scholar 

  56. General Information Systems Ltd. OSCAR, Specification of a smart card filling system incorporating data security and message authentication, http://www.gis.co.uk/oscman1.htm

  57. Parliamentary Office of Science and Technology. Mobile Telephone Crime. In POST Briefing Note 64, 1995

    Google Scholar 

  58. J. R. Rao, P. Rohatgi, H. Scherzer, and S. Tinguely. Partitioning attacks: or how to rapidly clone some GSM cards. In Proceedings of IEEE Symposium on Security and Privacy, pp. 31–41, IEEE, 2002

    Google Scholar 

  59. E. Rose and K. H. Rose. Lightweight bytecode verification. In Formal Underpinnings of Java — OOPSLA ’98, ACM, 1998

    Google Scholar 

  60. D. Samyde, S. P. Skorobogatov, R. J. Anderson, and J.-J. Quisquater. On a new way to read data from memory. In Proceedings of the First International IEEE Security in Storage Workshop, pp. 65–69, IEEE, 2002

    Google Scholar 

  61. D. Sauveron. Étude et réalisation d’un environnemet d’expérimentation et de modélisation pour la technologie java cardTM. application á la sécurité. PhD thesis, University of Bordeaux, Bordeaux, 2004

    Google Scholar 

  62. Season 2 Interface. http://www.maxking.co.uk/

  63. S. P. Skorobogatov and R. J. Anderson. Optical fault induction attacks. In B. S. Kaliski Jr. and Ç. K. Koç and C. Paar, editors, Cryptogaphic Hardware and Embedded Systems — CHES 2002, volume 2523 of Lecture Notes in Computer Science, pp. 2–12. Springer-Verlag, 2002

    Google Scholar 

  64. SmartCard Trends. .NET brings web services to smart cards, April/May Issue, 2004

    Google Scholar 

  65. Sun Microsystems. Java Card API Ver 1.0, http://www.javasoft.com/javacard/

  66. Sun Microsystems. Java Card API Ver 2.0, www.javasoft.com/javacard/

  67. Sun Microsystems. Java Card 2.2.1 Application Programming Interface, 2003

    Google Scholar 

  68. Sun Microsystems. Java Card 2.2.1 Runtime Environment (JCRE) Specificqtion, 2003

    Google Scholar 

  69. Sun Microsystems. Java Card 2.2.1 Virtual Machine Specification, 2003

    Google Scholar 

  70. Sun Microsystems. Java Card API 2.2.1 Reference Implementation, 2002, http://www.javasoft.com/products/javacard/

  71. Sun Microsystems. JSR 177 Expert Group. Security and Trust Services API (SATSA) for J2ME V1.0, 2004

    Google Scholar 

  72. D. A. Watt and D. F. Brown. Programming Language Processors in java: compilers and interpreters, Prentice Hall, 2000

    Google Scholar 

  73. M. Witteman, Java Card Security, Information Security Bulletin 8, pp. 291–298, 2003

    Google Scholar 

  74. ZeitControl. BasicCard. http://www.basiccard.com/

  75. J. Ziegler. Effect of Cosmic Rays on Computer Memories, Science, volume 206, pp. 776–788, 1979

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Smart Card Centre, Information Security Group, Royal Holloway, University of London, Egham, TW20 0EX, Surrey, UK

    Kostas Markantonakis

  2. Smart Card Centre, Information Security Group, Royal Holloway, University of London, Egham, TW20 0EX, Surrey, UK

    Keith Mayes

  3. Smart Card Centre, Information Security Group, Royal Holloway, University of London, Egham, TW20 0EX, Surrey, UK

    Michael Tunstall

  4. XLIM — UMR CNRS 6172, University of Limoges, 123 avenue Albert Thomas, 87060, LIMOGES Cedex, FRANCE

    Damien Sauveron

  5. Information Security Group, Royal Holloway, University of London, Egham, TW20 0EX, Surrey, UK

    Fred Piper

Authors
  1. Kostas Markantonakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Keith Mayes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Tunstall
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Damien Sauveron
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fred Piper
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculdade de Engenharia, State University of Rio de Janeiro, Rua São Francisco Xavier 524 Sala 5022-D, 20550-900, Maracanã, Rio de Janeiro, Brazil

    Nadia Nedjah

  2. Centre for Quantifiable Quality of Service in Communication Systems (Q2S), Norwegian University of Science and Technology, O.S. Bragstads plass 2E, N-7491, Trondheim, Norway

    Ajith Abraham

  3. Faculdade de Engenharia, State University of Rio de Janeiro, Rua São Francisco Xavier 524 Sala 5022-D, 20550-900, Maracanã, Rio de Janeiro, Brazil

    Luiza de Macedo Mourelle

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Markantonakis, K., Mayes, K., Tunstall, M., Sauveron, D., Piper, F. (2007). Smart Card Security. In: Nedjah, N., Abraham, A., Mourelle, L.d.M. (eds) Computational Intelligence in Information Assurance and Security. Studies in Computational Intelligence, vol 57. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71078-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71078-3_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71077-6

  • Online ISBN: 978-3-540-71078-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation