With OpenCard and PC/SC, we see two new industry initiatives in the chip card world of today, which are currently developing into defacto standards and might eventually evolve to formal international standards. This document tries to give an overview of both initiatives and to explain their relationship and positioning to each other. About the Author Frank Seliger’s current responsibility is so...

This paper documents a successful Electromagnetic Analysis attack implemented using limited technical knowledge and low cost equipment. EM traces were acquired from a sample card and analysis software successfully identified the correct key guesses in proprietary traces. It is important to note that although this attack was implemented on a smart card running the DES encryption algorithm, that ...

The new Gemplus smart card is based on the Java technology, embedding a virtual machine. The security policy uses mechanisms that are based on Java properties. This language provides segregation between applets. But due to the smart card constraints a byte code verifier can not be embedded. Moreover, in order to maximise the number of applets the byte code must be optimised. The security proper...

This paper proposes an improved wavelet with approximating function which is symmetric in nature is proposed for compression technique. Multi-application smart cards are fast replacing the conventional cards such as driving license, health insurance card, identity card, credit card with a single card. Thus, the amount of data stored in the smart card is high, requiring methods to compress the d...

This paper describes an elementary protocol to prove possession of anonymous credentials together with its implementation on smart cards. The protocol uses self-blindable attribute certificates represented as points on an elliptic curve (which are stored on the card). These certificates are verified on the reader-side via a bilinear pairing. Java Card smart cards offer only very limited access ...

Java Card is a variant of Java designed for use in smart cards and other systems with limited resources. Applets running on a smart card are protected from each other by the applet firewall, allowing communication only through shared objects. Security can be breached if a reference to a shared object is leaked to a hostile applet. In this paper we develop a Control Flow Analysis for a small lan...

Today, one existing class of RFID systems are based on ISO 14443 (Proximity Coupling). This is the standard for RF-interfaces of contactless smart card systems. Contactless RF interfaces of smart cards are very often regarded as less secure than contact based smart cards. This tenor may be changed based on our new approach. Therefore we suggest to establish secure password authenticated wireles...

The advent of the Java Card standard has been a major turning point in smart card technology. With the growing acceptance of this standard, understanding the performance behaviour of these platforms is becoming crucial. To meet this need, we present in this paper, a benchmark framework that enables performance evaluation at the bytecode level. This paper focuses on the validity of our time meas...

In 2013, Qu demonstrated that Awasthi et al.’s remote user authentication scheme is vulnerable to smart card loss attack, off-line password guessing attack and does not preserve anonymity of user. However, this paper points out that Qu’s scheme is still vulnerable to off-line password guessing attack and smart card loss attack, and also does not preserve anonymity of a user unlike its claim. Fo...

The paper presents an authentication scheme for remote systems using smart card. The scheme prevents the scenario of many logged in users with the same login identity, and does not require password/verifier table to validate the users’ login request. The scheme provides a user-friendly password change option, and withstands the replay, impersonation, stolen-verifier, guessing, and denial-of-ser...