SlideShare a Scribd company logo

Smart Card Security

Reben Dalshad
Reben Dalshad

In this presentation, I presented the history of smart cards, how smart card works, smartcard security and advantage and disadvantage of smartcards.

Technology
1 of 24
PRESENTED BY: REBEN DALSHAD IBRAHIM SMART CARD SECURITY
introduction Smart card is a small plastic that is embedded with either a microprocessor or a memory chip. provides cryptographic services (e.g. authentication, confidentiality, integrity) is small and personal is a secure device
History of Smart Cards • In the early 1950s Diners club produced the first all-plastic card to be used for payment applications. • Smart card has its origin in 1970s by inventors from Germany, Japan and France. • First mass use was for payment in french payphones. • The manufacturer of Smart Cards are Gemplus, IBM, Siemens, Telesec and many more.
What is ‘Smart’ about the Smart Cards..?? • Smart Cards are capable of not just storing data but also have processing power. • The data stored can be protected against unauthorized access and tempering. • They are appropriate for secure and convenient data storage. • Smart cards have the property of multifunctionality.
Smart card application area’s • Government • E-commerce • E-banking • Education • Office • Communication • Entertainment • Retail • Transportation • Health care
What’s inside a smart card ? microprocessor Microprocesor: heart of the chip
What’s inside a smart card ? security logic security logic: detecting abnormal conditions, e.g. low voltage microprocessor
What’s inside a smart card ? microprocessor serial i/o interface security logic serial i/o interface: contact to the outside world
What’s inside a smart card ? test logic serial i/o interface security logic test logic: self-test proceduresmicroprocessor
What’s inside a smart card ? test logic ROM serial i/o interface security logic ROM: – card operating system – self-test procedures – typically 16 kbytes – future 32/64 kbytes microprocessor
What’s inside a smart card ? RAM test logic ROM serial i/o interface security logic RAM: ‘scratch pad’ of the processor typically 512 bytes future 1 kbyte microprocessor
What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic EEPROM: –cryptographic keys –PIN code –biometric template –balance –application code –typically 8 kbytes –future 32 kbytes microprocessor
What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic databus databus: connection between elements of the chip. 8 or 16 bits wide microprocessor
Basic smart card security features Hardware • closed package • memory encapsulation • security logic (sensors) • cryptographic coprocessors and random generator Software • decoupling applications and operating system • restricted file access • life cycle control • various cryptographic algorithms and protocols
Cryptographic algorithms  Smart cards and intelligent token uses different types of encryption systems.  SHA-1, RSA, DES • DES was published by the National Bureau of Standards. It is a secret Key cryptographic algorithm .
Smart card attacks Internal Attacks Side Channel Attacks Logical Attacks
Internal attack • Alarm (sensors) – light – active grid • Hide – feature size – multi-layer • Confuse – glue logic – redundant logic
Logical attacks Communication Command scan File system scan Invalid / inopportune requests Crypt-analysis and protocol abuse
Side channel attack • Signal analysis – reduce processor signal by balancing or equalising the power and/or shielding the emission – variable ordering of processes – retry counters • Signal insertion – use sensors for supply voltage, light and temperature – double implementation path (for verification) – check for runtime parameter validity
Advantages • A chip is tamper resistant. • Information stored on the card can be PIN protected and read write protected. • Capable of performing data encryption. • Capable of processing information.
Disadvantages • The accuracy of information is small. • It gives liability issues if stolen or lost. • It is potential for too much data on one card if lost or stolen. • It is a potential area for computer hacker and computer viruses. • Lack of technology to support user.
Conclusions • Smart card is an excellent technology to secure storage and authentication • Smart card technology is emerging, applications are everywhere • Smart cards enhance service and security • Perfect security does not exist, even not for smart cards • A smart world is the future
References • http://www.smartcardbasics.com / • https://www.riscure.com/ • History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.ht ml
THANK YOU

Recommended

Smart card
Smart cardSmart card
Smart cardSantosh Khadsare
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt Dewanshu Haswani
 
Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation ppriteshs
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card TechnologyAmit Gaur
 
SMART CARD
SMART CARDSMART CARD
SMART CARDKapil Dev Ghante
 
Smart card
Smart cardSmart card
Smart cardRitika Golash
 
Smart card
Smart cardSmart card
Smart cardSaumya Ranjan Behura
 
Smart card
Smart cardSmart card
Smart cardram212213
 

Recommended

Smart card
Smart cardSmart card
Smart cardSantosh Khadsare
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt Dewanshu Haswani
 
Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation ppriteshs
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card TechnologyAmit Gaur
 
SMART CARD
SMART CARDSMART CARD
SMART CARDKapil Dev Ghante
 
Smart card
Smart cardSmart card
Smart cardRitika Golash
 
Smart card
Smart cardSmart card
Smart cardSaumya Ranjan Behura
 
Smart card
Smart cardSmart card
Smart cardram212213
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDSsalman khan
 
Ppt Smart Card
Ppt Smart CardPpt Smart Card
Ppt Smart CardRam Dutt Shukla
 
Iot architecture
Iot architectureIot architecture
Iot architectureNiranjan Kumar
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyShashank Karamballi
 
Smart Card
Smart CardSmart Card
Smart CardDarani Daran
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technologyvishnu murthy
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future walletLeelakh Sachdeva
 
Smart Card
Smart CardSmart Card
Smart CardAlan Leewllyn Bivera
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyPushkar Dutt
 
Smart cards
Smart cardsSmart cards
Smart cardsjaswinderkaur144
 
SMART DUST
SMART DUSTSMART DUST
SMART DUSTKhyravdhy Tannaya
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
BLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGYBLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGYChaitanya Ram
 
Embedded system in Smart Cards
Embedded system in Smart CardsEmbedded system in Smart Cards
Embedded system in Smart CardsRebecca D'souza
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics123seminarsonly
 
Atm using fingerprint
Atm using fingerprintAtm using fingerprint
Atm using fingerprintAnIsh Kumar
 
RFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEMRFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEMavinash yada
 
Digital jewellery ppt
Digital jewellery pptDigital jewellery ppt
Digital jewellery pptRithu Pudiyaveedu
 
Embedded system seminar
Embedded system seminarEmbedded system seminar
Embedded system seminarSukhendra Chaudhary
 
Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Smart id's
Smart id'sSmart id's
Smart id'sChetanya Bansal
 

More Related Content

What's hot

Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technologyvishnu murthy
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future walletLeelakh Sachdeva
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyPushkar Dutt
 
BLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGYBLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGYChaitanya Ram
 
Embedded system in Smart Cards
Embedded system in Smart CardsEmbedded system in Smart Cards
Embedded system in Smart CardsRebecca D'souza
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics123seminarsonly
 
Atm using fingerprint
Atm using fingerprintAtm using fingerprint
Atm using fingerprintAnIsh Kumar
 
RFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEMRFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEMavinash yada
 

What's hot (20)

Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card Security
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDS
 
Ppt Smart Card
Ppt Smart CardPpt Smart Card
Ppt Smart Card
 
Iot architecture
Iot architectureIot architecture
Iot architecture
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart Card
Smart CardSmart Card
Smart Card
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technology
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future wallet
 
Smart Card
Smart CardSmart Card
Smart Card
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart cards
Smart cardsSmart cards
Smart cards
 
SMART DUST
SMART DUSTSMART DUST
SMART DUST
 
Smartcard
SmartcardSmartcard
Smartcard
 
BLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGYBLUE EYES TECHNOLOGY
BLUE EYES TECHNOLOGY
 
Embedded system in Smart Cards
Embedded system in Smart CardsEmbedded system in Smart Cards
Embedded system in Smart Cards
 
Computer science seminar topics
Computer science seminar topicsComputer science seminar topics
Computer science seminar topics
 
Atm using fingerprint
Atm using fingerprintAtm using fingerprint
Atm using fingerprint
 
RFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEMRFID BASED SECURITY ACCESS CONTROL SYSTEM
RFID BASED SECURITY ACCESS CONTROL SYSTEM
 
Digital jewellery ppt
Digital jewellery pptDigital jewellery ppt
Digital jewellery ppt
 
Embedded system seminar
Embedded system seminarEmbedded system seminar
Embedded system seminar
 

Similar to Smart Card Security

Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFIDDevnology
 
smartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdfsmartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdfssuser5b47c8
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapHai Nguyen
 
Presentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hackingPresentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hackingAmbuj Kumar
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniquesMohitManna
 
Smartcards and Authentication Tokens
Smartcards and Authentication TokensSmartcards and Authentication Tokens
Smartcards and Authentication Tokenssaniacorreya
 
smartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfsmartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfssuser5b47c8
 
Smart card Technology
Smart card TechnologySmart card Technology
Smart card TechnologyDharaneeshwar
 

Similar to Smart Card Security (20)

Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant Patel
 
Smart id's
Smart id'sSmart id's
Smart id's
 
Access controls
Access controlsAccess controls
Access controls
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFID
 
Smart cards system
Smart cards systemSmart cards system
Smart cards system
 
Smart card
Smart cardSmart card
Smart card
 
Smart card
Smart cardSmart card
Smart card
 
Smart cards
Smart cards Smart cards
Smart cards
 
smartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdfsmartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdf
 
Smart Card based Robust Security System
Smart Card based Robust Security SystemSmart Card based Robust Security System
Smart Card based Robust Security System
 
Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmap
 
Presentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hackingPresentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hacking
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Smartcards and Authentication Tokens
Smartcards and Authentication TokensSmartcards and Authentication Tokens
Smartcards and Authentication Tokens
 
smartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfsmartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdf
 
SmartWorld- What we Do!
SmartWorld- What we Do!SmartWorld- What we Do!
SmartWorld- What we Do!
 
Smart card Technology
Smart card TechnologySmart card Technology
Smart card Technology
 
Smart card ppt
Smart card pptSmart card ppt
Smart card ppt
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 

Recently uploaded

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 

Recently uploaded (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 

Smart Card Security

  • 1. PRESENTED BY: REBEN DALSHAD IBRAHIM SMART CARD SECURITY
  • 2. introduction Smart card is a small plastic that is embedded with either a microprocessor or a memory chip. provides cryptographic services (e.g. authentication, confidentiality, integrity) is small and personal is a secure device
  • 3. History of Smart Cards • In the early 1950s Diners club produced the first all-plastic card to be used for payment applications. • Smart card has its origin in 1970s by inventors from Germany, Japan and France. • First mass use was for payment in french payphones. • The manufacturer of Smart Cards are Gemplus, IBM, Siemens, Telesec and many more.
  • 4. What is ‘Smart’ about the Smart Cards..?? • Smart Cards are capable of not just storing data but also have processing power. • The data stored can be protected against unauthorized access and tempering. • They are appropriate for secure and convenient data storage. • Smart cards have the property of multifunctionality.
  • 5. Smart card application area’s • Government • E-commerce • E-banking • Education • Office • Communication • Entertainment • Retail • Transportation • Health care
  • 6. What’s inside a smart card ? microprocessor Microprocesor: heart of the chip
  • 7. What’s inside a smart card ? security logic security logic: detecting abnormal conditions, e.g. low voltage microprocessor
  • 8. What’s inside a smart card ? microprocessor serial i/o interface security logic serial i/o interface: contact to the outside world
  • 9. What’s inside a smart card ? test logic serial i/o interface security logic test logic: self-test proceduresmicroprocessor
  • 10. What’s inside a smart card ? test logic ROM serial i/o interface security logic ROM: – card operating system – self-test procedures – typically 16 kbytes – future 32/64 kbytes microprocessor
  • 11. What’s inside a smart card ? RAM test logic ROM serial i/o interface security logic RAM: ‘scratch pad’ of the processor typically 512 bytes future 1 kbyte microprocessor
  • 12. What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic EEPROM: –cryptographic keys –PIN code –biometric template –balance –application code –typically 8 kbytes –future 32 kbytes microprocessor
  • 13. What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic databus databus: connection between elements of the chip. 8 or 16 bits wide microprocessor
  • 14. Basic smart card security features Hardware • closed package • memory encapsulation • security logic (sensors) • cryptographic coprocessors and random generator Software • decoupling applications and operating system • restricted file access • life cycle control • various cryptographic algorithms and protocols
  • 15. Cryptographic algorithms  Smart cards and intelligent token uses different types of encryption systems.  SHA-1, RSA, DES • DES was published by the National Bureau of Standards. It is a secret Key cryptographic algorithm .
  • 17. Internal attack • Alarm (sensors) – light – active grid • Hide – feature size – multi-layer • Confuse – glue logic – redundant logic
  • 18. Logical attacks Communication Command scan File system scan Invalid / inopportune requests Crypt-analysis and protocol abuse
  • 19. Side channel attack • Signal analysis – reduce processor signal by balancing or equalising the power and/or shielding the emission – variable ordering of processes – retry counters • Signal insertion – use sensors for supply voltage, light and temperature – double implementation path (for verification) – check for runtime parameter validity
  • 20. Advantages • A chip is tamper resistant. • Information stored on the card can be PIN protected and read write protected. • Capable of performing data encryption. • Capable of processing information.
  • 21. Disadvantages • The accuracy of information is small. • It gives liability issues if stolen or lost. • It is potential for too much data on one card if lost or stolen. • It is a potential area for computer hacker and computer viruses. • Lack of technology to support user.
  • 22. Conclusions • Smart card is an excellent technology to secure storage and authentication • Smart card technology is emerging, applications are everywhere • Smart cards enhance service and security • Perfect security does not exist, even not for smart cards • A smart world is the future
  • 23. References • http://www.smartcardbasics.com / • https://www.riscure.com/ • History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.ht ml