Smart Cards

Welcome    Why?    Training    Games    ChangeBlog    External Resources    Submit Content

 

Creator: (1999) Ronald van der Knijff


License:    Creative Commons: Attribution, Share-Alike

(http://creativecommons.org/licenses/by-sa/3.0/)


Class Prerequisites: None


Lab Requirements: None


Class Textbooks:

    “Smart Card Handbook”, W. Rankl & W. Effing

    “RFID Handbook: Radio-Frequency Identification Fundamentals and Applications”, Klaus Finkenzeller (2nd English edition, April 2003) (an updated 2011 edition is available too)

    “Smart Cards: The Developer's Toolkit”, Timothy M. Jurgensen, Scott B. Guthery


Recommended Class Duration: 1 day


Creator Available to Teach In-Person Classes: No


Creator Comments:

This course shows how smart cards are different compared to other type of cards.

It is explained how smart cards can be used to realize confidentiality and integrity of information.


Insight is given into the structure and operation of a smart card, the functionality of a smart card operating system and commonly used security mechanisms. In addition, an overview is given of developments in the field of chips (8, 16 and 32 bit architectures, co-processors), operating systems, virtual machines (Java Card, MULTOS), compatibility (PC / SC, Open Card, EMV) security evaluation (ITSEC, Common Criteria) and physical and logical attack methods (probing, SEM, FIB, DFA, DPA). Biometric identification and authentication using smart cards is dealt along with a summary of developments and (im) possibilities.

 

Study targets include:

•Why using a smart card

•What’s a smart card and what’s not

•How’s a smart card structured

•What kind of interface equipment is available

•Working of a smart card OS

•Key developments

•Physical attacks

•Purpose and operation of security mechanisms

        •hardware authentication

        •individual authentication

                    •identification

                    •verification

        •data authentication

                    •one-way hashing

                    •MAC’s

                    •signing

                    •certificates

        •authorization

        •confidentiality

                    •symmetric versus asymmetric

•Attacks

•Why and how security evaluation

•Why and how risk analysis


Author Biography:

Ronald van der Knijff joined the Netherlands Forensic Institute (NFI) in 1996 and has spent most of his time working on embedded systems forensics. Major research interests focus on layers connecting hardware with software. Specific fields of interest: smartcards, RFID, flash memories, mobile phones, cell-site analysis, industrial control systems.



Class Materials


Full Slides (138 slides)



Revision History:


08-29-2014 - Initial class content upload


If you have used and modified this material, we would appreciate it if you submit your modified version for publishing here, so that all versions can benefit from your changes.