e-Smart, day 2. Pascal Urien has been working on EAP for a few years, and has now reached interesting results [Uri06]. He has had a lot courage, because he started his wrk with some of the crypto algorithms programmed in Java (RC4, for instance). And even with this very strong handicap, he managed to get EAP-TLS working within the constraints (under 30 seconds).
The latest development is a Radius server, which is based on USB Java Card cards plugged into a PC. It is quite interesting, because it is a very cheap way to have a well-secured small server. The use case can here be generalized: it is possible to build a cheap Security Server/Coprocessor by putting a few smart cards on the back of a PC and having them process the security requests.
Pascal also compared different cards, and published the figures (I didn’t get the slides, and this is all I had time to note; too bad I don’t have the product names):
- Axalto: 4.9s, which is the fastest card there.
- Gemplus: 10.0s, which is not bad.
- JCOP: 33.7s, which is surprising for a card that used to be the fastest around.
Of course, these figures are not significant (I don’t even know if some of these cards implement some crucial algorithms natively), but there aren’t that many published figures to work with.
The software is available as open source here.
No Comments