According to offical history, Java Card turns 10 years old this month. In October 1996, Sun released the Java Card 1.0 specification. This was not a very big event, as only Schlumberger were actively working on it. And at Sun, not many people knew what smart cards were. The Java Card 1.0 specification was a […]
Category Archives: Miscellaneous
e-Smart postface
e-Smart, day 3. e-Smart is over. I did not manage to attend a lot of sessions, but I found a few interesting things. I looked back at the things I commented on, and I found only three conclusions: I am obsessed by fault induction, but there is hope for a cure, at both the software […]
An efficient sensitive section API
e-Smart, day 3. Benoît Gonzalvo is from Gemalto’s security group, and he also participates to the Java Card Forum’s security work. The issue is to protect against attacks (side-channel observation or fault induction) [Gon06]. The two current approaches are: Protecting the whole VM, which is secure but potentially very slow. Protecting the application code, which […]
e-Smart plenary session
e-Smart, day 2. This panel discussion was very promising, especially because of its host, Bertrand Ducastel, who recently left the smart card industry to return to Schlumberger’s petroleum services. The panelists were: DBo: Dominique Bolignano, CEO, Trusted Logic JF: Jerry Fishenden, Nat’l Technology Officer, Microsoft UK CG: Christian Goire, Gemalto, and President, Java Card Forum […]
Java Card mobile grid
e-Smart, day 2. Serge Chaumette, Damien Sauveron, and the rest of the team directed by Serge at LaBRI, is the developer of the Java Card Grid, They have put together a bunch of smart cards readers with cards in them, and then used that as a server for security-sensitive operations. The basic idea was very […]
Smart cards and Wi-Fi
e-Smart, day 2. Pascal Urien has been working on EAP for a few years, and has now reached interesting results [Uri06]. He has had a lot courage, because he started his wrk with some of the crypto algorithms programmed in Java (RC4, for instance). And even with this very strong handicap, he managed to get […]
Java Card in transport applications
e-Smart, day 2. François Guillaume, from RATP, presented the status of RAPT’s use of Java Card for Navigo [Gui06]. Navigo is RATP’s transport smart card program. RATP has issued millions of these contactless cards. Today, Navigo is mostly used for contracts, i.e., monthly transport cards, but their objective is to use is also for individual […]
Designing chips against fault induction
e-Smart, day 1. The title of the talk by ST’s Christophe Tremlet was very appealing [Tre06]; the talk was interesting, but a bit under my expectations (the problem is not completely solved). Nevertheless, Christophe gave a very nice and interesting presentation of fault induction attacks, showing the different parameters that can be acted upon at […]
Web applications for smart devices
e-Smart, day 1. I arrived late, just in tiome for the talk by Gemalto’s Patrick George about Web applications for smart devices (he was replacing Jean-Jacques Vandewalle) [Van06]. Patrick gave an account of many previous attempts to link the Web and smart card, which we all know did not work so far: as of today, […]
e-passport security
There have been several posts on Bruce Schneier’s blog about e-passports, including a recent one. Bruce’s views are interesting, and he raises interesting issues about RFID on passports. On the other hand, the comments posted on this post and related ones, show that there are lots of misunderstandings about the technology. Of course, this is […]