Tag Archives: Java Card

Beyond Java Card

When Java Card was created, the market for smart cards was quite simple: chip vendors would design specific chips, chip vendors would develop an operating system for the chips and produce cards embedding the chip. Since then, this market has become much more complicated. For traditional payment and ID, changes are minimal, as card vendors […]

Inside Java Card: From APDUs to CAP File and Interoperability

As promised in the previous post, here are a few Java Card stories. Over the almost 20 years of Java Card history, many design decisions have been taken on the product: some successful, some less successful. Here are a few stories of these discussions/decisions. API vs. APDU Before Java Card, a smart card specification consisted […]

Java Card, a farewell

My Oracle story has ended, and with it my Java Card story, at least for now. I started working on the technology in February 1997, and I have never been very far from the technology for almost 20 years. However, Java Card is not in the scope of my next job, as I will focus […]

Chip to Cloud, day 2: Automated analysis of Java Card applets

This is a presentation by Jean-Baptiste Machemie, from the University of Limoges and a new project called Arya Security. The topic is automated analysis of Java Card applets, which is one of my favorite topics, and I am very happy to see interest from academia, as well as the emergence of companies who distribute such […]

Chip to Cloud, day 2: Java Card, 15 years later

Yes, this is my own session, so this is not really live. The idea is here to identify the most important events in the past 15 years of Java Card, and to take a look at the future. So, here are the selected events: 1996, Java on a smart card. That’s even more than 15 […]

Java Card is 15 years old

I just realized that I missed Java Card’s 15th birthday. This birthday was sometime in the end of October, 1996. I don’t have the exact date, because the only document I have is the Java Card API: Specification of the Java Virtual Machine and Application Programmer’s Interface, version 0.13, dated October 10, 1996. Although this […]

Open Source, GlobalPlatform, and Java Card

The two concepts of open source and smart cards have not gone well together. There are some projects about specific applications and corresponding terminal-side software, such as the Muscle project for Linux, and the JMRTD library for e-passports (if you have one that you want me to mention, let me know). However, there are really […]

Q&A: How to generate and protect keys in Java Card?

Cryptographic keys are often at the heart of Java Card applications, which often rely on cryptography to protect their data in storage and/or communication. Keys therefore become the most sensitive pieces of data in such applications. All evaluators know that, as getting the values of secret/private keys is the ultimate goal of a security evaluation. […]

About e-Smart: Java Card attacks

I was not at e-Smart this year, but here are some early reports from colleagues who attended the sessions. Over the coming days, I will comment on a few selected presentations. First, one of my favorite topics, which was covered Friday morning: attacks on the Java Card platform. There were two presentations this morning on […]

Live from JavaOne: Java Card and Smart Meters

The funny thing about this presentation is that I have first been invited to attend the e-Smart version of it (this week as well, in Sophia Antipolis). When I declined, they told me that the same talk was given at JavaOne, so here I am. From Onzo’s Tim Holley and Oracle’s Jean-Yves Bitterlich, this is […]