Tag Archives: Tutorial

JC301-4: Where are the differences?

[Corrected April 9, 2009: more mentions of Classic, added a conclusion] You have been warned in the previous posts. The Connected Edition of Java Card 3.0 is very different from Java Card 2.x. But, how exactly are these two versions different? Well, there are differences at all levels, from the virtual machine to the application […]

JC101-20C: A secure channel API

Continuing our secure channel example, we will next define a secure channel API, and provide a small example based on this API. Beware! As mentioned before, this is only an example, not intended for real use. In addition, the code has not been actually tested so far …

JC301-3: Connected vs. Classic

After a month of silence, just a quick post to restart the tutorial thing, about the two editions of Java Card 3.0. Two editions As mentioned earlier, Java Card 2.x represents 5 billion cards today, and over a billion are issued each year. This represents a very significant part of the smart card business in […]

JC101-19C: Secure channel protocol

Starting a session Protocol For our session start, we will here use a classical architecture, but with slightly different commands. First, here is a definition of the exchanges between two actors (say, Alice and Bob) to start a secure session: Alice sends a 16-byte random number to a1 … a16 to Bob. Bob replies with […]

JC101-18C: Defining a secure channel from scratch

In the few coming posts, we will define a secure channel protocol from scratch as an example, and provide an implementation for it. This example will also be used as a way to introduce the cryptographic mechanisms that exist in Java Card. Be careful, this is not a tutorial on cryptography. I am not a […]

JC301-2: Why change Java Card?

I have recented commented on the fact that parts of the Multos specification have not evolved since August 1997. Java Card was then at its 1.0 version, and in 10 years, has known 3 major releases: 2.0 introduced the new framework, 2.1 made it mature by defining binary-level interoperability, and 2.2 added a few missing […]

JC301-1: Introducing Java Card 3.0

Foreword: The JC101 tutorial about Java Card 2 is getting closer to the end, now dealing with the subtleties of cryptography, testing, and other difficult tasks. As progress may slow to a crawl, it is time to start discussing the technology that actually started this blog, Java Card 3. – o – Your first program […]

JC101-17C: Communication Security Rationale

Foreword: If you have been following the tutorial, you may have noticed that the last post was numbered 13. There are therefore 3 missing posts. Like post 13, they should be dedicated to testing techniques (building a test plan, writing tests, etc.). However, writing tests without using proprietary tools is not as easy as I […]