I strongly believe that keeping things secret is not a good idea, and that security cannot be achieved through obscurity. There are many convincing examples of this, even in the smart card industry. The infamous GSM algorithms are a perfect example: cryptography using secret algorithms is a bad idea, because the algorithms get broken. Following […]
Preparing for Bandol
The specification of the Next Generation Java Card (aka Bandol) will not be publicly available before beginning of 2008, but the information that has been disclosed so far is sufficient for developers to start thinking about the architecture of future applications. The JavaOne session by Jean-Jacques vandewalle and Laurent Lagosanto provides the appropriate material to […]
Entertaining BOF
Among the Java Card speakers, the most colorful and refreshing was undoubtedly Seth Meltzer, from the IRS (yes, the Internal Revenue Service, i.e., the US tax guys). Seth Meltzer is in fact a teacher and researcher, and his specialty is more cryptography than smart cards. His presentation was also very much oriented toward cryptography, with […]
Can Java Card save the world?
Not by itself, but maybe that it can help a little bit. One of the sessions in JavaOne was about the Bekoz payment system, which aims at providing a low-cost alternative to money transfer schemes like Western Union. The scheme is based on mobile phones, and the client side of the software runs on a […]
Open Source Java Card ?
On the first day of JavaOne, I spent some time looking at the open source business, attending in particular Simon Phipps’ session (BUS-8032) about Open Source business models. Most of Java is now open source, and Java Card remains an exception here. Of course, one of the reasons may be that Java Card is the […]
Putting a SIM on a mobile PC
As of today, only a minority of people use 3G interfaces on PC’s. In fact, the most avid users I know work for an operator, which greatly lowers the connection cost. Nevertheless, 3G is an interesting way to get basic connectivity on a PC, since it reuses an existing infrastructure. Still at the SIM Summit, […]
Adapting the phone to new SIM cards
Although major phone manufacturers often are smart card foes, some actors in this field pay great interest to SIM cards. One of them is Purple Labs, which designs specific devices for MNOs. Since their customers like smart cards, they understand their importance. Jean-Marie André, of Purple Labs, made a presentation at the SIM Summit in […]
Interview on Sun Developer Network
As JavaOne approaches, Sun has posted an interview of me on SDN, as Java Card luminary. I am in quite good company in the mobility luminaries, as Java Me is represented by Akil Arora and Vincent Hardy for Mobile Web 2.0, Pia Namela for Web services, and Michael Zhang for location-based services. The really exciting […]
Access control for smart card Web server
One of Bandol’s major innovations is the adoption of the servlet programming model. This can be considered as an acknowledgement by the smart card industry of the role of secure personal server for smart cards. Now, we just have to make sure that issuers share that vision. On technical matters, we are faced with the […]
Challenges for the SIM
I have chaired a session at the SIM Summit, whose topic was the technical challenges to be met in order to satisfy operator requirements. The speakers were mixed between operators and vendors. The session was very informative, especially because there seems to be a good convergence between the actors. In order, the hot topics are […]