The Java Card Forum made the official announcement of my nomination as Technical Chairman at Cartes’06. The official press release can be found on the JCF site (in Word). Like in any good press releases, there are a few quotes, which are provided here. I said: Our common driving force is the success of Java […]
JC101-2C: A simple counter (for smart card developers)
UPDATED (05/05/07): Fixed some bugs in the code. UPDATED (22/12/11): Fixed more bugs in the code. The Hello World program is a first program, but it doesn’t do anything interesting. The next step is to have a program that actually does something simple. We will here manage a simple counter with the following operations: Get […]
A new kind of phone cards
NTT DoCoMo has just introduced a new phone, the P903i, which includes interesting new security features, as mentioned in a Wired News article. The security feature that interests us here is a card that people can keep in their handbag or backpack. Before any use, the phone etablishes a wireless connection of some kind to […]
There could be millions of Java Card applications
The Java Card platform is the most widely used application platform in the world, with around 2 billion cards deployed. However, it remains very different from the other platforms such as Windows or even MIDP. However, for interoperability reasons, most applications are heavily standardized (for instance in the banking and identity markets), which reduces even […]
Looking for Java Card sample applications
Google has introduced a tool to search code, which has already been exploited for a variety of good and bad things. This thing can be very useful small communities like the Java Card community, because it can allow us to find code based on our technology on the Web. The problem is to find the […]
Smart card security requirements are too high
As a security evaluator, I often hear vendors complaining that the security requirements are too high, and that they cost them a lot for nothing. These complaints are easy to dismiss on the grounds that they apply equally to all vendors, but there are other consequences, which are more difficult to dismiss: Issuers with higher […]
Java Card is 10 years old
According to offical history, Java Card turns 10 years old this month. In October 1996, Sun released the Java Card 1.0 specification. This was not a very big event, as only Schlumberger were actively working on it. And at Sun, not many people knew what smart cards were. The Java Card 1.0 specification was a […]
Defining a micro-server
The discussions in the Java Card Forum, and between Sun and its licensees are of course private and confidential, but there have been several presentations (including the presentation by Thierry Violleau at e-Smart [VR06]) about this topic. Everybody can therefore derive that the next release of Java Card will define a smart card as some […]
Status words in ISO7816
Status words are very important in the ISO7816 specification, since they are used to indicate specific conditions. The ISO7816-3 specification states the following: 60 is the NULL byte, used to get additional time. Status words starting by 6X (except 60) have a “meaning [that is] independent of the application”. Status words starting by 9X (except […]
e-Smart postface
e-Smart, day 3. e-Smart is over. I did not manage to attend a lot of sessions, but I found a few interesting things. I looked back at the things I commented on, and I found only three conclusions: I am obsessed by fault induction, but there is hope for a cure, at both the software […]