e-Smart, day3. The program indicated a few talks that attempted to find a reason for the big SIM cards. I selected the one from Lorenzo Stranges, because I often like Oberthur’s marketing pitches. He started with a few statements: There are many actors who want to get into the mobile value added services market. The […]
An efficient sensitive section API
e-Smart, day 3. Benoît Gonzalvo is from Gemalto’s security group, and he also participates to the Java Card Forum’s security work. The issue is to protect against attacks (side-channel observation or fault induction) [Gon06]. The two current approaches are: Protecting the whole VM, which is secure but potentially very slow. Protecting the application code, which […]
e-Smart plenary session
e-Smart, day 2. This panel discussion was very promising, especially because of its host, Bertrand Ducastel, who recently left the smart card industry to return to Schlumberger’s petroleum services. The panelists were: DBo: Dominique Bolignano, CEO, Trusted Logic JF: Jerry Fishenden, Nat’l Technology Officer, Microsoft UK CG: Christian Goire, Gemalto, and President, Java Card Forum […]
Java Card mobile grid
e-Smart, day 2. Serge Chaumette, Damien Sauveron, and the rest of the team directed by Serge at LaBRI, is the developer of the Java Card Grid, They have put together a bunch of smart cards readers with cards in them, and then used that as a server for security-sensitive operations. The basic idea was very […]
Smart cards and Wi-Fi
e-Smart, day 2. Pascal Urien has been working on EAP for a few years, and has now reached interesting results [Uri06]. He has had a lot courage, because he started his wrk with some of the crypto algorithms programmed in Java (RC4, for instance). And even with this very strong handicap, he managed to get […]
Java Card in transport applications
e-Smart, day 2. François Guillaume, from RATP, presented the status of RAPT’s use of Java Card for Navigo [Gui06]. Navigo is RATP’s transport smart card program. RATP has issued millions of these contactless cards. Today, Navigo is mostly used for contracts, i.e., monthly transport cards, but their objective is to use is also for individual […]
Designing chips against fault induction
e-Smart, day 1. The title of the talk by ST’s Christophe Tremlet was very appealing [Tre06]; the talk was interesting, but a bit under my expectations (the problem is not completely solved). Nevertheless, Christophe gave a very nice and interesting presentation of fault induction attacks, showing the different parameters that can be acted upon at […]
Web applications for smart devices
e-Smart, day 1. I arrived late, just in tiome for the talk by Gemalto’s Patrick George about Web applications for smart devices (he was replacing Jean-Jacques Vandewalle) [Van06]. Patrick gave an account of many previous attempts to link the Web and smart card, which we all know did not work so far: as of today, […]
e-passport security
There have been several posts on Bruce Schneier’s blog about e-passports, including a recent one. Bruce’s views are interesting, and he raises interesting issues about RFID on passports. On the other hand, the comments posted on this post and related ones, show that there are lots of misunderstandings about the technology. Of course, this is […]
JC101-1c: Hello World (for smart card developers)
UPDATED (04/05/07): Fixed some bugs, added reference to source code and CAP file Java Card is intended for smart cards. The Java language has been adapted to smart cards, keeping only the most important things for smart card applications. Since the char type and the String class have not been deemed useful for smart cards, […]