Achieving security in integrated circuit card applications realityor desire? |
| |
Authors: | Sanchez-Reillo R |
| |
Institution: | Univ. Carlos III, Madrid; |
| |
Abstract: | It has always been claimed that smart cards provide a really high level of security, considering them as a tamper-proof device, with the possibility to auto-block some or all of the services it provides. Unfortunately, nowadays some hackers appear to have demonstrated the lack of security involved in some applications where Integrated Circuit Cards (ICC) have been used. This has led to the opinion that smart cards are not secure enough, and their security is only in the minds of the commercial companies involved with the technology. In this paper, the author explains the reasons why this hacking has succeeded. For example, sometimes memory cards have been used instead of smart cards, or very old smart cards have been issued and not renewed, or the development team involved has not used basic security techniques, such as diversified keys. The author also gives clues to achieve a high level of security depending on the final application, and the environment in which it is going to be used |
| |
Keywords: | |
|
|