Smart Cards Our Inevitable Future Mark Shippy. What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Public Key Infrastructure and Applications

Smart Card The Future Is Here… By Salman Awan. Introduction Smart cards represent a new technology that has tremendous potential for enhancing the security.

Smart Card Syed Jabbar Computer Science Course:

Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.

Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.

Lecture 6 User Authentication (cont)

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

 Alexandra Constantin  James Cook  Anindya De Computer Science, UC Berkeley.

Commercial Data Processing Lesson 2: The Data Processing Cycle.

Projects on digital identification at MTA SZTAKI Ottó Hutter MTA SZTAKI.

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka

Principles of Information Security, 2nd edition1 Cryptography.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Submitted by: Rahul Rastogi, CS Department.  Introduction  What is a smart card?  Better than magnetic stripe card.  Technology What’s in a card?

FIT3105 Smart card based authentication and identity management Lecture 4.

Mar 11, 2003Mårten Trolin1 Previous lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Credit Card Fraud, Jan Prochazka, Credit Card Fraud on the Web Jan Prochazka.

ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS eCommerce Technology Lecture 9 Micropayments I.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Certificate and Key Storage Tokens and Software

Microcrypt Technologies SPACER Secure Physical Access Control Enhanced Reader for contactless cryptographic smart cards.

AS Level ICT Selection and use of input devices and input media: Capturing transaction data.

-Anusha Uppaluri.  ECC- A set of algorithms for key generation, encryption and decryption (public key encryption technique)  ECC was introduced by Victor.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

Hsu-Chen Cheng, *Wen-Wei Liao, Tian-Yow Chi, Siao-Yun Wei

1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.

Smart Card Application. Smart-card is a plastic card, the size of a standard credit card, with one or several integrated circuits (chips) capable to store.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

How can the SMART card help in new channels?

CS 627 Elliptic Curves and Cryptography Paper by: Aleksandar Jurisic, Alfred J. Menezes Published: January 1998 Presented by: Sagar Chivate.

Security.  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Smart Card Technology & Features

Elliptical Curve Cryptography Manish Kumar Roll No - 43 CS-A, S-7 SOE, CUSAT.

28 th International Traffic Records Forum Biometrics/SmartCard Workshop 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida.

What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav

By Brian Sutherland and Chou Peter Hoang

Smart Cards by Mahadev Karadigudda. * Introduction * How smart cards assist in enhancing security * Security vulnerabilities * Conclusion.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

DIGITAL SIGNATURE.

INTRODUCTION TO COMPUTERS

What you need to know about PCI-DSS Jane Drews Chief Information Security Officer Information Security & Policy Office

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

CISC 849 : Applications in Fintech Cybersecurity in Banking.

SMART CARDS Presented By Jishnu Sasikumar Reg No : 09 PG 142.

Biometrics and Security Colin Soutar, CTO Bioscrypt Inc. 10th CACR Information Security Workshop May 8th, 2002.

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim

Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.

Electronic Banking & Security Electronic Banking & Security.

Online Decision Process

A l a d d I n. c o m Strong Authentication and Beyond Budai László, IT Biztonságtechnikai tanácsadó.

Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.

A smart card is a credit card sized plastic card embedded with an integrated circuit chip that makes it "smart". This made between a convenient plastic.

Transaction Flow end-end

AGENDA Introduction Kind of information smart card contain

Hardware Cryptographic Coprocessor

Install AD Certificate Services

Presentation transcript:

Smart Cards Our Inevitable Future Mark Shippy

What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card with an embedded chip. May come in 2 types: May come in 2 types: Memory Memory Micro-processor Micro-processor Contact and Contact-less type cards. Contact and Contact-less type cards. Used as a replacement for magnetic stripe cards. Used as a replacement for magnetic stripe cards.

Why use smart cards? Can store currently up to 7000 times more data than a magnetic stripe card. Can store currently up to 7000 times more data than a magnetic stripe card. Information that is stored on the card can be updated. Information that is stored on the card can be updated. Magnetic stripe cards are vulnerable to many types of fraud. Magnetic stripe cards are vulnerable to many types of fraud. Lost/Stolen Cards Lost/Stolen Cards Skimming Skimming Carding/ Phishing Carding/ Phishing Greatly enhances security by communicating with card readers using PKI algorithms. Greatly enhances security by communicating with card readers using PKI algorithms. A single card can be used for multiple applications (cash, identification, building access, etc.) A single card can be used for multiple applications (cash, identification, building access, etc.) Smart cards provide a 3-fold approach to authentic identification: Smart cards provide a 3-fold approach to authentic identification: Pin Pin Smartcard Smartcard Biometrics Biometrics

Security of Smart Cards Public Key Infrastructure (PKI) algorithms such as DES, 3DES, RSA and ECC. Public Key Infrastructure (PKI) algorithms such as DES, 3DES, RSA and ECC. Key pair generation. Key pair generation. Variable timing/clock fluctuation. Variable timing/clock fluctuation. 0.6 micron components. 0.6 micron components. Data stored on the card is encrypted. Data stored on the card is encrypted. Pin Blocking. Pin Blocking.

Elliptical Curve Cryptography y²=x³+ax+b y²=x³+ax+b Q(x,y) =kP(x,y) Q(x,y) =kP(x,y) Uses point multiplication to compute and ECDLP to crack. Uses point multiplication to compute and ECDLP to crack. Beneficial for portable devices. Beneficial for portable devices. Cryptographic coprocessors can be added to speed up encryption and decryption. Cryptographic coprocessors can be added to speed up encryption and decryption.

CAIN Confidentiality is obtained by the encryption of the information on the card. Confidentiality is obtained by the encryption of the information on the card. Authenticity is gained by using the PKI algorithm and the two/three factor authentication. Authenticity is gained by using the PKI algorithm and the two/three factor authentication. Integrity is maintained through error-checking and enhanced firmware. Integrity is maintained through error-checking and enhanced firmware. Repudiation is lower because each transaction is authenticated and recorded. Repudiation is lower because each transaction is authenticated and recorded.

Common and Future Uses of Smart Cards Current uses: Current uses: Chicago Transit Card Chicago Transit Card Speed Pass Speed Pass Amex Blue Card Amex Blue Card Phone Cards Phone Cards University ID cards University ID cards Health-care cards Health-care cards Access to high level government facilities. Access to high level government facilities. Future uses: Future uses: Federally Passed Real-ID act of Federally Passed Real-ID act of ePassports ePassports