Advertisement

Abstract

Smart cards are portable tamper-resistant cryptographic devices that play a key role in digital security. This paper reviews the latest use of smart cards in securing network, online services, operating systems, and card-holder identity. Smart card network authentication is routinely used on GSM and 3G networks, and this paper shows how the same infrastructure can be extended to perform WiFi access point authentication. Securing online services with smart card is traditionally performed using public key cryptography and certificates, or using one-time-passwords. This paper presents new smart card authentication methods that either allow to reuse already issued cards or infrastructure, or provide stronger card-to-server mutual authentication. Finally, the paper will show how smart cards and trusted platform module have complementary roles for recuring the operating systems, and the use of smart cards in identity frameworks such as liberty alliance or Microsoft cardspace.

Keywords

smart card authentication security trusted computing liberty alliance 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Binational Working Group on Cross-Border Mass Marketing Fraud, Report on Phishing, October 2006 (2006), http://www.usdoj.gov/opa/report_on_phishing.pdf
  2. 2.
    Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible Authentication Protocol (EAP), RFC 3748, IETF (June 2004)Google Scholar
  3. 3.
    Aboba, B.: PPP EAP TLS Authentication Protocol, RFC 2716, IETF (October 1999)Google Scholar
  4. 4.
  5. 5.
    Haverinen, H., Salowey, J.: Extensible Authentication Protocol Method for GSM Subscriber Identity Modules, (EAP-SIM), RFC 4186, IETF (January 2006)Google Scholar
  6. 6.
    Arkko, J., Haverinen, H.: Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA), RFC 4187, IETF (January 2006)Google Scholar
  7. 7.
    ETSI, Smart Cards: Extensible Authentication Protocol support in the UICC, V6.2.0 (September 2005)Google Scholar
  8. 8.
    WLAN Consortium, EAP-SIM Handler Specification Version 1.1 (August 1, 2004) Microsoft Cryptography API: Next Generation (2004), http://msdn2.microsoft.com/enus/library/aa376210.aspx
  9. 9.
    RSA Laboratories, PKCS#11 v2.20: Cryptographic Token Interface Standard (June 28, 2004)Google Scholar
  10. 10.
    M’Raih, D., Bellare, M., Hoornaert, F., Naccache, D., Ranen, O.: HOTP: An HMAC-Based One-Time Password Algorithm, RFC 4226, IETF (December 2005)Google Scholar
  11. 11.
  12. 12.
    Visa, Dynamic Pass Code Authentication (2006): http://www.visaeurope.com/aboutvisa/products/dynamicpasscode.jsp
  13. 13.
    Van Thanh, D., Nachef, A., Aussel, J.-D., Jørstad, I., Perlman, R., Vigilante, J., Van Thuan, D., Jønvik, T., Ar Foll, F.: Offering SIM Strong Authentication to Internet Services, SIMstrong White Paper, 3GSM World Congress, Barcelona, February 13–16, 2006 (2006) available on http://www.simstrong.org
  14. 14.
    EMV Co, EMV 4.1 Specifications (June 2004), http://www.emvco.com/specifications.asp
  15. 15.
    Liberty Alliance Specifications, http://www.projectliberty.org/specifications_1
  16. 16.
    OASIS, SAML v2.0 specifications (March 2005), http://www.oasis-open.org/specs/index.php#samlv2.0
  17. 17.
    ETSI, Specification of the SIM Application Toolkit for the SIM — Mobile Equipment Interface, GSM 11.14v. 5.9.0 (1996)Google Scholar
  18. 18.
    Van Thanh, D., Aussel, J.-D., Jørstad, I., Van Thuan, D., Jønvik, T., Andresen, L.: Unified SIM Strong Authentication for Cardspace and Liberty Alliance, 3GSM World Congress, Barcelona, February 12–15, 2007 (2007) available on http://www.simstrong.org
  19. 19.
    Microsoft, Smart Card Minidriver Specification for Windows Base Cryptographic Service Provider (Base CSP) and Smart Card Key Storage Provider (KSP), Version 5.06a (January 18, 2007)Google Scholar
  20. 20.
    George, P.: User Authentication with Smart Cards in Trusted Computing Architecture. In: SAM 2004, CSREA Press (2004)Google Scholar
  21. 21.
    George, P., Maunier, G.: Combining User and Platform Trust Properties to Enhance VPN Client Authentication. In: International Conference on Security and Management (SAM’05), Las Vegas, Nevada, USA, (June 20–23, 2005)Google Scholar
  22. 22.
  23. 23.
    Donmat, F., Drabczuk, N., Drews, S., Fruhauf, S., Leydier, R., Schneckenburger, C., Weiss, D.: USB Implementers Forum, ICCD Specification for USB Integrated Circuit(s) Card Devices, Revision 1.0 (April 22, 2005)Google Scholar
  24. 24.
    USB Implementers Forum: USB Serial Bus Communication Class, Subclass Specification for Ethernet Emulation Model Devices, Rev. 1.0 (February 2, 2005)Google Scholar
  25. 25.
    Ali, A.M., Lu, H.K.: Securing the Internet through Plug-n-Play Smart Cards. In: Proceedings of the 2007 International Conference on Internet Computing, ICOMP’07, Las Vegas (June 25–28, 2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Jean-Daniel Aussel
    • 1
  1. 1.Gemalto, Technology and InnovationMeudon cedexFrance

Personalised recommendations