[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Smart Card architecture
-----BEGIN PGP SIGNED MESSAGE-----
I've been searching around the 'net looking for online references to
the actual protocols and methods used in smart card user authentication,
but have found very little. I understand from reading Schneier that
there are several established protocols to demonstrate knowledge of
some secret without leaking any information about this secret. Is this
how these (smart card) systems work?
The Nov. '94 issue of 'Communications of the ACM' has an article about
using smart cards to store secure OS kernel and user configuration
information (I imagine both Unix _and_ Windows :), which is fascinating to
read, but doesn't delve into these technical details.
It seems that the there are a myriad of rather innovative applications for
these things.
What is the state of this technology today? I understand there are working
systems for use with credit transactions and telephone billing. Who are the
major players in the marketplace, what types of standards have evolved to
describe the interfaces they use, and what kind of Cypherpunk interest is
there in these products? What kind of realistic attacks exist that would
compromise the security offered by smart cards?
Guess I'm just interested in some good pointers to information (online or
written) that could give me a grasp on the technical details.
Thanks,
Johnathan Corgan
==
Johnathan Corgan "Violence is the last refuge of the incompetent."
[email protected] -Isaac Asimov
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBLyyGmk1Diok8GKihAQE6MQP/dPRmR4X8p459WvgwTiiL+zO/oq1zyE2E
KxD/1JEQ4e6MC7tGNiPktvXqFXtv5JgXxbPhWkUZTQjkEyMulDCv2h0hUGySdiHx
Zq4lvCtCRRdb6r5O+tQJQpCbCW3NRsx3A6yJPK2YvH1lYRciDlMdWDQyGAGefuUN
xO6jMEGnGEw=
=9RjV
-----END PGP SIGNATURE-----