Smart Card Security How Can We Be So Sure?

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Smart Card Security How Can We Be So Sure?"

Transcription

1 Smart Card Security How Can We Be So Sure? Ernst Bovelander TNO Centre for Evaluation of Instrumentation and Security Techniques PO Box GA Delft, The Netherlands 1. Introduction TNO is the Netherlands Organisation for Applied Scientific Research. Its primary tasks are to support trade and industry, the authorities and other groups of the community in technological innovation and to assist clients and sponsors in solving problems. TNO is a fully independent R&D organisation with a staff of approximately 4,000 and an annual turnover of more than US$ 500 million. The main features of TNO are: multidisciplinary, practice and market-oriented, independent, possessing unique knowledge and facilities, internationally oriented. TNO's research takes place at 15 institutes spread throughout the Netherlands. Nearly all scientific fields are covered by these institutes. The Centre for Evaluation of Instrumentation and Security Techniques (EIB) is part of the TNO Institute of Applied Physics (TPD). The security section of the Evaluation Centre is specialised in the evaluation of security related systems and products. The evaluations are ranging from intruder and fire alarm systems, assessing the possibilities of counterfeiting credit-cards and documents, to the study of optical security features like holograms. The evaluation of electronic payment systems and their components forms the main part of our security activities. This includes assessment of the security aspects of PIN Pads, single chip security modules and smart cards. Our projects are carried out for both financial institutions and manufacturers of EFT (Electronic Funds Transfer) equipment from all over the world. B. Preneel, V. Rijmen (Eds.): COSIC'97 Course, LNCS 1528, pp , Springer-Verlag Berlin Heidelberg 1998

2 Smart Card Security 333 The security aspects of more than 75 different smart card based security systems have been investigated by the Evaluation Centre. These investigations comprise of physical security aspects (the 'silicon'), logical security aspects (card operating systems) and organisational measures (e.g. transport, initialisation). 2. Security Evaluations Security functions of any system, including smart cards, revolve around the three basic security principles: integrity, confidentiality and availability. 2.1 Card and System Authentication The first line of defence in (smart) card authentication are the security features on the card itself. The most commonly used techniques used are photographs, signatures, iris print (rainbow print), pearl lustre ink, tactile laser engraving, holograms, kinegrams etc. These measures depend on human inspection. Additional security is provided by measures which link the plastic to the chip. In general optically readable security features, such as holographic barcodes, unique optical patterns, are used for this purpose. An additional reader is often required to read the optical pattern. The authentication of both the chip and the system is normally based on a shared secret, the cryptographic key. The quality of the authentication relies on the secrecy of the cryptographic keys. The security measures of the systems will therefore in general be focused on the protection of these cryptographic keys. 2.2 System Security The total security of a system depends on the implementation of three aspects: physical security measures (hardware), logical security measures (software), organisational measures. An adequate level of security can only be accomplished if these three aspects are combined in such a way that all possible weak aspects are covered. In general, weak aspects in the design of security product will emerge at the interfaces of physical, logical and organisational measures. A 100% secure product cannot be made. There will always be a way to break the system. A system is considered to be 'secure' if the chances of breaking the system and the consequences of this unauthorised access, e.g. compromising the cryptographic keys or the biometric template, are acceptable for the end-user.

3 334 Ernst Bovelander A security scheme of a system, based on secrecy of the security principles, is in general not acceptable for end-users. The security of a cryptographic algorithm must be based only on the secrecy of the key(s) and not on the secrecy of the algorithm (Kerckhoffs principle). A generic secure application module, see figure 1, will comprise the following elements: a physical barrier, e.g. a metal box, fraud sensors, to detect an attempt to fraud the system, an alarm circuitry; this circuitry must process the information from the fraud sensors and act appropriately, memory to store sensitive data, e.g. cryptographic keys, biometric template, software to define the functionality of the system. sensor sensor alarm circuit input output micro processor software memory Fig. 1 Generic Secure Application Module A smart card is a miniature of the conventional security module, but with a major difference: in general, a conventional security module is always powered and the security functions will therefore always be active, the smart card is most of the time not powered and will therefore not have active fraud detection measures. Furthermore, the memory of the smart card, in which the secret information is stored, much be non-volatile. Normally, EEPROM is used for this purpose.

4 Smart Card Security 335 physical barrier i/o micro processor software memory Fig. 2 Generic smart card The Evaluation Centre has developed methods for the evaluation of security systems, including smart cards. The main goal of the investigations is to establish the level of security of the application. More practically, we find out how much effort it takes to reveal the secrets of the systems and what can be done with these secrets. Smart cards are an important part in modern security systems, where they often function as secure application modules. The security aspects of smart cards can be analysed internally and externally. 3. External Analysis In an external analysis we attempt to learn as much as possible of the functionality of a card by investigating the physical side effects of this functionality, such as noise, emission, power consumption, dataflow etc. These experiments are carried without opening the chip (black box approach). External analysis can be very threatening from an end-users point of view, as possible attacks revealed by this analysis can have a low realisation threshold. Examples of external attacks are the Kocher attack and the latest Bell-core attack. A lot of experience and creativity is essential to reveal secrets in the chip, if at all possible. The outcome of external analyses strongly depends on the application. In general, no direct information is gained from an external analysis, but what we learn may be used to develop new attack scenarios. 4. Internal Analysis The methods for an internal analysis require opening of the chip. For most smart cards this is not a problem. Several etching techniques, for opening the chip and preparing the chip surface have been developed by the Evaluation Centre. The most common techniques used for an internal analysis of smart cards are probing and SEM analysis.

5 336 Ernst Bovelander 4.1 Probing A sub-micron probe station, comprising a microscope and an optically stable platform with probe manipulators, is used for these investigations. The smallest probe needles have a tip radius of approximately 0.5 micron. Tracks on the chip surface with the same dimensions can be tapped. A maximum number of 10 probes can be placed on the chip, but this number is in practice strongly dependent on the chip design. Two methods of probing are generally used: active probing: inserting information, generally at the databus, e.g. to change the sequence of the program, passive probing: reading information, generally from the databus. 4.2 Scanning Electron Microscope Analysis A scanning electron microscope (SEM) can be used in various ways during the evaluation process. It is mostly used for surface analysis: e.g. for reverse engineering of chip structures. The SEM can also be used for visualisation of voltages on the chip surface (voltage contrast). With this technique, a thorough understanding of the functionality of the chip can be obtained. With a special technique (single beam voltage contrast), the SEM can be used for passive 'probing' on very small tracks (<0.25 micron). 4.3 Focused Ion Beam Systems New techniques for analysing integrated circuits are being developed constantly. One of these new developments is the Focused Ion Beam system (FIB). The FIB proves to be a very useful tool for the attack of integrated circuits. A FIB system has three main features: View mode It is possible to use the FIB system as a surface microscope like a Scanning Electron Microscope (SEM) Milling mode The FIB system can be used as a micro milling device. Depending on the use of special gases during etching, very small holes can be cut. Such holes can be made at very specific locations and with very great precision. This technique can be used to selectively remove material from the chip surface, such as the passivation layer.

6 Smart Card Security 337 Deposition mode When using specific gases together with the ion beam, metals can be deposited on the chip surface. Such metal objects can be used to create e.g. test bondpads for probe needles, or as new metal tracks. FIB systems are nowadays common in the semiconductor industry. The resolution of these systems is by far sufficient to modify all integrated circuits available on the market today and tomorrow. A major concern is the availability of these systems. All chip manufacturers use FIB systems for device modification during chip design and testing. Also, a large number of commercial service laboratories all over the world can be used for this kind of work. 5. Conclusions The security aspects in a design should not be viewed upon as an add-on feature. The security thinking must be fully incorporated in the design process and implemented in the production. Although 100% security can never be accomplished, it is possible to build very secure systems using smart cards. An adequate design and implementation of combined physical-, logical- and organisational security measures can result in a secure product. Most products that fail to fulfil their requirements have security flaws at the interface between physical, logical and organisational measures.

What is a Smart Card?

What is a Smart Card? An Introduction to Smart Cards and RFIDs Prof. Keith E. Mayes Keith.Mayes@rhul.ac.uk Director of the ISG - Smart Card Centre www.scc.rhul.ac.uk Learning Objectives (MSc MSc) Identify the various types

More information

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015 ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD Olivier THOMAS Blackhat USA 2015 About Texplained Texplained [Technology Explained] refers

More information

Smartcard IC Platform Protection Profile

Smartcard IC Platform Protection Profile Smartcard IC Platform Protection Profile Version 1.0 July 2001 developed by Atmel Smart Card ICs Hitachi Europe Ltd. Infineon Technologies AG Philips Semiconductors Registered and Certified by Bundesamt

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Joint Interpretation Library

Joint Interpretation Library for smart cards and similar devices Document purpose: provide requirements to developers and guidance to evaluators to fulfill the Security Architecture requirements of CC V3 ADV_ARC family. Version 2.0

More information

Measurement and Analysis Introduction of ISO7816 (Smart Card)

Measurement and Analysis Introduction of ISO7816 (Smart Card) Measurement and Analysis Introduction of ISO7816 (Smart Card) ISO 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, managed jointly by

More information

EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION

EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION COMMON CRITERIA PROTECTION PROFILE EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION Draft Version 1.0 TURKISH STANDARDS INSTITUTION TABLE OF CONTENTS Common Criteria Protection Profile...

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics Jan Krhovják Outline Introduction and basics of PIV Minimum

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

Advances in Smartcard Security

Advances in Smartcard Security Advances in Smartcard Security Marc Witteman Introduction Over the last decade smartcards have entered our global community. Although initially they were only used as simple phone cards they now support

More information

Enabling the secure use of RFID

Enabling the secure use of RFID Enabling the secure use of RFID BLACK ME/FOTOLIA.com Enhancing security of radio frequency identification to connect safely to the Internet of Things UHF radio frequency identification (RFID) promises

More information

W.A.R.N. Passive Biometric ID Card Solution

W.A.R.N. Passive Biometric ID Card Solution W.A.R.N. Passive Biometric ID Card Solution Updated November, 2007 Biometric technology has advanced so quickly in the last decade that questions and facts about its cost, use, and accuracy are often confused

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

Mass production, R&D Failure analysis. Fault site pin-pointing (EM, OBIRCH, FIB, etc. ) Bottleneck Physical science analysis (SEM, TEM, Auger, etc.

Mass production, R&D Failure analysis. Fault site pin-pointing (EM, OBIRCH, FIB, etc. ) Bottleneck Physical science analysis (SEM, TEM, Auger, etc. Failure Analysis System for Submicron Semiconductor Devices 68 Failure Analysis System for Submicron Semiconductor Devices Munetoshi Fukui Yasuhiro Mitsui, Ph. D. Yasuhiko Nara Fumiko Yano, Ph. D. Takashi

More information

DOCUMENT SECURITY ISSUES

DOCUMENT SECURITY ISSUES DOCUMENT SECURITY ISSUES Part of a Series of Datacard Group White Papers for the Secure Document Issuer DESIGNING AN ID DOCUMENT FOR ENHANCED SECURITY Overview Governments today are being driven to increase

More information

Low- Cost Chip Microprobing

Low- Cost Chip Microprobing Low- Cost Chip Microprobing Philipp Maier Karsten Nohl SRLabs Template v11 A few smart cards chips cover numerous security domains Security chip applica.ons Payment

More information

Security IC Platform Protection Profile

Security IC Platform Protection Profile Security IC Platform Protection Profile Version 1.0 15.06.2007 developed by Atmel Infineon Technologies AG NXP Semiconductors Renesas Technology Europe Ltd. STMicroelectronics Registered and Certified

More information

Common Criteria Protection Profile

Common Criteria Protection Profile Machine Readable Travel Document using Standard Inspection Procedure with PACE (PACE PP) Version 1.01, 22th July 2014 Foreword This Protection Profile Electronic Passport using Standard Inspection procedure

More information

Using Contactless Smart Cards for Secure Applications

Using Contactless Smart Cards for Secure Applications Using Contactless Smart Cards for Secure Applications Classification: Public (Info Level 1) Document No.: LA-11-005d-en Edition: 2010 www.legic.com LEGIC Identsystems Ltd Binzackerstrasse 41, CH-8620 Wetzikon,

More information

On Security Evaluation Testing

On Security Evaluation Testing On Security Evaluation Testing Kerstin Lemke-Rust Hochschule Bonn-Rhein-Sieg Workshop: Provable Security against Physical Attacks Lorentz Center, 19 Feb 2010 Kerstin Lemke-Rust (H BRS) On Security Evaluation

More information

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

More information

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution

More information

Preventing fraud in epassports and eids

Preventing fraud in epassports and eids Preventing fraud in epassports and eids Security protocols for today and tomorrow by Markus Mösenbacher, NXP Machine-readable passports have been a reality since the 1980s, but it wasn't until after 2001,

More information

Fingerprint Based Biometric Attendance System

Fingerprint Based Biometric Attendance System Fingerprint Based Biometric Attendance System Team Members Vaibhav Shukla Ali Kazmi Amit Waghmare Ravi Ranka Email Id awaghmare194@gmail.com kazmiali786@gmail.com Contact Numbers 8097031667 9167689265

More information

Description of the Technical Component:

Description of the Technical Component: Confirmation concerning Products for Qualified Electronic Signatures according to 15 Sec. 7 S. 1, 17 Sec. 4 German Electronic Signature Act 1 and 11 Sec. 2 and 15 German Electronic Signature Ordinance

More information

Supporting Document Guidance. Security Architecture requirements (ADV_ARC) for smart cards and similar devices. April 2012. Version 2.

Supporting Document Guidance. Security Architecture requirements (ADV_ARC) for smart cards and similar devices. April 2012. Version 2. Supporting Document Guidance Security Architecture requirements (ADV_ARC) for smart cards and similar devices April 2012 Version 2.0 CCDB-2012-04-003 Foreword This is a supporting document, intended to

More information

RFID. The next Opportunity for Gravure. World Headquarters in Bleienbach/Switzerland. RFID The next opportunity for Gravure. By: Walter Siegenthaler

RFID. The next Opportunity for Gravure. World Headquarters in Bleienbach/Switzerland. RFID The next opportunity for Gravure. By: Walter Siegenthaler RFID The next Opportunity for Gravure By: Walter Siegenthaler World Headquarters in Bleienbach/Switzerland 1 US Headquarters in Huntersville, NC Manufacturing Facilities and MDC Offices 2 MDC Product lines

More information

Hardware Security Modules for Protecting Embedded Systems

Hardware Security Modules for Protecting Embedded Systems Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &

More information

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked

More information

DualBeam Solutions for Electrical Nanoprobing

DualBeam Solutions for Electrical Nanoprobing DualBeam Solutions for Electrical Nanoprobing Richard J. Young, Technologist Peter D. Carleson, Product Marketing Engineer Electrical testing by physically probing device structures has grown more challenging

More information

PrivyLink Cryptographic Key Server *

PrivyLink Cryptographic Key Server * WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology

More information

Security & Chip Card ICs SLE 44R35S / Mifare

Security & Chip Card ICs SLE 44R35S / Mifare Security & Chip Card ICs SLE 44R35S / Mifare Intelligent 1 Kbyte EEPROM with Interface for Contactless Transmission, Security Logic and Anticollision according to the MIFARE -System Short Product Info

More information

22 nd NISS Conference

22 nd NISS Conference 22 nd NISS Conference Submission: Topic: Keywords: Author: Organization: Tutorial BIOMETRICS - DEVELOPING THE ARCHITECTURE, API, ENCRYPTION AND SECURITY. INSTALLING & INTEGRATING BIOMETRIC SYSTEMS INTO

More information

Module 3 : Fabrication Process and Layout Design Rules Lecture 12 : CMOS Fabrication Technologies

Module 3 : Fabrication Process and Layout Design Rules Lecture 12 : CMOS Fabrication Technologies Module 3 : Fabrication Process and Layout Design Rules Lecture 12 : CMOS Fabrication Technologies Objectives In this course you will learn the following Introduction Twin Well/Tub Technology Silicon on

More information

Chip Card & Security ICs Mifare NRG SLE 66R35

Chip Card & Security ICs Mifare NRG SLE 66R35 Chip Card & Security ICs Mifare NRG Intelligent 1 Kbyte Memory Chip with Interface for Contactless Transmission according to the Mifare -System Short Product Information April 2007 Short Product Information

More information

Miniaturizing Flexible Circuits for use in Medical Electronics. Nate Kreutter 3M

Miniaturizing Flexible Circuits for use in Medical Electronics. Nate Kreutter 3M Miniaturizing Flexible Circuits for use in Medical Electronics Nate Kreutter 3M Drivers for Medical Miniaturization Market Drivers for Increased use of Medical Electronics Aging Population Early Detection

More information

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion

Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion Securing Host Operations with a Dedicated Cryptographic IC - CryptoCompanion By Kerry Maletsky, Business Unit Director Crypto Products Summary There is a growing need for strong hardware security devices

More information

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart OV-Chipkaart Security Issues Tutorial for Non-Expert Readers The current debate concerning the OV-Chipkaart security was

More information

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement !!!! Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement" Here$is$a$simple,$cost$effective$way$to$achieve$transaction$security$for$ mobile$payments$that$allows$easy$and$secure$provisioning$of$cards.$

More information

UNCLASSIFIED Version 1.0 May 2012

UNCLASSIFIED Version 1.0 May 2012 Secure By Default: Platforms Computing platforms contain vulnerabilities that can be exploited for malicious purposes. Often exploitation does not require a high degree of expertise, as tools and advice

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

Scanning Probe Microscopy

Scanning Probe Microscopy Ernst Meyer Hans Josef Hug Roland Bennewitz Scanning Probe Microscopy The Lab on a Tip With 117 Figures Mß Springer Contents 1 Introduction to Scanning Probe Microscopy f f.1 Overview 2 f.2 Basic Concepts

More information

Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency

Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency Agency for Identification Documents, Registers and Data Exchange of Bosnia and Herzegovina Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency sinisa.macan@iddeea.gov.ba

More information

A universal forensic solution to read memory chips developed by the Netherlands Forensic Institute. The NFI Memory Toolkit II

A universal forensic solution to read memory chips developed by the Netherlands Forensic Institute. The NFI Memory Toolkit II A universal forensic solution to read memory chips developed by the Netherlands Forensic Institute The NFI Memory Toolkit II The NFI Memory Toolkit II The NFI Memory Toolkit II is a universal forensic

More information

MACHINE VISION FOR SMARTPHONES. Essential machine vision camera requirements to fulfill the needs of our society

MACHINE VISION FOR SMARTPHONES. Essential machine vision camera requirements to fulfill the needs of our society MACHINE VISION FOR SMARTPHONES Essential machine vision camera requirements to fulfill the needs of our society INTRODUCTION With changes in our society, there is an increased demand in stateof-the art

More information

A Review of Smartcard Security Issues

A Review of Smartcard Security Issues 보안공학연구논문지 (Journal of Security Engineering), 제 8권제 3호 2011년 6월 A Review of Smartcard Security Issues Hoon Ko 1) and Ronnie D. Caytiles 2) Abstract The term "Smartcard", is widely used for business transactions

More information

New security features for ID documents trends and expectations

New security features for ID documents trends and expectations New security features for ID documents trends and expectations Author: Dipl. Ing. Thomas Löer Senior Vice President Marketing & Support Bundesdruckerei GmbH Oranienstrasse 91D-10969 Berlin Secure identities

More information

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology Bharath K M, Rohit C V Student of B.E Electronics and Communication Coorg Institute of Technology,

More information

Secure Data Exchange Solution

Secure Data Exchange Solution Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates

More information

Notes on Network Security - Introduction

Notes on Network Security - Introduction Notes on Network Security - Introduction Security comes in all shapes and sizes, ranging from problems with software on a computer, to the integrity of messages and emails being sent on the Internet. Network

More information

Using Contactless Smart Cards for Secure Applications

Using Contactless Smart Cards for Secure Applications Best Practices Using Contactless Smart Cards for Secure Applications Classification: Public (Info Level 1) Document No.: LA-11-005e-en Edition: 04.2012 www.legic.com LEGIC Identsystems Ltd Binzackerstrasse

More information

Secure Hardware PV018 Masaryk University Faculty of Informatics

Secure Hardware PV018 Masaryk University Faculty of Informatics Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators

More information

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1

A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile

More information

FIRE ALARM SYSTEM TECHNICAL SPECIFICATIONS Page 1 of 10

FIRE ALARM SYSTEM TECHNICAL SPECIFICATIONS Page 1 of 10 TECHNICAL SPECIFICATIONS Page 1 of 10 FIRE DETECTION AND ALARM SYSTEM Scope Furnish a complete 24V DC conventional, electrically supervised, zone annunciated, fire detection and alarm system as specified

More information

A Survey on Untransferable Anonymous Credentials

A Survey on Untransferable Anonymous Credentials A Survey on Untransferable Anonymous Credentials extended abstract Sebastian Pape Databases and Interactive Systems Research Group, University of Kassel Abstract. There are at least two principal approaches

More information

ZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs

ZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs ZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs Zebra offers a range of high-security card solutions to meet customer needs for reliable,

More information

PLC Based Liquid Filling and Mixing

PLC Based Liquid Filling and Mixing PLC Based Liquid Filling and Mixing 1 Mihir Panchal, 2 Aashish Panaskar. 3 Prof. Lalit Kumar KJ College of Engineering and Management Research, Pune, India Abstract: The objective of this paper is to design,

More information

Hardware Trojans Detection Methods Julien FRANCQ

Hardware Trojans Detection Methods Julien FRANCQ DEFENDING WORLD SECURITY Hardware Trojans Detection Methods Julien FRANCQ 2013, December the 12th Outline c 2013 CASSIDIAN CYBERSECURITY - All rights reserved TRUDEVICE 2013, December the 12th Page 2 /

More information

Electrolytic Deposition of Fine Pitch Sn/Cu Solder Bumps for Flip Chip Packaging

Electrolytic Deposition of Fine Pitch Sn/Cu Solder Bumps for Flip Chip Packaging Electrolytic Deposition of Fine Pitch Sn/Cu Solder Bumps for Flip Chip Packaging Stephen Kenny, Kai Matejat, Sven Lamprecht and Olivier Mann Atotech Germany Erasmusstrasse 20, 10553 Berlin Germany +49

More information

FSI Machine Vision Training Programs

FSI Machine Vision Training Programs FSI Machine Vision Training Programs Table of Contents Introduction to Machine Vision (Course # MVC-101) Machine Vision and NeuroCheck overview (Seminar # MVC-102) Machine Vision, EyeVision and EyeSpector

More information

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Journal of Computer Science 6 (7): 723-727, 2010 ISSN 1549-3636 2010 Science Publications E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Najlaa A. Abuadhmah,

More information

Full page passport/document reader Regula model 70X4M

Full page passport/document reader Regula model 70X4M Full page passport/document reader Regula model 70X4M Full page passport reader with no moving parts inside. Automatic reading and authenticity verification of passports, IDs, visas, driver s licenses

More information

An Example of Mobile Forensics

An Example of Mobile Forensics An Example of Mobile Forensics Kelvin Hilton K319 kchilton@staffsacuk k.c.hilton@staffs.ac.uk www.soc.staffs.ac.uk/kch1 Objectives The sources of evidence The subscriber The mobile station The network

More information

VISUAL INSPECTION SYSTEMS

VISUAL INSPECTION SYSTEMS CAMEA Visual Systems are based on the state-of-the-art and field-proven platform for creation of the industry inspection and traffic monitoring applications. All the key technologies used to create most

More information

Scanning Surface Inspection System with Defect-review SEM and Analysis System Solutions

Scanning Surface Inspection System with Defect-review SEM and Analysis System Solutions Scanning Surface Inspection System with -review SEM and Analysis System Solutions 78 Scanning Surface Inspection System with -review SEM and Analysis System Solutions Hideo Ota Masayuki Hachiya Yoji Ichiyasu

More information

Winbond W2E512/W27E257 EEPROM

Winbond W2E512/W27E257 EEPROM Construction Analysis Winbond W2E512/W27E257 EEPROM Report Number: SCA 9703-533 Global Semiconductor Industry the Serving Since 1964 15022 N. 75th Street Scottsdale, AZ 85260-2476 Phone: 602-998-9780 Fax:

More information

SecureStore I.CA. User manual. Version 2.16 and higher

SecureStore I.CA. User manual. Version 2.16 and higher User manual Version 2.16 and higher Contents SecureStore I.CA 1. INTRODUCTION...3 2. ACCESS DATA FOR THE CARD...3 2.1 Card initialisation...3 3. MAIN SCREEN...4 4. DISPLAYING INFORMATION ABOUT THE PAIR

More information

On a New Way to Read Data from Memory

On a New Way to Read Data from Memory On a New Way to Read Data from Memory David Samyde 1, Sergei Skorobogatov 2, Ross Anderson 2 and Jean-Jacques Quisquater 1 1: Université catholique de Louvain, UCL Crypto Group Place du Levant, 3, B-1348

More information

Development of a wireless home anti theft asset management system. Project Proposal. P.D. Ehlers 21017914. Study leader: Mr. D.V.

Development of a wireless home anti theft asset management system. Project Proposal. P.D. Ehlers 21017914. Study leader: Mr. D.V. EVALUATION PAGE Format/10 Afrikaans group Revision no: 0 Content/10 Computer Engineering Must revise: Yes No Final mark/20 Must proofread: Yes No Development of a wireless home anti theft asset management

More information

Smart Cards and Biometrics in Physical Access Control Systems

Smart Cards and Biometrics in Physical Access Control Systems Smart Cards and Biometrics in Physical Access Control Systems Robert J. Merkert, Sr. Vice President of Sales Americas Biometric Consortium 2005 Conference September 21, 2005 All Company and/or product

More information

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs 1 GOVERNMENTS ADOPTING DIGITAL STRATEGIES Governments designing/operating digital ecosystems to create, transform and optimize

More information

ENHANCING ATM SECURITY USING FINGERPRINT AND GSM TECHNOLOGY

ENHANCING ATM SECURITY USING FINGERPRINT AND GSM TECHNOLOGY Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 4, April 2014,

More information

Smart Cards for Payment Systems

Smart Cards for Payment Systems White Paper Smart Cards for Payment Systems An Introductory Paper describing how Thales e-security can help banks migrate to Smart Card Technology Background In this paper: Background 1 The Solution 2

More information

Smart Card: The Computer in Your Wallet

Smart Card: The Computer in Your Wallet Smart Card: The Computer in Your Wallet MIPS Technologies, Inc. June 2002 Smart cards, credit-card-size pieces of plastic incorporating a silicon chip, comprise the highest volume computing platform. Roughly

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

Vulnerability assessment tools

Vulnerability assessment tools 5 Vulnerability assessment tools 5.1 Introduction The vulnerabilities and exploitable flaws in the software or hardware of a computer system give individuals, who are aware of these flaws, the opportunity

More information

1.Introduction. Introduction. Most of slides come from Semiconductor Manufacturing Technology by Michael Quirk and Julian Serda.

1.Introduction. Introduction. Most of slides come from Semiconductor Manufacturing Technology by Michael Quirk and Julian Serda. .Introduction If the automobile had followed the same development cycle as the computer, a Rolls- Royce would today cost $00, get one million miles to the gallon and explode once a year Most of slides

More information

NXP Secure Smart Card Controllers P5CC008, P5CC012 V1A/ V1A(s)

NXP Secure Smart Card Controllers P5CC008, P5CC012 V1A/ V1A(s) NXP Secure Smart Card Controllers Document information Info Content Keywords CC, Security Evaluation,, Functional Requirements, Security Functionality, Assurance Level, P5CC008, P5CC012 V1A/ V1A(s) Abstract

More information

Mitigating Fraud Risk Through Card Data Verification

Mitigating Fraud Risk Through Card Data Verification Risk Management Best Practices 11 September 2014 Mitigating Fraud Risk Through Card Data Verification AP, Canada, CEMEA, LAC, U.S. Issuers, Processors With a number of cardholder payment options (e.g.,

More information

Desktop Publishing 5N0785 Learning Outcome 2 Monaghan Institute Level 5 Module

Desktop Publishing 5N0785 Learning Outcome 2 Monaghan Institute Level 5 Module Desktop Publishing 5N0785 Learning Outcome 2 Monaghan Institute Level 5 Module Contents Learners will be able to describe the characteristics of key components of DTP systems including those used for input,

More information

Biometrics for Public Sector Applications

Biometrics for Public Sector Applications Technical Guideline TR-03121-2 Biometrics for Public Sector Applications Part 2: Software Architecture and Application Profiles Version 2.3 Bundesamt für Sicherheit in der Informationstechnik Postfach

More information

Information System Security

Information System Security Information System Security Chapter 1:Introduction Dr. Lo ai Tawalbeh Faculty of Information system and Technology, The Arab Academy for Banking and Financial Sciences. Jordan Chapter 1 Introduction The

More information

THREAT MODELLING FOR SECURITY TOKENS IN WEB APPLICATIONS

THREAT MODELLING FOR SECURITY TOKENS IN WEB APPLICATIONS THREAT MODELLING FOR SECURITY TOKENS IN WEB APPLICATIONS Danny De Cock, Karel Wouters, Dries Schellekens, Dave Singelee and Bart Preneel COSIC Research Group, Dept. Electrical Engineering-ESAT, Katholieke

More information

Development of Low Cost Private Office Access Control System(OACS)

Development of Low Cost Private Office Access Control System(OACS) Development of Low Cost Private Office Access Control System(OACS) Sadeque Reza Khan Prime University, Department of Electrical and Electronic Engineering, Dhaka-1216, Bangladesh sadeque_008@yahoo.com

More information

ATM FRAUD AND COUNTER MEASURES

ATM FRAUD AND COUNTER MEASURES ATM FRAUD AND COUNTER MEASURES GENESIS OF ATMs An automated teller machine was first introduced in 1960 by City Bank of New York on a trial basis. The concept of this machine was for customers to pay utility

More information

Chapter 1: Introduction

Chapter 1: Introduction Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure

More information

Automotive Applications of 3D Laser Scanning Introduction

Automotive Applications of 3D Laser Scanning Introduction Automotive Applications of 3D Laser Scanning Kyle Johnston, Ph.D., Metron Systems, Inc. 34935 SE Douglas Street, Suite 110, Snoqualmie, WA 98065 425-396-5577, www.metronsys.com 2002 Metron Systems, Inc

More information

Electronic Signature Systems

Electronic Signature Systems Electronic Signature Systems A Guide for IT Personnel Copyright Topaz Systems Inc. All rights reserved. For Topaz Systems, Inc. trademarks and patents, visit www.topazsystems.com/legal. Table of Contents

More information

Local Heating Attacks on Flash Memory Devices. Dr Sergei Skorobogatov

Local Heating Attacks on Flash Memory Devices. Dr Sergei Skorobogatov Local Heating Attacks on Flash Memory Devices Dr Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Semi-invasive attacks were introduced in 2002 ( Optical fault induction

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Third Edition by William Stallings Lecture slides by Shinu Mathew John http://shinu.info/ Chapter 1 Introduction http://shinu.info/ 2 Background Information Security requirements

More information

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security Information Security Group (ISG) From Smart Cards to NFC Smart Phone Security Information Security Group Activities Prof. Keith and Mayes Research From the Information Security Group ACE-CSR at Royal Holloway

More information

Annual review FLORENCE 2013. WP4 Network: prototypes

Annual review FLORENCE 2013. WP4 Network: prototypes Annual review FLORENCE 2013 WP4 Network: prototypes WP4 prototypes Task 4.1 Smart SPD driven transmission P1: SPD-driven Smart Transmission Layer Task 4.2 Distributed self-x models P2: Recognizing and

More information

SPICES BOARD (Ministry of Commerce & Industry, Govt. of India) Palarivattom.P.O. N H By Pass Kochi 682025

SPICES BOARD (Ministry of Commerce & Industry, Govt. of India) Palarivattom.P.O. N H By Pass Kochi 682025 SPICES BOARD (Ministry of Commerce & Industry, Govt. of India) Palarivattom.P.O. N H By Pass Kochi 682025 Phone: 0484-2333603 Email: spicesboardedp@gmail.com Requirement of biometric time attendance system

More information

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶 Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course

More information

DIRECTIONAL FIBER OPTIC POWER MONITORS (TAPS/PHOTODIODES)

DIRECTIONAL FIBER OPTIC POWER MONITORS (TAPS/PHOTODIODES) Features: DIRECTIONAL FIBER OPTIC POWER MONITORS (TAPS/PHOTODIODES) PATENT NUMBERS: CANADA 2,494,133, USA 7095931, 7295731 AND CHINA 1672073 Telcordia GR-468 qualified Available in versions for any wavelength

More information

Using EMV Cards to Protect E-commerce Transactions

Using EMV Cards to Protect E-commerce Transactions Using EMV Cards to Protect E-commerce Transactions Vorapranee Khu-Smith and Chris J. Mitchell Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, United Kingdom {V.Khu-Smith,

More information

integrated fire and security solutions Maximum protection for buildings

integrated fire and security solutions Maximum protection for buildings integrated fire and security solutions Maximum protection for buildings integrated fire and security solutions Johnson Controls: expert qualified in building protection Johnson Controls is the recognised

More information

Leti Introduction and Overview

Leti Introduction and Overview Leti Introduction and Overview Leti Day in Tokyo, October 3rd 2012 Laurent Malier 2012 Leti 2012 1 CEA The CEA at a glance Commissariat à l Énergie Atomique et aux Énergies Alternatives is one of the largest

More information