Title :
Achieving security in Integrated Circuit Card applications: reality or desire?
Author :
Sanchez-Reillo, Raul
Author_Institution :
Dpt. Ingenieria Electrica, Electronica y Automatica, Univ. Carlos III de Madrid, Spain
Abstract :
It has been always claimed that smart cards provide a really high level of security, considering them as tamper-proof devices, with the possibility to auto-block some or all of the services they provide. Unfortunately, nowadays some hackers appear to have demonstrated the lack of security involved in some applications where Integrated Circuit Cards (ICC) have been used. This has led to expansion of the opinion that smart cards are not secure enough, and their security is only in the minds of the commercial companies involved with the technology. The author explains the reasons why all this hacking has succeeded. For example, sometimes memory cards have been used instead of smart cards, or very old smart cards have been issued and not renewed, or just the development team involved has not used basic security techniques such as diversified keys. The author also gives clues to achieving a high level of security depending on the final application, and the environment where it is going to be used
Keywords :
authorisation; computer crime; memory cards; message authentication; smart cards; ICC; Integrated Circuit Card application security; auto-block; development team; diversified keys; hackers; memory cards; smart card security; tamper-proof device; Application specific integrated circuits; Computer crime; Computer hacking; Integrated circuit technology; Operating systems; Plastics; Radiofrequency identification; Security; Smart cards; Telephony;
Conference_Titel :
Security Technology, 2001 IEEE 35th International Carnahan Conference on
Conference_Location :
London
Print_ISBN :
0-7803-6636-0
DOI :
10.1109/.2001.962833
