1995-01-30 - Smart Card architecture

Header Data

From: Johnathan Corgan <jcorgan@aeinet.com>
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Message Hash: db3e44a7d017a884323a2bae082b5921a554d859ac4bdf226f834af9882cad6e
Message ID: <Chameleon.4.01.950129222758.jcorgan@comet.aeinet.com>
Reply To: N/A
UTC Datetime: 1995-01-30 06:28:09 UTC
Raw Date: Sun, 29 Jan 95 22:28:09 PST

Raw message

From: Johnathan Corgan <jcorgan@aeinet.com>
Date: Sun, 29 Jan 95 22:28:09 PST
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Smart Card architecture
Message-ID: <Chameleon.4.01.950129222758.jcorgan@comet.aeinet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've been searching around the 'net looking for online references to
the actual protocols and methods used in smart card user authentication,
but have found very little.  I understand from reading Schneier that
there are several established protocols to demonstrate knowledge of
some secret without leaking any information about this secret.  Is this
how these (smart card) systems work?

The Nov. '94 issue of 'Communications of the ACM' has an article about
using smart cards to store secure OS kernel and user configuration
information (I imagine both Unix _and_ Windows :), which is fascinating to 
read, but doesn't delve into these technical details.

It seems that the there are a myriad of rather innovative applications for 
these things.

What is the state of this technology today?  I understand there are working 
systems for use with credit transactions and telephone billing.  Who are the 
major players in the marketplace, what types of standards have evolved to 
describe the interfaces they use, and what kind of Cypherpunk interest is
there in these products?  What kind of realistic attacks exist that would
compromise the security offered by smart cards?

Guess I'm just interested in some good pointers to information (online or 
written) that could give me a grasp on the technical details.

Thanks,

Johnathan Corgan

==
Johnathan Corgan       "Violence is the last refuge of the incompetent."
jcorgan@aeinet.com                    -Isaac Asimov


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBLyyGmk1Diok8GKihAQE6MQP/dPRmR4X8p459WvgwTiiL+zO/oq1zyE2E
KxD/1JEQ4e6MC7tGNiPktvXqFXtv5JgXxbPhWkUZTQjkEyMulDCv2h0hUGySdiHx
Zq4lvCtCRRdb6r5O+tQJQpCbCW3NRsx3A6yJPK2YvH1lYRciDlMdWDQyGAGefuUN
xO6jMEGnGEw=
=9RjV
-----END PGP SIGNATURE-----







Thread