Monday, March 17, 2008

Smart Cards

A smart card, chip card, or integrated circuit card (ICC), is defined as any pocket-sized card with embedded integrated circuits that can process information. This implies that it can receive input that is processed - by way of the ICC applications - and delivered as an output. There are two broad categories of ICCs. Memory cards contain only non-volatile memory storage components, and perhaps some specific security logic. Microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally PVC, but sometimes ABS. The card may embed a hologram to avoid counterfeiting.
Most advanced smart cards are equipped with specialized cryptographic hardware that let you use algorithms such as RSA and DSA on board. Today's cryptographic smart cards are also able to generate key pairs on board, to avoid the risk of having more than one copy of the key. Since by design there usually isn't a way to extract private keys from a smart card.
Such smart cards are mainly used for digital signature and secure identification. The most common way to access cryptographic smart card functions on a computer is to use a PKCS#11 library provided by the vendor. On Microsoft Windows platforms the CSP API is also adopted.
The most widely used cryptographics in smart cards excluding the GSM so-called "crypto algorithm" are 3DES (Triple DES) and RSA. The key set is usually loaded (DES) or generated (RSA) on the card at the personalization stage.

No comments: