Cryptography Reference
In-Depth Information
Card Operating Systems
: The microprocessor in a smart card is con-
trolled by a
Card Operating System
(COS), which is a piece of firmware stored
in the ROM of the microcontroller IC embedded in the card.
9.28
The COS has
the followingfundamental tasks.
1. Both establish and control communication between the card and any card-
readingdevice.
2. File management.
3. Memory management.
4. Management of applications includingloadingand operating.
5. Protect data access.
6. Instruction processingand execution control.
7. Execute and manage cryptographic protocols when communicating with a
card-readingdevice.
Smart Cards and PKI
: The structure for smart cards employingPKI is
described in RFC 2459 (see [215]). Smart cards may be embedded with functions
that generate public and private PKC keys inside the cards, meaning that the
private key is not sent to any site outside the card. In other words, the smart
card need not export the private key in order to use a given application.
Suppose that Alice interfaces her smart card with her computer for the pur-
pose of usingsome application, which requires Alice's signature on a document
to authenticate her. In order to get the card to communicate with the applica-
tion, a hash of Alice's document, e-mail for instance, is sent to the card. The
card signs the document with her private key (all this taking place inside the
card), and the signed document is sent to the application. Hence, her private
key is never exposed to the outside, in particular to her computer. Smart cards
may employ SSH (see page 334) to authenticate to an application remotely, for
instance. In general PKI architecture may support access to a given business
enterprise via a local CA or RA for the purpose of certification. Basically, the
structures discussed in Section 6.2 may be brought to bear via smart cards and
their interaction with various applications.
Contact Vs. Contactless
: The communication between a smart card and
a card reader or detection device might be direct, namely, physical contact, or
contactless
usingradio frequency. Thus, smart cards are further divided into
contact and contactless (sometimes called
proximity
) cards. Contactless cards
9.28
Thinkof a microcontroller as a computer on a chip. A microcontroller is created via the
integration of the fundamental components of a microprocessor: RAM; ROM; and digital I/O
(input/output) ports into the same chip die. Other features might include: serial I/O, a timer
module; analogue to digital converters (ADC); and even serial peripheral drivers. Examples
are Motorola's M68HC08 family of 8-bit microcontrollers, and Microchip's PIC17 Family with
16-bit program word.
Search WWH ::
Custom Search