Book contents
- Frontmatter
- Contents
- Foreword by Kevin Gillick
- Acknowledgements
- Part I Introduction
- Part II Technology
- 4 Biometrics
- 5 Security and cryptography
- 6 Card technology
- 7 Readers and terminals
- 8 Application selection: the ISO 7816 family
- 9 JavaCard and GlobalPlatform
- 10 Multos
- 11 Other operating systems
- 12 Card management systems
- Part III Business requirements
- Part IV Implementation
- Appendix A Glossary
- Appendix B Further reading
- Appendix C Standards
- Index
- References
5 - Security and cryptography
from Part II - Technology
Published online by Cambridge University Press: 11 August 2009
- Frontmatter
- Contents
- Foreword by Kevin Gillick
- Acknowledgements
- Part I Introduction
- Part II Technology
- 4 Biometrics
- 5 Security and cryptography
- 6 Card technology
- 7 Readers and terminals
- 8 Application selection: the ISO 7816 family
- 9 JavaCard and GlobalPlatform
- 10 Multos
- 11 Other operating systems
- 12 Card management systems
- Part III Business requirements
- Part IV Implementation
- Appendix A Glossary
- Appendix B Further reading
- Appendix C Standards
- Index
- References
Summary
Another science – some would say art – that is very important to smart cards is cryptography. Cryptography is an essential part of many of the security functions for which smart cards are used. This chapter can only give an overview of the issues that are relevant to smart cards, and readers seeking a deeper understanding of algorithms and cryptography generally are referred to the further reading suggested in Appendix B.
Cryptography
Algorithms
Modern cryptography combines algorithms (mathematical transformations) and key management techniques to secure data in many different ways. The main algorithms used change only very slowly, since only thoroughly tested and well understood algorithms are used for important security functions. People outside the security industry often feel that a newly developed or secret algorithm should be more secure, but the history of cryptography has shown that only a very few algorithms remain unbroken after many years. Nearly all others succumb sooner or later to some easy attacks – once an attack is known the algorithm is useless.
Algorithms are divided into two groups: symmetric algorithms (like the Data Encryption Standard ANSI X3.92 or its more modern and stronger replacement, the Advanced Encryption Standard FIPS-197 1) use the same key for encryption and decryption. Public-key algorithms (such as RSA 2) use a different key for encryption and decryption: the owner keeps one key private while the other is published.
- Type
- Chapter
- Information
- Multi-application Smart CardsTechnology and Applications, pp. 39 - 49Publisher: Cambridge University PressPrint publication year: 2007