Rajat Moona j CSE, IIT Kanpur October 11, Reach IIT K
|
|
- Gwendoline Wheeler
- 5 years ago
- Views:
Transcription
1 Rajat Moona j CSE, IIT Kanpur October 11, 2010 Reach IIT K
2 Identity Establishment Problem Smart Card Technology IIT Kanpur Contribution ID related applications DL/RC, MNIC, e Passport Protection against Phishing ATM Enabler for Micro financing
3 The issue of giving right information to right person. Problem: Am I talking to the right person/equipment? On a telephone line: the party on the other side is right person or not? For ATM transactions: is it a genuine ATM? Simple schemes: Voice recognition? Face recognition? Secret sharing? Shared trust? Simple schemes are not robust. Not secure.
4 Real world is however build over simple things. Password based login The passwords are easy to guess. Web logins (bank account/credit cards etc.) Identity loss (lost passwords from sites) Fingerprint based identifications. Detective movies are full of ideas on how to crack them. Credit cards based frauds. 3 digit CVV protection? Try only 900 times to crack a card. Is it worthwhile to use such mechanisms?
5 Mechanism Password or PIN ( What you know ) Secret information shared between two parties Cryptographic challenge Response ( What you carry ) Entity authentication Biometric i information ( What is part of you ) Person s identification A combination of one or more
6 Device asks the user (person or a device) to provide a password. Password is matched hdfor verification with a reference one. For example: ATM
7 Enter PIN 2344 Withdraw Rs Rs given Bank Rs given. Bank Server informed for keeping transaction record.
8 Enter PIN 2344 No Authentication with Bank!!! Withdraw Rs User Given the amount or told ATM out of money.
9 Secret Key Cryptography Two communicating sides share the same secret Public Key Cryptography Public key is used for encryption while private key is used for decryption. Private key is secret. Authentication is based on proving the possession of secret key by its use. Challenge Response Authentication
10 Cryptanalyst/ Attacker p K p Encryption c c Decryption Algorithm Algorithm p Sender K Secure Channel Receiver Key Source
11 Cryptanalyst/ Attacker p Pr p Encryption c c Decryption Algorithm Algorithm p Sender Pu Pr Receiver Known to the world Pu Key Gen
12 Password based Identification Where to store passwords securely? Password Guessability Prone to Identity theft Address based Identification Assumes that atthe identity ty of a person can be inferred ed across the network. Prone to identity attacks. Symmetric key cryptography ybased Identification Challenge Response based Identification (authentication) Public key cryptography based identification Cryptographic techniques are immune to identity theft provided keys are not leaked.
13 Visual identity application Plain plastic card is enough Magnetic strip (e.g. credit cards) Visual data also available in machine readable form No security of data Electronic memory cards Machine readable data Some security (vendor specific) Processor cards (and therefore memory too) Cards have an operating system that provides A standard way of interchanging information An interpretation t ti of the commands and data
14 VCC Reset Clock Reserved GND VPP I/O
15 Contact Card Contactless (RF) Card RFU CLK RST Vcc RF Antenna GND RFU I/O Vpp
16 256 bytes to 4KB RAM. 8KB to 0.5MB ROM. 1KB to 1MB EEPROM. Crypto coprocessors (implementing AES, 3DES, RSA etc., in hardware) are optional. 8 bit to 16 bit CPU based designs are common. The price of a mid level chip when produced in bulk is about US$0.50.
17 Computer based readers Connect through USB or COM (Serial) ports Dedicated terminals Usually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner.
18 Electronics Technology Memory Memory Contact Cards Memory Contact-less Cards (aka RFID) Processor Processor Contact Cards Processor Contact-less Cards ) Cont tact Radio (RF Commun nication n Techno ology
19 Smart cards can store and control access to data in most flexible manner. To specific users who know the passwords To a specific devices who know the secret Cryptography based operations Data stored can include Personal information and Biometric i reference data (e.g. fingerprint i template) Keys and passwords Capabilities include Data storage (persistent) Cryptography (encryption/decryption/digital signatures etc.) Auxiliary mechanisms (hash computations, random number generation)
20 Smart Card group had developed the Indian National Standard for the OS SCOSTA and SCOSTA CL Certification process and mechanisms Key management system design for the Indian Driving License and Vehicle Registration, National ID Card data layout and processes for DL/RC, National ID (MNIC), Indian epassport Defined the standard for the Indian epassport (a step over the ICAO standards) Card Readers and programming interfaces for application development.
21 ID Applications i National ID, Driving License, Electronic Passports, Health Care Electronic Cash Payment, e Purse Purse, Toll Tax, Credit cards, purse to purse transactions Loyalty Banking Cards, Membership cards Authenticity Security Tokens, Resource Access
22 Can store information such as Personal Information Name, Name in local language, Sex, Names of parents, spouse, marital status, Date and place of birth, aliases, National ID, Issuer s Name/designation, Issue date, address Validity checks Valid up to information, validity keys, Digital signature mechanisms Biometric information Photograph, finger print (machine verifiable) Possible applications Electronic tax filing, electronic authenticated voting, irrefutable proof of citizenship, social security Access Control (read write control based on the entity) Certain information is record once once (national ID number, Sex...) Certain information is modifiable (such as address )
23 Electronic Passport is passport with smart card chip in the binding (e.g. cover page) Chip stores the personal information. Additionally the data is digitally it signed by the document signer (such as a passport issuing officer). Non repudiation is possible. Passport data can be verified at immigration control world wide. Provided the country specific public keys are exchanged between the countries through h bi lateral l exchange mechanism Personal information may include the biometric which can be verified at the home immigration counters for entry/exit. Authentic photograph of the owner is stored on chip.
24 Security Issue Fake outlet attack Shoulder attack Fake padoverlay attack Network Issue Dedicated network is required Network is unreliable Cost Issue Display / Input device required Cost for Network Connectivity Cooling costs
25 Several scenarios are possible. Case I: Use of Mobile and Card. Ultimate protection Case II: Use of card only. Protection against keyboard overlay or shoulder attack not possible. Case III: Protection against lost mobile possible.
26 Smart cards are the devices for the future Can be used for several applications. Document signing (for example tax returns) Identification and authentication Such as Driving License, National ID (MNIC), Voter Card, e Passports etc. Bank Transactions E cash and e purse application. Ticketing and Toll Metro Ticketing and Toll gate operations. Access Control Access to rooms/facilities, Club memberships, vending applications. Secure, robust and dependable storage of data, keys and Passwords. Data can be protected against tampering and can be made reliable and dependable. Innovations are possible in the use of the technology and the technology itself.
27 _(India)/ Nitin Munjal and Rajat Moona, Secure and Cost Effective Transaction Model for Financial Services, ICUMT 2009, St. Petersburg. Nitin Munjal, Ashish Paliwal, Rajat Moona, Low Cost Secure Transaction Model for Financial Services, Security and Identity Management (SIM), Ahmedabad, Abhishek Gaurav, Ankit Sharma, Vikas Gelara, Rajat Moona, Using Personal Electronic Device for Authentication based Service Access, IEEE International Conference on Communications (ICC2008), Beijing, May 2008.
28 BTech Students Abhishek Gaurav, Ankit Sharma, Vikas Gelara MTech Students S Ravinder, Aditi Gupta, Deepak Nagawade, Anshul Data, Nitin Munjal, N Karthik, Nikhil Khande Faculty Members Deepak Gupta, Manindra Agrawal Funding Agencies and collaborators MCIT, NIC, RGI, MoRST, MEA
Introduction to Electronic Identity Documents
Tutorial Introduction to Electronic Identity Documents Klaus Schmeh cryptovision I'm Klaus Schmeh, Chief Editor Marketing at cryptovision. I have published a number of books. Identity Documents Conventional
More informationSmart cards are made of plastic, usually polyvinyl chloride. The card may embed a hologram to prevent counterfeiting. Smart cards provide strong
Smart Cards By: Definition Smart cards, chip card, or integrated circuit card (ICC) are card with embedded integrated circuits that contain a computer chip capable of carrying out a cryptographic protocol.
More informationCSC 474 Network Security. Authentication. Identification
Computer Science CSC 474 Network Security Topic 6. Authentication CSC 474 Dr. Peng Ning 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationAuthentication. Identification. AIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 6. Authentication Instructor: Dr. Kun Sun Authentication Authentication is the process of reliably verifying certain information. Examples User authentication
More informationAuthentication Technologies
Authentication Technologies 1 Authentication The determination of identity, usually based on a combination of something the person has (like a smart card or a radio key fob storing secret keys), something
More informationAuthentication & Authorization
Authentication & Authorization Anuj Gupta 1, 1 M.Tech Scholar, Department of C.F.I.S, G.I.T.A.M, Kablana, Jhajjar Ashish Kumar Sharma 2 2 Assistant Professor, Department of C.F.I.S & C.S.E, G.I.T.A.M,
More informatione-pg Pathshala Subject: Computer Science Paper: Embedded System Module: Embedded System Design Case Study-Part I Module No: CS/ES/39 Quadrant 1 e-text
e-pg Pathshala Subject: Computer Science Paper: Embedded System Module: Embedded System Design Case Study-Part I Module No: CS/ES/39 Quadrant 1 e-text In this lecture, the design and the basic concepts
More informationAdvanced Security Mechanisms for Machine Readable Travel Documents and eidas Token
Technical Guideline TR-03110-1 Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token Part 1 emrtds with BAC/PACEv2 and EACv1 Version 2.20 26. February 2015 History Version
More informationSMART CARDS. Miguel Monteiro FEUP / DEI
SMART CARDS Miguel Monteiro apm@fe.up.pt FEUP / DEI WHAT IS A SMART CARD Distinguishable characteristics Can participate in automated electronic transactions Used primarily to add security Not easily forged
More informationCOMPGA12 1 TURN OVER
Applied Cryptography, COMPGA12, 2009-10 Answer ALL questions. 2 hours. Marks for each part of each question are indicated in square brackets Calculators are NOT permitted 1. Multiple Choice Questions.
More informationHitachi Releases Smart Card Microcontroller AE45X series Equipped with Contact/Contactless Dual Interface in a Single Chip
Hitachi Releases Smart Card Microcontroller AE45X series Equipped with Contact/Contactless Dual Interface in a Single Chip Suitable for multi-purpose multi-application smart cards in the fields such as
More informationCREDENTSYS CARD FAMILY
CREDENTSYS CARD FAMILY Credentsys is a secure smart card family that is designed for national ID systems, passports, and multi-use enterprise security environments. The family is certified to FIPS 140-2
More informationWHAT FUTURE FOR CONTACTLESS CARD SECURITY?
WHAT FUTURE FOR CONTACTLESS CARD SECURITY? Alain Vazquez (alain.vazquez@louveciennes.sema.slb.com) 1/27 AV Contents Major contactless features : summary Contactless major constraints Major security issues
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (3 rd Week) 3. User Authentication 3.Outline Electronic User Authentication Principles Password-Based Authentication Token-Based Authentication Biometric
More informationLecture 9 User Authentication
Lecture 9 User Authentication RFC 4949 RFC 4949 defines user authentication as: The process of verifying an identity claimed by or for a system entity. Authentication Process Fundamental building block
More information2 Electronic Passports and Identity Cards
2 Picture source: www.bundesdruckerei.de Paper based Passport Radio Frequency (RF) Chip Electronic Passport (E Pass) Biographic data Human readable Partially machine readable (optically) Conventional
More informationDr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011
Mobile Security Application Current Status Overview in Taiwan Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011 Content Problems and Current Status Approach for the Mobile Security Application Mobile
More informationA Multi-Application Smart-Card ID System for George Mason University. - Suraj Ravichandran.
A Multi-Application Smart-Card ID System for George Mason University - Suraj Ravichandran. Current System Magnetic Swipe Card based ID The card has three tracks They each store the following: Name, G#
More informationVulnerability and security issues in Auto teller machine transactions
Vulnerability and security issues in Auto teller machine transactions NAVNEET SHARMA Sr. Asstt. Professor Dept. of Computer Sc. The IIS University, Jaipur, Rajasthan, India E-Mail navneetsharma1977@gmail.com
More informationSmartcards. ISO 7816 & smartcard operating systems. Erik Poll Digital Security Radboud University Nijmegen
Smartcards ISO 7816 & smartcard operating systems Erik Poll Digital Security Radboud University Nijmegen 1 Standard for contact smartcards ISO7816 7816-1 Physical characteristics 7816-2 Dimension & size
More informationCNT4406/5412 Network Security
CNT4406/5412 Network Security Authentication Zhi Wang Florida State University Fall 2014 Zhi Wang (FSU) CNT4406/5412 Network Security Fall 2014 1 / 43 Introduction Introduction Authentication is the process
More informationSecurity Mechanism of Electronic Passports. Petr ŠTURC Coesys Research and Development
Security Mechanism of Electronic Passports Petr ŠTURC Coesys Research and Development Smartcard CPU 16/32 bit 3.57MHz (20MHz) 1.8 / 3/ 5 V ROM 16-300 kb RAM 1-8 kb EEPROM 8-128kB Contactless communication
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 3 User Authentication First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown User Authentication fundamental security building
More informationIDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller
IDCore Flexible, Trusted Open Platform financial services & retail enterprise > SOLUTION Government telecommunications transport Trusted Open Platform Java Card Alexandra Miller >network identity >smart
More informationCIS 6930/4930 Computer and Network Security. Topic 6. Authentication
CIS 6930/4930 Computer and Network Security Topic 6. Authentication 1 Authentication Authentication is the process of reliably verifying certain information. Examples User authentication Allow a user to
More informationII. LITERATURE SURVEY
Secure Transaction By Using Wireless Password with Shuffling Keypad Shweta Jamkavale 1, Ashwini Kute 2, Rupali Pawar 3, Komal Jamkavale 4,Prashant Jawalkar 5 UG students 1,2,3,4, Guide 5, Department Of
More informationThe Future of Smart Cards: Bigger, Faster and More Secure
The Future of Smart Cards: Bigger, Faster and More Secure Joerg Borchert, Vice President, Secure Mobile Solutions July 16, 2003 Page 1 N e v e r s t o p t h i n k i n g. Infineon Technologies: Overview
More informationPut Identity at the Heart of Security
Put Identity at the Heart of Security Strong Authentication via Hitachi Biometric Technology Tadeusz Woszczyński Country Manager Poland, Hitachi Europe Ltd. 20 September 2017 Financial security in the
More informationSmart Card Operating Systems Overview and Trends
Smart Card Operating Systems Overview and Trends Pierre.Paradinas@gemplus.com Gemplus Labs Smart card A piece of plastic with a chip that contains: CPU, memories and programs SC is your personal information
More informationCS530 Authentication
CS530 Authentication Bill Cheng http://merlot.usc.edu/cs530-s10 1 Identification vs. Authentication Identification associating an identity (or a claimed identity) with an individual, process, or request
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationNFC embedded microsd smart Card - Mobile ticketing opportunities in Transit
NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit July 2017 By: www.smk-logomotion.com Introduction Presentation is describing NFC enabled microsd smart card (LGM Card) Technical
More informationPast & Future Issues in Smartcard Industry
Past & Future Issues in Smartcard Industry Ecrypt 2 Summer School Guillaume Dabosville Oberthur Technologies Oberthur Technologies the group its divisions payment, mobile, transport and digital TV markets
More informationEU Passport Specification
Biometrics Deployment of EU-Passports EU Passport Specification (EN) 28/06/2006 (As the United Kingdom and Ireland have not taken part in the adoption of this measure, an authentic English version of the
More informationDistributed Systems. Smart Cards, Biometrics, & CAPTCHA. Paul Krzyzanowski
Distributed Systems Smart Cards, Biometrics, & CAPTCHA Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution
More informationInternational Journal of Informative & Futuristic Research ISSN:
Reviewed Paper Volume 3 Issue 12 August 2016 International Journal of Informative & Futuristic Research Fingerprint Based Vehicle Security Paper ID IJIFR/V3/ E12/ 007 Page No. 4486-4494 Research Area Embedded
More informationOnline Banking Security
Online Banking Security Fabian Alenius Uwe Bauknecht May 17, 2009 Contents 1 Introduction 2 2 Secure Communication 2 2.1 Password authentication..................... 2 2.2 One-time Passwords.......................
More informationNon Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc.
Identities Non Person Identities After all, who cares about me? Gilles Lisimaque & Dave Auman Identification technology Partners, Inc. Device Identifiers Most devices we are using everyday have (at least)
More informationGENERATION OF SECURE ONE TIME PASSWORD FOR ATM SECURITY AND THEFT PROTECTION
GENERATION OF SECURE ONE TIME PASSWORD FOR ATM SECURITY AND THEFT PROTECTION S.Pooranachandran 1, E.Aravind 2, D.Bharathipriya 3, A.K.Gokul 4,E.Karthika 5, Department of Electronics and Communication Engineering.
More informationSmart Cards. José Costa. Software for Embedded Systems. Departamento de Engenharia Informática (DEI) Instituto Superior Técnico
Smart Cards José Costa Software for Embedded Systems Departamento de Engenharia Informática (DEI) Instituto Superior Técnico 2015-11-09 José Costa (DEI/IST) Smart Cards 1 Outline Application Domains: Smart
More informationICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification
ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another
More informationBiometrics problem or solution?
Biometrics problem or solution? Summary Biometrics are a security approach that offers great promise, but also presents users and implementers with a number of practical problems. Whilst some of these
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationSmart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security
Smart Cards and Authentication Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Payment Landscape Contactless payment technology being deployed Speeds
More informationSystem to assure authentication and transaction security. Presentation of the concept and product May 2009
System to assure authentication and transaction security Presentation of the concept and product May 2009 AXSionics AG, Neumarktstrasse 27, 2503 Biel, Switzerland Information: Dr. Lorenz Müller Lorenz.mueller@axsionics.ch
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationSecurity Policy for Schlumberger Cyberflex Access 32K Smart Card with ActivCard Applets
Security Policy for Schlumberger Cyberflex Access 32K Smart Card with ActivCard Applets TABLE OF CONTENTS 1 SCOPE OF DOCUMENT... 1 2 INTRODUCTION... 1 3 SECURITY LEVELS... 1 3.1 CRYPTOGRAPHIC MODULE SPECIFICATION...
More informationLecture 3 - Passwords and Authentication
CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 3 - Passwords and Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 9: Authentication Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Definition of entity authentication Solutions password-based
More information2 nd ETSI Security Workshop: Future Security. Smart Cards. Dr. Klaus Vedder. Chairman ETSI TC SCP Group Senior VP, Giesecke & Devrient
2 nd ETSI Security Workshop: Future Security Smart Cards Dr. Klaus Vedder Chairman ETSI TC SCP Group Senior VP, Giesecke & Devrient ETSI TC SCP, the Smart Card Committee 19 Years of Dedication and Real-life
More informationRemote E-Voting System
Remote E-Voting System Crypto2-Spring 2013 Benjamin Kaiser Jacob Shedd Jeremy White Phases Initialization Registration Voting Verifying Activities Trusted Authority (TA) distributes 4 keys to Registrar,
More informationLecture 41 Blockchain in Government III (Digital Identity)
Blockchains Architecture, Design and Use Cases Prof. Sandip Chakraborty Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture 41 Blockchain in Government III
More informationSystems Analysis and Design in a Changing World, Fourth Edition
Systems Analysis and Design in a Changing World, Fourth Edition Learning Objectives Discuss examples of system interfaces found in information systems Define system inputs and outputs based on the requirements
More informationThe Design of an Anonymous and a Fair Novel E-cash System
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 2, Number 2 (2012), pp. 103-109 International Research Publications House http://www. ripublication.com The Design of
More informationBIOMETRIC MECHANISM FOR ONLINE TRANSACTION ON ANDROID SYSTEM ENHANCED SECURITY OF. Anshita Agrawal
BIOMETRIC MECHANISM FOR ENHANCED SECURITY OF ONLINE TRANSACTION ON ANDROID SYSTEM 1 Anshita Agrawal CONTENTS Introduction Biometric Authentication Fingerprints Proposed System Conclusion References 2 INTRODUCTION
More informationLecture 9. Authentication & Key Distribution
Lecture 9 Authentication & Key Distribution 1 Where are we now? We know a bit of the following: Conventional (symmetric) cryptography Hash functions and MACs Public key (asymmetric) cryptography Encryption
More informationSecurity & Privacy. Web Architecture and Information Management [./] Spring 2009 INFO (CCN 42509) Contents. Erik Wilde, UC Berkeley School of
Contents Security & Privacy Contents Web Architecture and Information Management [./] Spring 2009 INFO 190-02 (CCN 42509) Erik Wilde, UC Berkeley School of Information Abstract 1 Security Concepts Identification
More informationSecurity of Biometric Passports ECE 646 Fall Team Members : Aniruddha Harish Divya Chinthalapuri Premdeep Varada
Security of Biometric Passports ECE 646 Fall 2013 Team Members : Aniruddha Harish Divya Chinthalapuri Premdeep Varada CONTENTS Introduction to epassports Infrastructure required for epassports Generations
More informationIEEE Std and IEEE Std 1363a Ashley Butterworth Apple Inc.
apple IEEE Std 1363-2000 and IEEE Std 1363a-2004 Ashley Butterworth Apple Inc. The Titles IEEE Std 1363-2000 - IEEE Standard Specifications for Public-Key Cryptography IEED Std 1363a-2004 - IEEE Standard
More information1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A 2 3 ACOS5-64 Series (64KB EEPROM) Cryptographic Smart Card and Token Module
More informationTarget Breach Overview
Target Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more specifics? A: Yes, Target has confirmed that it experienced unauthorized access to its systems
More informationLecture 3 - Passwords and Authentication
Lecture 3 - Passwords and Authentication CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 What is authentication? Reliably verifying
More informationIdentification, authentication, authorisation. Identification and authentication. Authentication. Authentication. Three closely related concepts:
Identification, authentication, authorisation Three closely related concepts: Identification and authentication WSPC, Chapter 6 Identification: associating an identity with a subject ( Who are you? ) Authentication:
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationCOPYRIGHTED MATERIAL. Overview of Smart Cards. Chapter Card Classification
Chapter 1 Overview of Smart Cards In contrast to information technology practices in the PC realm, the development and functionality of smart cards are strongly driven by international standards. The reason
More informationVerifying emrtd Security Controls
Blackhat Europe 2010 Verifying emrtd Security Controls Raoul D Costa 1 3M 2010. All Rights Reserved. Agenda Overview of ICAO / EU Specifications emrtds decomposed emrtd Infrastructure (PKI) Inspecting
More informationCan eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010
Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010 Content eid Primary Functions eid Privacy Features and Security
More informationSecure Elements 101. Sree Swaminathan Director Product Development, First Data
Secure Elements 101 Sree Swaminathan Director Product Development, First Data Secure Elements Secure Element is a tamper resistant Smart Card chip that facilitates the secure storage and transaction of
More information5. Authentication Contents
Contents 1 / 47 Introduction Password-based Authentication Address-based Authentication Cryptographic Authentication Protocols Eavesdropping and Server Database Reading Trusted Intermediaries Session Key
More informationTest Conditions. Closed book, closed notes, no calculator, no laptop just brains 75 minutes. Steven M. Bellovin October 19,
Test Conditions Closed book, closed notes, no calculator, no laptop just brains 75 minutes Steven M. Bellovin October 19, 2005 1 Form 8 questions I m not asking you to write programs or even pseudo-code
More informationSmart Cards. Outline. José Costa Application Domains: Smart Cards. Software for Embedded Systems
Smart Cards José Costa Software for Embedded Systems Department of Computer Science and Engineering (DEI) Instituto Superior Técnico Adapted from the overheads for ASE 2009-2010 2011-05-02 José Costa (DEI/IST)
More informationV.V. COLLEGE OF ENGINEERING
A.R. NIVETHITHAA BE 1 ST YEAR V.V. COLLEGE OF ENGINEERING TISAIYANVILAI DIGITAL FIANCIAL LITERACY India is a developing economy with focus on achieving sustainable development. To achieve sustainable development,
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More informationDistributed Systems. Smart Cards, Biometrics, & CAPTCHA. Paul Krzyzanowski
Distributed Systems Smart Cards, Biometrics, & CAPTCHA Paul Krzyzanowski pxk@cs.rutgers.edu ds@pk.org Except as otherwise noted, the content of this presentation is licensed under the Creative Commons
More informationCSCE 548 Building Secure Software Entity Authentication. Professor Lisa Luo Spring 2018
CSCE 548 Building Secure Software Entity Authentication Professor Lisa Luo Spring 2018 Previous Class Important Applications of Crypto User Authentication verify the identity based on something you know
More informationDESIGNING A BIOMETRIC STRATEGY (FINGERPRINT) MEASURE FOR ENHANCING ATM SECURITY IN INDIAN E-BANKING SYSTEM
DESIGNING A BIOMETRIC STRATEGY (FINGERPRINT) MEASURE FOR ENHANCING ATM SECURITY IN INDIAN E-BANKING SYSTEM PROJECT REFERENCE NO. : 37S0270 COLLEGE : MANGALORE INSTITUTE OF TECHNOLOGY & ENGINEERING MANGALORE
More informationBiometrics. Overview of Authentication
May 2001 Biometrics The process of verifying that the person with whom a system is communicating or conducting a transaction is, in fact, that specific individual is called authentication. Authentication
More informationMTAT Applied Cryptography
MTAT.07.017 Applied Cryptography Smart Cards 2 University of Tartu Spring 2014 1 / 20 Security Model Parties involved in smart card based system: Cardholder Data owner Terminal Card issuer Card manufacturer
More informationAuthentication. Chapter 2
Authentication Chapter 2 Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand how CHAP works Understand what mutual authentication
More informationBSI TR Part 1.1 A framework for Official Electronic ID Document conformity tests
BSI TR-03105 Part 1.1 A framework for Official Electronic ID Document conformity tests Version 1.04.1 14.11.2008 CONTENTS 1 INTRODUCTION... 4 2 DEFINITIONS AND REFERENCES... 4 2.1 Definitions... 4 2.2
More informationMobile Identity Management
Mobile Identity Management Outline Ideas Motivation Architecture Implementation notes Discussion Motivation 1 The mobile phone has become a highly personal device: Phonebook E-mail Music, videos Landmarks
More informationWhat is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.
P1L4 Authentication What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource. Authentication: Who are you? Prove it.
More informationSymmetric Key Services Markup Language Use Cases
Symmetric Key Services Markup Language Use Cases Document Version 1.1 - February 28, 2007 The OASIS Symmetric Key Services Markup Language (SKSML) is the proposed language/protocol that defines how a client
More informationHash-based Encryption Algorithm to Protect Biometric Data in e-passport
Hash-based Encryption Algorithm to Protect Biometric Data in e-passport 1 SungsooKim, 2 Hanna You, 3 Jungho Kang, 4 Moonseog Jun 1, First Author Soongsil University, Republic of Korea, indielazy@ssu.ac.kr
More informationMoser Baer Group 25 years of excellence
Moser Baer Group 25 years of excellence Introduction to the Moser Baer Group Established in 1983 25 years legacy as India s leading technology manufacturing company 8,000 Employees Rs11,000 Crores in Assets
More informationA simple approach of Peer-to-Peer E-Cash system
A simple approach of Peer-to-Peer E-Cash system Mr. Dharamvir, Mr. Rabinarayan Panda Asst. Professor, Dept. of MCA, The Oxford College of Engineering Bangalore, India. Abstract-With the popularization
More informationCS November 2018
Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University
More informationMU2a Authentication, Authorization & Accounting Questions and Answers with Explainations
98-367 MU2a Authentication, Authorization & Accounting Questions and Answers with Explainations Which are common symptoms of a virus infection? (Lesson 5 p 135-136) Poor system performance. Unusually low
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationThe Cryptographic Sensor
The Cryptographic Sensor Libor Dostálek and Václav Novák {libor.dostalek, vaclav.novak}@prf.jcu.cz Faculty of Science University of South Bohemia České Budějovice Abstract The aim is to find an effective
More informationChip Authentication for E-Passports: PACE with Chip Authentication Mapping v2
v.2 Chip Authentication for s: with Chip Authentication Mapping v2 Lucjan Mirosław Wrocław University of Science and Technology, Poland ISC 2016, Honolulu Electronic Passport v.2 e-passport and ebooth:
More informationDesign and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet
Design and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet Hao Zhao, Sead Muftic School of Information and Communication Technologies (ICT) Royal Institute of Technology
More informationLecture 8: User Authentication
Outline INF3510 Information Security Lecture 8: User Concepts related to authentication Identity and authentication steps User Knowledge-Based Passwords Ownership-Based Tokens Inherence-Based Biometrics
More informationNetwork Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions
CHAPTER 3 Network Security Solutions to Review Questions and Exercises Review Questions. A nonce is a large random number that is used only once to help distinguish a fresh authentication request from
More informationSystem-Level Failures in Security
System-Level Failures in Security Non linear offset component (ms) 0.0 0.5 1.0 1.5 2.0 Variable skew De noised Non linear offset Temperature 26.4 26.3 26.2 26.1 26.0 25.9 25.8 Temperature ( C) Fri 11:00
More information