Newsletters  |  Buy Print
Sections
Features
Essentials
Print Edition
Current IssuePast Issues

The security factor

Published : Aug 12, 2005 00:00 IST

R. RAMACHANDRAN

MICROPROCESSOR-BASED smart cards are the most secure devices for small amounts of data. Technologically, the microprocessor makes it possible to impose desired security conditions/rules for accessing the desired information. In a microprocessor-based smart card, the chip can implement an operating system (OS) with a secure file-system, and the OS has the capability to compute cryptographic functions. Since a microprocessor has an in-built central preserving unit (CPU), the domains of input data and stored data are different. The CPU performs a cryptographic transformation function (through an internal key algorithm) on the input data and stores it securely. That is, the key to the stored data is internal to the microprocessor itself.

Key-based authentication is the biggest security strength of the smart card, because of which these are more secure devices as compared to magnetic or optical storage devices where the input and stored domains are the same. The latter devices have no capacity to process and transform the data domain. Keys in smart cards typically use strong on-chip algorithms like 3DES or RSA. Through challenge-response mechanisms and encryption-decryption through the corresponding keys, two secure devices can communicate to authenticate each other.

And this is the methodology through which a person proves his identity by possessing one of the keys, securely stored in his or her card. The authentication process can be based on symmetric keys (master key-key) or asymmetric keys (public key-private key).

Smart card technology provides security against direct access to keys and makes it possible that all kinds of security operations are performed internally on the chip without sending keys out of the card. The smart card microprocessor is strong enough to run various security-related complex algorithms using keys internally.

It is for this reason that the Apex Committee had recommended the use of microprocessor technology. It said:

"Microprocessor technology provides a technology which is much more secured and can have in-built function which can help provide effective security to the stored data. The memory-based cards, where the security functions are not embedded in the card and are handled through an external device, thus splitting the security elements in the chain, makes it more vulnerable as compared to the microprocessor-based smart cards ... Thus the microprocessor-based smart cards with contacts can best suit the needs of DL and RC application in the transport sector ...

"Microprocessor-based smart cards can provide secure authentication mechanisms and duplication security up to a great extent by using symmetric dynamic authentication techniques."

Propaganda — The Lede

Movie trailers: The unofficial manifestos of our time

Lawrence Liang
Propaganda

Editor’s Note: When cinema becomes a tool for propaganda

Vaishna Roy
+ SEE all Stories
Sign in to Unlock member-only benefits!
  • Bookmark stories to read later.
  • Comment on stories to start conversations.
  • Subscribe to our newsletters.
  • Get notified about discounts and offers to our products.
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide to our community guidelines for posting your comment