220 likes | 346 Vues
Smart Access: Strong Authentication on the Web Ton.Verschuren@SURFnet.NL TNC Dresden 5-8 October 1998. What’s the problem?. Authentication solutions. ROM. EEPROM. I/O etc. R A M. CPU. Introducing…the smartcard. IBM MFC smartcard: 8 bit P rocessor 2K ROM (OS) 10K EEPROM (Apps)
E N D
Smart Access: Strong Authentication on the Web Ton.Verschuren@SURFnet.NL TNC Dresden 5-8 October 1998
ROM EEPROM I/O etc R A M CPU Introducing…the smartcard • IBM MFC smartcard: • 8 bit Processor • 2K ROM (OS) • 10K EEPROM (Apps) • <1K RAM • 3,64Mhz clockspeed
MF DF DF DF DF EF EF EF EF EF EF EF EF EF EF Smartcard intro (Cont’d) • MF Master File • DF Dedicated File • EF Elementary Files
Access conditions For each command on a file: • ALW (Always) • CHV (CardHolder Verification) • PRO (Protected with key X) • Secure handshake with MAC • AUT (External Authentication) • ENC (Enciphered) • PRO plus encrypted data • NEV (never) (triple) DES !
Student Smartcard • College pass • library pass • loan/grant registration number • membership data • e-purse (Chipper)
Current applications • Downloading of commercial software(Smart Server) • Access to exam results database • Student grants/loans system • StudyNet: • registration for courses and exams • access to exam results
Issues • Java implementations in browsers • Support for smartcard readers (com port) • Use of DES in public key world • Scaling of DES-based two-party authentication
Demo time! • Setup Card Reader • StudyNetFaculty of Arts, Utrecht University
References • http://www.surfnet.nl/surfnet/projects/home-office/ • http://www.surfnet.nl/projecten/surf-ace/homeoffice/(dutch) • http://www.iscit.surfnet.nl/ • http://www.chipcard.ibm.com/