Well, there's ways to fool retina scans IIRC. Bruce Schneider talked about one method a while back...
neurostar
From what I understand
by
joeflies
·
· Score: 2, Informative
I only have a loose understanding of how these work, so please correct me if I'm wrong
It's more than just carrying the key, it handles operations performed on the key. There are definitely programs that run on the card itself, as it is doing the key handling so that the key isn't ever exposed outside of the card.
That being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
Re:From what I understand
by
Anonymous Coward
·
· Score: 1, Informative
The card runs it's own stripped down Java VM. The API is different, but the code is really interpreted on the card. Sun has a FAQ list.
Re:From what I understand
by
nuclearmoose
·
· Score: 3, Informative
Here's the Sun Java Card site:
http://java.sun.com/products/javacard/
Lots of good info there, toolkit, spec, etc. The Java Card book from Sun Press is also pretty good.
Re:I'm in conflict...
by
Anonymous Coward
·
· Score: 1, Informative
Java sucks. Slow junk. Ugly. You can always tell a Java app from another. Pathetic.
Hey, when you get down from your soap box, you might want to investigate Java as of the last...oh... 2+ years. It's not slow. It's not ugly. Get with the program.
For you information: belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You are required to carry ID in the US as well. Big deal.
It is a big deal here (in Belgium).
If you don't have your card, you can be arrested and held in a cell until you are able to prove your identity.
This is anywhere, anytime - not just walking out of a bar, or driving a car. Stand too long on a street corner, or if the police think you're looking at them in a funny way, or be the wrong skin colour in thewrong area - with no official id, you can be held for a long time.
If you're from north Africa, and you're walking around Antwerp with some friends, you better have your card with you - and you better not resist arrest (like breath, etc...).
This is nothing like the US.
-- "The best part? I became an ordained minister while not wearing pants." -- CleverNickName
Re:Belgium?!
by
jay-be-em
·
· Score: 2, Informative
The most beautiful woman in the world, audrey hepburn, was born in Belgium, iirc.
-- "Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
Re:Java based???
by
Hrshgn
·
· Score: 2, Informative
Well, many smart cards (all?) have a microprocessor inside running their own firmware. They are powered by the reading machine though.
Re:Java based???
by
c_oflynn
·
· Score: 5, Informative
There are many types of smartcards.
Some are the memory only type, where the card just has some sort of (normally secured) memory on it.
Then there are also the microcontroller cards. These cards have memory and a microcontroller built into them. You can write a program on it to do something, however you don't exactly have a lot of I/O lines or anything (just a communications link actually).
Most of the microcontroller smartcards have built-in encryption and decryption as well.
Java is pretty popular for programming smartcards, but they even have BASIC for smartcards.
The microcontroller only needs an external clock and power source, and will execute whatever program is on it.
Re:Java based???
by
Wesley+Felter
·
· Score: 4, Informative
Yes, Java Cards run a crippled, stripped-down, bastardized Java VM. There are also traditional smart cards that only do crypto and data storage, and then there are fake smart cards that hold data but can't do any processing.
Re:Java based???
by
philfr
·
· Score: 5, Informative
Memory cards only contain data, some parts read-only, some parts read-write, and some parts write once. They have been used since a long time for prepaid public phone cards or access control.
Smart cards also contain a CPU, sometimes highly optimized for e.g. RSA encryption, and their data is available through a file system abstraction. Smart card suppliers call this an operating system... Multiple applications can run on these smart cards, which means you could theoretically have only one card for your ID card, your electronic purse and various loyalty cards (if your are not too worried about security/privacy issues in case of breaking into such a chip).
Memory cards are also called synchronous cards and smart cards asynchronous cards. That's because of the nature of the serial protocol they use to communicate with the device that reads them. Smart cards have a real UART embedded, and implement one of two protocols (T0 and T1) defined in ISO 7816, the second of which is fairly complex and allows to multiplex communication between multiple applications running in the card reader and their peer inside the smart card.
JavaCards embed a "JVM", but a very limited one: you can't just open a network connection or dynamically load a class. Sun specifies the precise subset of Java that corresponds to a JavaCard profile. But, yes, they run Java "cardplets"...
Fundamental Flaws
by
Anonymous Coward
·
· Score: 5, Informative
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the.be gov already uses much outsourced security for its own communications!
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the.be gov!
Do I they want the US gov to be able to screw around with any.be citizen's identity? It would seem to be so..
Please forgive me for using AC for once, one would get paranoid for a low less...
Re:What does java actuall add to an id card?
by
philfr
·
· Score: 5, Informative
The ID cards are able to prove your identity. For this, they embed a private key, and calculate a signature themselves on data that is sent to them.
If they only gave this private key to the device that asked for it, they would be easy to duplicate.
Of course, you don't need Java for this, but you need a smart card with a CPU inside, and you need to develop the application that runs on that CPU.
The choice of a chipcard determines the SDK to be used for it. One of them is JavaCard...
There are all sorts of ways to secure identity. Most good smartcard rollouts specify an interaction protocol, and the data required, and let the individual implementors come up with something to please people.
Most people don't know just how much damage you can do with just someone's phone bill, and that's usually much easier to steal than their birth certificate.
The point is that there are many, many areas of poor security. Expecting a smartcard (which can be de-activated under many systems, unlike a phone bill or a birth certificate) to have a level of security as good as, or better than, a safe enclosed in concrete and buried in the Marianas Trench is a bit much.
Yes, that was hyperbole.
The thing is that most people tend to freak out whenever we put something security-related on a digital medium. Chill out.
If you do it correctly, you can have the cards not contain any information beyond keys used to access and prove identity. Those keys can be changed. Quickly (again, barring incompetence, which your example of biometrics does as well - if you have an incompetent bioreader, you will be locked out of your card. Bioreaders are much more complex than, say, a 4-key pad).
Security should be leveled. No one layer is enough. The basic security model of a good smartcard system goes something like:
You have to have the card.
You have to know something to use the card.
Even if you could somehow get to the information on the inside of the card, it wouldn't do you any good after time t.
You could optionally enhance this out to include:
You have to have the card.
You have to have something that's only with you to use the card (your face, your eye, your thumb).
You have to have a prior arrangement regarding your card and the specific place you are going to.
Your card, and your information to get to use the card has to match up with the information on file with the specific place you are going to.
You have to know something to use the card.
Even if you did have all of that, the keys on the card are automatically deactivated every t hours (24, 48, 72, 168, optionally with grace period).
As you can see, the level of security can quickly be ramped up to "insane."
Optionally, you could set a "policy identifier" that is part of the request sent to the smart card by the reader that states what meatspace authentication protocols were used. You could set your card to refuse anything that did not include certain checks.
This is mostly a "polite" check, and by no means should deactivate the other parts of authentication. It's just to give the places you do business with a list of the things they should do. Sure, the business could lie about it. The only thing that would get them, though, would be permission to interface with the security methods on your card.
As an idea of what could be done with this: you could have your smartcard set to have two keys. Depending upon the policy identifier, it would cause the smartcard to use either your low security key, or your high security key. The information you attach to each one could be different (two credit card numbers, one with a $200 limit, one with a $20,000 limit. Electronic cash, one with $20, one with $2,000).
Anyway, just something to think about: don't concentrate so much on one layer of security, like biometrics. It can be fooled. The difficulty of fooling one authentication mechanism goes up linearly. The difficulty of fooling combined authentication goes up exponentially (consider: you know your boss's passcharacter, but could you: get his card, look like him, look like him enough to fool people at the place he normally shops at while they're looking at a picture of him on their monitor, do it all before that night and before he notices? Oh, and self-employed people can't compete in this test.;-)
Re:Why is national id cards / numbers bad ?
by
Simon+Lyngshede
·
· Score: 2, Informative
First of all, racial integration is just as much a problem in Denmark as anywhere else.
Regarding your 3 points. 1. No one can ask for you id based on race and really it wouldn't tell them anything. Currently is just tells people that you're entitled to free medical care and stuff like that. You can not be arrested for not having one. 2. Non-nationals has no need for a national id for another country, why would they? Same goes for asylum seekers, they however will get one if granted asylum. 3. Danish ids are useless for anyone but the owner. They in themself doesn't identify you. They simply contain your name, part of you adresse and you social security number (I check with a card reader). No one can use my id card to gain access to my bank account, only to get information which is publicly available anyway. Just a handy way of locating me in a database. Databases containing personal information is stricly regulated by the way. Cross reference is VERY illegal, even for government institutions.
Personally Im more worried about losing the keys to my apartment than my social security card.
Re:HOLY CRAP!!!
by
jawtheshark
·
· Score: 2, Informative
They are standardized all over the European Union. They all look the same. Well, I've seen my brothers one (which is not Belgian anymore, I still am), and it is *exactly* the same. Oh, minor differences like language and stuff like that, but it's essentially the same.
-- Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
Easy, your id no can be used to access your registration with the tax authority (Finanzamt). In Germany, you pay tax to the church that you belong to (Can I put 'Open Source' as my religion) which is collected by the tax authority to benefit the church. Incidentally, this is the Scientologists beef, they aren't recognised to be ablt to do this.
It means that although the id card doesn't carry religion, it is relatively easy to determine this from the files and possible for a possible future government to overstamp the id.
Slashdot Mirror
Lets hope that a kid with a glitcher cannot reprogram these cards and steal identites like stealing satellite tv from Direct TV.
~~Some people never go crazy what truly horrible lives they must lead.~~ Charles Bukowski
Well, there's ways to fool retina scans IIRC. Bruce Schneider talked about one method a while back...
neurostarThat being said, the Java card isn't running a Java VM. I thought it was technology acquired and put under the same Java brand, but it isn't exactly Java though.
Java sucks. Slow junk. Ugly. You can always tell a Java app from another. Pathetic.
Hey, when you get down from your soap box, you might want to investigate Java as of the last...oh... 2+ years. It's not slow. It's not ugly. Get with the program.
For you information:
belgium allready has non-digital ID cards, which are obligatory to every citizen. You are even obligated to carry them around at any time and CAN be asked to show them to police if they have "reason" to suspect you of something.
You could have a look at mine, for example...
http://studwww.rug.ac.be/~bdejong/id.jpg
The most beautiful woman in the world, audrey hepburn, was born in Belgium, iirc.
"Orthodoxy means not thinking--not needing to think. Orthodoxy is unconsciousness." --Eric Blair
Well, many smart cards (all?) have a microprocessor inside running their own firmware. They are powered by the reading machine though.
There are many types of smartcards.
Some are the memory only type, where the card just has some sort of (normally secured) memory on it.
Then there are also the microcontroller cards. These cards have memory and a microcontroller built into them. You can write a program on it to do something, however you don't exactly have a lot of I/O lines or anything (just a communications link actually).
Most of the microcontroller smartcards have built-in encryption and decryption as well.
Java is pretty popular for programming smartcards, but they even have BASIC for smartcards.
The microcontroller only needs an external clock and power source, and will execute whatever program is on it.
Yes, Java Cards run a crippled, stripped-down, bastardized Java VM. There are also traditional smart cards that only do crypto and data storage, and then there are fake smart cards that hold data but can't do any processing.
Memory cards only contain data, some parts read-only, some parts read-write, and some parts write once. They have been used since a long time for prepaid public phone cards or access control.
Smart cards also contain a CPU, sometimes highly optimized for e.g. RSA encryption, and their data is available through a file system abstraction. Smart card suppliers call this an operating system...
Multiple applications can run on these smart cards, which means you could theoretically have only one card for your ID card, your electronic purse and various loyalty cards (if your are not too worried about security/privacy issues in case of breaking into such a chip).
Memory cards are also called synchronous cards and smart cards asynchronous cards. That's because of the nature of the serial protocol they use to communicate with the device that reads them.
Smart cards have a real UART embedded, and implement one of two protocols (T0 and T1) defined in ISO 7816, the second of which is fairly complex and allows to multiplex communication between multiple applications running in the card reader and their peer inside the smart card.
JavaCards embed a "JVM", but a very limited one: you can't just open a network connection or dynamically load a class. Sun specifies the precise subset of Java that corresponds to a JavaCard profile. But, yes, they run Java "cardplets"...
I was at an E-Gov day some months ago, where this was presented and discussed. (Vince Rijmen, of AES fame was there talking about how they solved the problems associated with e-voting). Some of the comments really scared me:
.be gov already uses much outsourced security for its own communications!
.be gov!
.be citizen's identity? It would seem to be so..
1) The keypairs on the card will be pre-generated when the citizen receives the card. IMHO a private key that has been in someone else's hands/machine is totally useless. This of course allows for involutary escrow..
2) The Belgian Federal Gov representative (Peter Strickx, ex-Sun, by total coincidence) plainly declared they do not want to have the necessary expertise in-house, but wants to outsource the whole thing (to Sun and ZETES, it now seems)
So this will put our identities (and the authentication/non-repudiation/existence of some very important personal documents) at the mercy of a couple of *private companies*, one of them American, no less, at a time when the US is governed by a madman, that gets away with secret military tribunals and illegal warmongering..
Some of the excuses, when I asked about this were that the
I say this is unacceptable and an enormous security blunder. Verisign, a US company, could issue some revocations, and thereby completely stop the flow of information inside the
Do I they want the US gov to be able to screw around with any
Please forgive me for using AC for once, one would get paranoid for a low less...
The ID cards are able to prove your identity. For this, they embed a private key, and calculate a signature themselves on data that is sent to them.
If they only gave this private key to the device that asked for it, they would be easy to duplicate.
Of course, you don't need Java for this, but you need a smart card with a CPU inside, and you need to develop the application that runs on that CPU.
The choice of a chipcard determines the SDK to be used for it. One of them is JavaCard...
There are all sorts of ways to secure identity. Most good smartcard rollouts specify an interaction protocol, and the data required, and let the individual implementors come up with something to please people.
Most people don't know just how much damage you can do with just someone's phone bill, and that's usually much easier to steal than their birth certificate.
The point is that there are many, many areas of poor security. Expecting a smartcard (which can be de-activated under many systems, unlike a phone bill or a birth certificate) to have a level of security as good as, or better than, a safe enclosed in concrete and buried in the Marianas Trench is a bit much.
Yes, that was hyperbole.
The thing is that most people tend to freak out whenever we put something security-related on a digital medium. Chill out.
If you do it correctly, you can have the cards not contain any information beyond keys used to access and prove identity. Those keys can be changed. Quickly (again, barring incompetence, which your example of biometrics does as well - if you have an incompetent bioreader, you will be locked out of your card. Bioreaders are much more complex than, say, a 4-key pad).
Security should be leveled. No one layer is enough. The basic security model of a good smartcard system goes something like:
You could optionally enhance this out to include:
As you can see, the level of security can quickly be ramped up to "insane."
Optionally, you could set a "policy identifier" that is part of the request sent to the smart card by the reader that states what meatspace authentication protocols were used. You could set your card to refuse anything that did not include certain checks.
This is mostly a "polite" check, and by no means should deactivate the other parts of authentication. It's just to give the places you do business with a list of the things they should do. Sure, the business could lie about it. The only thing that would get them, though, would be permission to interface with the security methods on your card.
As an idea of what could be done with this: you could have your smartcard set to have two keys. Depending upon the policy identifier, it would cause the smartcard to use either your low security key, or your high security key. The information you attach to each one could be different (two credit card numbers, one with a $200 limit, one with a $20,000 limit. Electronic cash, one with $20, one with $2,000).
Anyway, just something to think about: don't concentrate so much on one layer of security, like biometrics. It can be fooled. The difficulty of fooling one authentication mechanism goes up linearly. The difficulty of fooling combined authentication goes up exponentially (consider: you know your boss's passcharacter, but could you: get his card, look like him, look like him enough to fool people at the place he normally shops at while they're looking at a picture of him on their monitor, do it all before that night and before he notices? Oh, and self-employed people can't compete in this test. ;-)
First of all, racial integration is just as much a problem in Denmark as anywhere else.
Regarding your 3 points.
1. No one can ask for you id based on race and really it wouldn't tell them anything. Currently is just tells people that you're entitled to free medical care and stuff like that. You can not be arrested for not having one.
2. Non-nationals has no need for a national id for another country, why would they? Same goes for asylum seekers, they however will get one if granted asylum.
3. Danish ids are useless for anyone but the owner. They in themself doesn't identify you. They simply contain your name, part of you adresse and you social security number (I check with a card reader). No one can use my id card to gain access to my bank account, only to get information which is publicly available anyway. Just a handy way of locating me in a database. Databases containing personal information is stricly regulated by the way. Cross reference is VERY illegal, even for government institutions.
Personally Im more worried about losing the keys to my apartment than my social security card.
They are standardized all over the European Union. They all look the same. Well, I've seen my brothers one (which is not Belgian anymore, I still am), and it is *exactly* the same. Oh, minor differences like language and stuff like that, but it's essentially the same.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
It means that although the id card doesn't carry religion, it is relatively easy to determine this from the files and possible for a possible future government to overstamp the id.