International Conference on Instrumentation, Measurement, Circuits and Systems (ICIMCS 2011)
30 Secure Smartcard Interoperability: The Interleaving Command Sequence Problem
Download citation file:
- Ris (Zotero)
- Reference Manager
Smartcards are becoming increasingly popular in many countries and are deployed, for example, as credit cards, health cards and electronic identification documents. With these devices users control highly sensitive information and may perform security tasks such as electronic authentication and digital signature. As the importance and world-wide spread of smartcards increases, the interoperability of these devices becomes more important along with their security in environments where smartcards from different manufacturers and issuers are used at the same time. In this work we focus on the interoperability of smartcards in digital signature processes. Standard certification criteria, in particular the Common Criteria, define the security requirements; however, Common Criteria certification does not address the problem of secure smartcard interoperability. Here we consider the interoperability problem which arises when various applications interact with different smartcards through a middleware. In such a situation it is possible that a smartcard of type S receives commands that were supposed to be executed on a different smartcard of type S′. Such “external commands” can interleave with the commands that were supposed to be executed on S. Here we experimentally demonstrate this problem with a Common Criteria certified digital signature process on a commercially available smartcard. Importantly, in some of these cases the digital signature processes terminate without generating an error message or warning to the user.