Encryption of data in smart cards
Werner Koch
wk at gnupg.org
Tue Mar 11 16:27:07 EST 2003
On Tue, 11 Mar 2003 10:39:17 +0530, N Raghavendra said:
> Can anyone point me to sources about encryption of data in smart
> cards. What I am looking for is protocols for encrypting sensitive
> data (e.g., medical information about the card-holder), so that
Usually you don't need to encrypt data stored on a card. The files on
the card (where you store the data) are protected by ACLs or whatever
the card application provides for this. If you want to encrypt the
data on the card, you also need to store the key on it. And well, if
you are able to read out the data, you are also able to read out the
key (more or less trivial for most mass market cards).
If you fear an eavesdropper between the box generating the data and
the actual smartcard, one uses secure messaging to protect against
this. See your card's OS manual (or ISO 7816-8) on how to do it.
If your are talking about memory cards, you can use whatever protocol
you would use for encrypting files.
Salam-Shalom,
Werner
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list