Publication details

Zvýšení bezpečnosti běhu softwarových aplikací pomocí kryptografické čipové karty

Title in English Improving software application security using cryptographic smartcard
Authors

ŠVENDA Petr MATYÁŠ ML. Václav

Year of publication 2004
Type Article in Proceedings
Conference Sbornik Europen XXV
MU Faculty or unit

Faculty of Informatics

Citation
web http://www.fi.muni.cz/~xsvenda/docs/SecureFW_europen2004.pdf
Field Informatics
Keywords smartcard; software agent; JavaCard; cryptographic protocol;
Description Software applications executed in current common PC environments are not protected before skilled attackers able to use debuggers or disassemblers. We describe practical implemented system (SecureFW) to improving security of software application (e.g. software agent) using programmable cryptographic smartcards with support for JavaCard, combined with methods of a mobile cryptography. SecureFW framework provides background to shift sensitive code and data of software agent into physical secured environment of smartcard. Allows controlled usage restricted by rules, which can be remotely defined using XML commands. Special implementation of authentication and data exchange protocol for controlled usage is designed, which provides protection to authentization information on software agent's side and improves integrity protection of software agent execution. WhiteBox attack resistant implementation of AES algorithm is employed and some new additions are proposed to enabling cohesion with software agent code in a manner of mobile cryptography. Possible usages as a ground for Digital Rights Managment architecture and enchancing protection of signing key against malware is described.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info