[12740] in cryptography@c2.net mail archive
Re: Encryption of data in smart cards
daemon@ATHENA.MIT.EDU (Werner Koch)
Tue Mar 11 18:07:13 2003
X-Original-To: cryptography@wasabisystems.com
X-Original-To: cryptography@wasabisystems.com
To: cryptography@wasabisystems.com
From: Werner Koch <wk@gnupg.org>
Mail-Followup-To: cryptography@wasabisystems.com
Date: Tue, 11 Mar 2003 22:27:07 +0100
In-Reply-To: <20030311050917.GA7031@atc.tcs.co.in> ("N. Raghavendra"'s
message of "Tue, 11 Mar 2003 10:39:17 +0530")
On Tue, 11 Mar 2003 10:39:17 +0530, N Raghavendra said:
> Can anyone point me to sources about encryption of data in smart
> cards. What I am looking for is protocols for encrypting sensitive
> data (e.g., medical information about the card-holder), so that
Usually you don't need to encrypt data stored on a card. The files on
the card (where you store the data) are protected by ACLs or whatever
the card application provides for this. If you want to encrypt the
data on the card, you also need to store the key on it. And well, if
you are able to read out the data, you are also able to read out the
key (more or less trivial for most mass market cards).
If you fear an eavesdropper between the box generating the data and
the actual smartcard, one uses secure messaging to protect against
this. See your card's OS manual (or ISO 7816-8) on how to do it.
If your are talking about memory cards, you can use whatever protocol
you would use for encrypting files.
Salam-Shalom,
Werner
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
