epassport inspection: The Need for Speed

Ever since the EU mandated the introduction of biometric ePassports containing fingerprints there has been a flurry of technology development and innovation to make biometric ePassports a reality. Much of this played out behind the scenes, but now electronic passports are slowly working their way towards the forefront of the public consciousness since they are sufficiently widespread for researchers and journalists to play with. There have already been a number of security scare stories where

Read more

The Trusted Platform Module Explained

Introducing the TPM

The Trusted Platform Module (TPM) is a special purpose microcontroller designed by the Trusted Computing Group, which interfaces with a standard hardware/software platform in order to allow it to be secured to serve the interests of just one party - the system designer.

The current generation of TPMs (version 1.2) are stand-alone chips which are usually surface mounted onto the motherboard of a PC, or integrated into a custom

Read more

Issuing MULTOS Cards

MULTOS cards are being deployed in steadily increasing numbers and Cryptomathic is delighted to be involved in MULTOS projects across the globe.

MULTOS is a high-security card platform and issuing model in which the "personalization" of cards with the cardholders' data is done in one single logical step before reaching the actual personalization machines. This is quite the opposite to the standard method of personalizing native cards where the data is sent to the cards, element by

Read more

Authenticated Encryption

A New Cryptographic Primitive?

By far the oldest and perhaps also the best-known goal of cryptographic methods is the protection of secrecy, or confidentiality, of data. This goal is achieved by employing encryption techniques. Decryption can only be performed by someone possessing the right decryption key.

Of far greater relevance in most commercial applications is the protection of the correctness, or authenticity, of data. This goal is achieved by means of digital signatures,

Read more

Digital Rights Management Protection

In 2004, Intel, Nokia, Panasonic, and Samsung among others announced plans for a licensing and compliance framework called Content Management License Administrator (CMLA) (see www.cm-la.com). This body was formed to address necessary business concerns and enable rapid delivery of high-quality digital content to mobile handsets and other devices that deploy Open Mobile Alliance (OMA).

CMLA's goal is to provide vendors and service providers with clear

Read more

3rd Party TSM Management of SIM Cards

Trusted Service Manager (TSM) is a relatively new role required in a mobile Near Field Communication (NFC) ecosystem. The core services a Trusted Service Manager offers, are the secure management and provisioning of the applications issued by service providers, such as banks, transport / ticketing authorities, merchants, or other application issuers. Provisioning performed over the air (OTA) includes, for example, the download, installation, personalization and life-cycle management of th

Read more