Atmel 02 (2004-08)

Title: Smart card security
Research Engineer: Asier Goikoetxea Yanci
Industrial Supervision: Russ D Hobson, Atmel
Academic Supervision: Prof Tughrul Arslan and Dr Ahmet Erdogan, University of Edinburgh

Smart cards are used for a wide range of applications, such as memory cards, SIM cards, credit cards or identity cards. Most of the actual applications store sensitive data and the trend shows an increase in this type of application.

As the use of smart cards expands, new threats in the form of attacks arise. These attacks can target software or OS faults, or the communication between a smart card and a reader, the human user or the hardware.

Hardware-related attacks could be defined as intrusive or non-intrusive, and active or passive. Intrusive attacks are those that require a physical access to the hardware, whereas non-intrusive attacks do not need access to it. Active attacks are those intended to induce a temporal fault or malfunction, whereas passive ones analyse a smart card's normal behaviour.

This research will centre around two areas and will investigate:

• Methods of improving fault tolerance
• Benefits of adding new features

The fault tolerance investigation will focus on overall circuit robustness by improving resistance to attacks, detecting when attacks cause data corruption on a device and in circuit error correction methods.

The second investigation will focus on developing features which can be utilised by the OS or software to improve overall security.