Technical glossary
A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - R - S - T - U - V - W - X - Y - Z
A
AES (Advanced Encryption
Standard)
A secret-key encryption
algorithm.
Algorithm
A mathematical routine used
to perform computations (often used for cryptography).
Analog
Information presented in the
form of a continuously varying signal.
Anti-collision (or
collision avoidance)
A feature commonly used in
contactless card systems to prevent conflicts between different signals
competing for attention at the same time.
APDU (Application
Protocol Data Unit)
The basic command unit for a
smart card. An APDU contains either a command message or a response message,
sent from the interface device to the smart card or from the card to the
device. See ISO 7816-3 for more information.
API (Application Programming Interface) A definition of calling conventions through which an application program accesses to other services such as the operating system, drivers, databases, or middleware layers.
Applet
A compact program that can be
downloaded quickly and used by a remote computing device. Applets are not
allowed to access certain resources on the remote device.
ASIC
(Application-Specific Integrated Circuit)
A chip that has been customer
designed.
Asynchronous start-stop
Asynchronous start-stop describes an asynchronous transmission protocol
in which a start signal is sent prior to each code symbol and a stop signal
is sent after each code symbol.
The start signal prepares the receiving mechanism for the reception
and registration of a symbol and the stop signal brings the receiving
mechanism to rest in preparation for the reception of the next symbol.
A common kind of start-stop transmission is ASCII over RS-232, for example to use in teletypewriter operation
ATR (Answer To Reset)
A message that is returned by
a smart card when it is powered up or when its reset pin is activated. The
ATR indicates the card type, communication protocol and other basic
information.
Authentication
The process whereby a card,
terminal or person proves who they are. A fundamental part of many
cryptography systems.
External Authentication.
The procedure used to
authenticate the external world (e.g., terminal) to the card.
Internal Authentication.
The procedure used to prove
that the card is genuine using an algorithm, a random value and a
secret key. The authentication process can be further distinguished
between passive authentication in which the same values are used each time
(e.g., PIN) and active authentication in which an algorithm and variable
values are used.
B
Bandwidth
The amount of data that can
be sent through a connection. Usually measured in bps.
Baud
A unit of signaling speed.
The speed in baud is the number of discrete conditions or signal elements
per second. It is now largely obsolete and has been replaced by "bits per
second" (bps).
Biometrics
Identification and
authentication techniques based on the physical characteristics of a person
such as fingerprints, hand geometry, retina scan or voice print.
Bit
A bit refers to a digit in the binary numeral system (base 2).
For example, the number 10010111 is 8 bits long.
Bluetooth
A technology that allows an
array of devices to communicate over short-distance wireless connections.
This technology applies to PCs on a local area network as well as cell
phones, personal digital assistants and even wristwatches.
Bps (Bits-Per-Second)
Data transmission speed, the
number of pieces of information transmitted per second.
Byte
A byte is commonly used as a unit of storage measurement in computers,
regardless of the type of data being stored.
The eight-bit byte is often called an octet in formal contexts such as industry standards
C
CA (Certification
Authority)
The organization that issues
certificates and takes liability associated with the validity of the
holder's identity. Often financial and institutional organizations.
Certificate
A file, digitally signed by a
Certification Authority. There are many different types of certificates (the
most common being X 509 V3).
Checksum
(also called Hash) A count of
the number of bits in a transmission unit so that the recipient can make sure the correct number of bits arrived and that the message is intact.
CMOS (Complementary-symetry/metal-oxide semiconductor )
Two important characteristics of CMOS devices are high noise immunity and low static power supply drain.
Significant power is only drawn when its transistors are switching between on and off states; consequently, CMOS devices do not produce as much heat as other forms of logic such as TTL.
CMOS also allows a high density of logic functions on a chip.
Compiler
A compiler is a computer program (or set of programs) that translates text written
in a computer language (the source language) into another computer language (the target language)..
Confidentiality
Guarantee that a message will
be legible to no-one other than the intended recipient. Confidentiality is
an essential part of cryptography systems.
Contact Smart Card
A smart card that operates by
physical contact between the reader and the smart card's different contacts
(in comparison to Contactless smart cards).
Contactless Smart Card
A smart card with a module
that communicates by means of a radio frequency signal. There is no need of
physical contact between the card and a reader (in comparison to Contact
smart cards).
Coupler
An electronic system used to
read the smart card. It is the basis of a reader. Designed to be integrated
in a machine (e.g., gaming machine, gas meter...).
CPU (Central processing unit)
A central processing unit (CPU), or sometimes simply processor,
is the component in a digital computer that interprets instructions and processes data contained in computer programs.
CRC (Cyclic Redundancy
Check)
A popular mean of ensuring
transmissions have not been garbled.
CryptoAPI (Cryptographic
Application Programming Interface)
A Microsoft API that offers
system-level access to common cryptographic functions.
Cryptography
The science of ensuring that
messages are secure. Cryptographic systems are based on the concepts of
authentication, integrity, confidentiality and non-repudiation.
D
DB-9
DB-9 is a common misnomer for the DE-9. (A true DB-9 connector would have 9 pins in a connector the shape and size of a DB-25.)
DES (Data Encryption
Standard)
The most widely used secret
key encryption algorithm (orginally developed by IBM in 1977). A
strengthened version of DES called triple DES (or 3DES) is commonly used in
bank cards.
DESFire
The MIFARE DESFire is a special release of Philips SmartMX platform.
It is sold already programmed with a general purpose software (the DESFire operating system) that offers more or less the same functions as MIFARE Standard (4kB data storage split into 16 areas) but with higher flexibility, stronger security, and faster T=CL communication.
DF (Dedicated File)
Memory organization for
microprocessor cards: A DF is a logical entity that holds a number of
elementary files (EF). In multi-purpose cards each DF will normally
correspond to a distinct application.
Digital
Said of systems whose
information is represented in binary form. Compares to Analog.
Digital Signature
(not to be confused with a
digital certificate) An electronic signature created using a public-key
algorithm. A digital signature can be used by the recipient to authenticate
the identity of the sender and to ensure the integrity of the message.
Dual Slot
Said of a smart card reader
than can accommodate two cards simultaneously (often one for the end-user
and one to identify an authorized professional).
E
e-Purse or e-Wallet
A small portable device that
contains electronic money. e-wallets are generally used for low-dollar
transactions.
ECC (Elliptic Curve
Cryptosystem)
A public-key system that uses
a mathematical approach called the elliptic curve problem.
EEPROM (Electrically
Erasable Programmable Read-Only Memory)
Special non-volatile memory
whose content can be erased and new data can be reloaded electrically. In
smart cards EEPROM is typically used for application data and for certain
filtered functions.
EF (Elementary File)
Memory organization for
microprocessor cards: The smallest logical entity that can be secured in the
operating system. File containing data.
EMV (Europay - Mastercard
- Visa)
Set of specifications
defining the main structures for an international debit/credit smart card.
Encryption
A cryptographic procedure
whereby a legible message is encrypted and made illegible to all but the
holder of the appropriate cryptographic key.
F
Firewall
An application or a dedicated
computer that protects the resources of one network from users on other
networks.
Firmware
Low-level software that is
similar to hardware features. This software operates by exchanging commands
directly with an external device or with a specific software loaded in the
product.
Flash Memory
A non-volatile memory device
that can be reprogrammed more quickly than EEPROM.
Footprint
(also Memory Footprint) The
amount of space taken up by the operating system, an application or data in
the memory of a smart card.
FRAM (Ferroelectric RAM)
(also called Fe-RAM) A
non-volatile memory technology (i.e., it does not lose its data if the power
is shut off). FRAM can read data thousands of times faster at far lower
voltage than other non-volatile memory devices.
G
Glue Logic
In electronics, glue logic refers to the custom electronic circuitry
needed to ensure compatibility for interfacing off-the-shelf semiconductor components
GPRS (General Packet Radio Service)
A packet-based 2.5G (in
comparison to 3G) telecommunication technology. GPRS supports exchange rates
up to 114 Kbps, allowing wireless Internet and other multimedia services.
GSM (Global System for
Mobile Communications)
A European standard for
digital cellular telephones that has now been widely adopted throughout the
world. Under the ETSI standard, GSM telephones contain a SIM smart card that identifies the individual subscriber.
H
Hardwired
Said of electronic circuits
that perform fixed logical operations, rather than a stored program.
Hash (also called Checksum) A count of the number of bits in a transmission unit so that the recipient can make sure the correct number of bits arrived and that the message is intact.
I
IC (Integrated circuit)
A set of electronic circuits
implemented on a piece of semiconductor material. Common ICs include
microprocessors and memory chips. Synonym: Chip
Integrity
Guarantee that a data (or
code) has not been modified in transit. Integrity is an essential role of
cryptography systems.
Interoperability
The ability of products
manufactured by different companies to operate correctly with one another.
I2C
I²C is a serial computer bus invented by Philips that is used to attach low-speed
peripherals to a motherboard, embedded system, or cellphone.
The name is an abbreviation for Inter-Integrated Circuit.
I²C uses only two bidirectional open-collector lines, serial data (SDA) and serial clock (SCL),
pulled up with resistors
ISO 7816
ISO 7816 is an international standard related to electronic identification cards,
especially smart cards, managed jointly by the International Organization for Standardization (ISO)
and the International Electrotechnical Commission (IEC). It is an extension of ISO 7810.
ISO 7816-1: Physical characteristics
ISO 7816-2: Cards with contacts - Dimensions and location of the contacts
ISO 7816-3: Electrical characteristics and class indication for integrated circuit(s) cards operating at 5V, 3V and 1.8V
ISO 7816-4: Organization, security and commands for interchange
ISO 14443
ISO/IEC 14443 is a four-part international standard for Contactless Smart Cards operating
at 13.56 MHz in close proximity with a reader antenna. Proximity Integrated Circuit Cards (PICC)
are intended to operate within approximately 10cm of the reader antenna.
ISO 14443-1
defines the size and physical characteristics of the
card. It also lists several environmental stresses that the card must be capable of
withstanding without causing permanent damage to the functionality. These tests are intended
to be performed at the card level and are dependant on the construction of the card
and on the antenna design; most of the requirements cannot be readily translated to
the die level. The operating temperature range of the card is specified in Part 1 as an
ambient temperature range of 0°C to 50°C.
ISO 14443-2
defines the RF power and signal interface. Two
signaling schemes, Type A and Type B, are defined in part 2. Both communication
schemes are half duplex with a 106 kbit per second data rate in each direction. Data
transmitted by the card is load modulated with a 847.5 kHz subcarrier. The card is
powered by the RF field and no battery is required.
ISO 14443-3
defines the initialization and anticollision protocols
for Type A and Type B. The anticollision commands, responses, data frame, and
timing are defined in Part 3. The initialization and anticollision scheme is designed to
permit the construction of multi-protocol readers capable of communication with both
Type A and Type B cards. Both card types wait silently in the field for a polling
command. A multi-protocol reader would poll one type of card, complete any
transactions with cards responding, and then poll for the other type of card and
transact with them.
ISO 14443-4
defines the high-level data transmission protocols
for Type A and Type B. The protocols described in Part 4 are optional elements of the
ISO/IEC 14443 standard; proximity cards may be designed with or without support for
Part 4 protocols. The PICC reports to the reader if it supports the Part 4 commands in
the response to the polling command (as defined in Part 3).
The protocol defined in Part 4 is also capable of transferring application protocol data
units as defined in ISO/IEC 7816-4 and of application selection as defined in ISO/IEC
7816-5. Note that ISO/IEC 7816 is a Contacted Integrated Circuit Card standard.
ISO 15693
ISO 15693 systems operate at the 13.56 MHz frequency, and offer maximum read distance of 1-1.5 metres
Link : Icode
ITU (International
Telecommunications Union)
Successor to CCITT. The
international agency in charge of telecommunications coordination between
nations.
J
Java
A network-oriented
programming language invented by Sun Microsystems. Java was specifically
designed so that programs could be safely downloaded to remote devices
(e.g., Web pages, smart cards, etc.).
Java Card
A set of specifications for
running a subset of Java on a smart card.
Jini
A distributed computing
framework introduced by Sun Microsystems. Jini is an extension of the Java
application environment.
JVM (Java Virtual
Machine)
An essential element of the
Java programming language. The JVM is an abstract computing machine with its
own instruction set and memory. A JVM is included in each release of Java
(J2ME, J2SE and J2EE).
K
Key
A value that is used with a
cryptographic algorithm to encrypt (or sign) data. The longer the key, the
more secure the encryption.
L
LAN (Local Area Network)
A geographically limited
network (generally within a building or small group of buildings) that is
managed and owned by a single company.
Lifecyle
The time between the issuance
of a smart card and its cancellation or expiration.
Linux
An Open Source operating
system that is derived from UNIX.
M
Mapping
(also called memory map) A
functional representation of the different blocks in the memory of a chip.
Masked
Said of data or functions
that are permanently loaded into the chip on the smart card.
Memory Card
A smart card containing a
memory chip with read / write capability and in some cases hardwired
security functions (some people do not consider memory cards as smart
cards).
MCU (Micro Controller Unit)
Micro Controller Unit - the CPU that runs your embedded system.
MF (Master File)
Memory organization for
microprocessor cards: This file is unique and obligatory. It has its own
security attributes and may contain DFs and/or EFs.
MIFARE
The MIFARE technology is based upon the ISO 14443 Type A 13.56 MHz
contactless smart card standard.
The technology is owned by Philips Austria GmbH.
Link : www.mifare.net
Module
(also called micromodule) The
unit formed of a chip and a contact plate, with fine connecting wires, that
is encapsulated in a drop of epoxy resin. The module is embedded in a cavity
in the card body.
Multi-application
Said of a smart card that can
accommodate more than one application while maintaining separate security
conditions.
MultOS
A smart card opened operating
system developed by MAOSCO, notably for financial transactions.
N
Non-Repudiation
Guarantee that a sender
cannot falsely deny having sent a message. Non-repudiation is an essential
role of cryptography systems.
Non-Volatile Memory
Said of memory chips that do
not lose their contents when the power is switched off.
O
OCF (OpenCard Framework)
The framework that provides
programmers with an interface for the development of smart card applications
in Java.
Off-Line
A transaction during which no
direct connection is made to a central computer facility.
On-Line
A transaction during which a
direct connection is made to a central computer facility (usually via the
public telephone network, computer networks, or the Internet).
Open Drain
Open-drain refers to the drain terminal of a MOSFET transistor.
When a device is in the high-impedance state, the pull-up resistor keeps the line at logic 1.
The line stays there until the device goes into the logic 0 state, and begins to sink current
OS (Operating System)
A smart card OS ensures
secure access to data as well as file management functions, much like the
operating systems on a personal computer.
OSI (Open Systems
Interconnection)
A model that was proposed by
the ISO for communications. OSI uses a modular approach, dividing different
functions into seven distinct layers.
P
Padding
One or more bits appended to
a message in order to ensure that it contains the required number of bits or
bytes.
PC Card
Standard
architecture-independent extension device. These cards are typically used in
laptop computers (formerly called PCMCIA).
PICC (Proximity Integrated Circuit Card)
A card
PCD (Proximity Coupling Device)
A reader
PCMCIA (Personal Computer
Memory Card International Association)
A standard
architecture-independent extension device typically used in laptop
computers.
Personalization
Process during which a smart
card is modified to contain the information for one person. Graphical
personalization modifies the visual aspect of the card (holder's name,
photograph). Electrical personalization modifies the information in
the card's chip.
PIN (Personal
Identification Number)
The number or code that a
cardholder must type in to confirm that he or she is the genuine cardholder.
PKCS (Public-Key
Cryptography Standards)
RSA Encryption Standard
PKI (Public Key
Infrastructure)
The software and/or hardware
components necessary to manage and enable the effective use of public key
encryption technology, particularly on a large scale.
Plug-In Card
Compact format for SIM cards.
POS (Point Of Sale)
Terminal
POS terminals (in comparison
to central terminal) that are handheld or desktop devices that can conduct
transactions with smart or mag-stripe cards.
Pre-Paid Card
A card permitting the holder
to buy goods or services usually of a particular type up to the pre-paid
value. Some pre-paid cards are reloadable, others are not.
Protocol
(1) On the Internet, a set of
rules and procedures defining the intercommunications between various
network elements. (2) A set of rules and procedures governing interchange of
information between a smart card and a reader. The ISO defines several
protocols, including T=0, T=1 and T=14.
Public Key
A cryptographic system that
uses two different keys (public and private) for encrypting and signing
data. The most well-know public key algorithm is RSA.
R
RAM (Random Access
Memory)
A volatile memory that is
used as a scratchpad by the microprocessor in a smart card.
RFID (Radio Frequency Identification )
Radio Frequency Identification (RFID) is an automatic identification method,
relying on storing and remotely retrieving data using devices called RFID tags or transponders.
An RFID tag is an object that can be attached to or incorporated into a product,
animal, or person for the purpose of identification using radio waves.
Chip-based RFID tags contain silicon chips and antennas.
Passive tags require no internal power source, whereas active tags require a power source
RSA (Rivest-Shamir-Adleman)
The most widely used public
key encryption algorithm, named after its creators.
RS-232
RS-232 is a standard for serial binary data interconnection between
a DTE (Data terminal equipment) and a DCE (Data communication equipment).
It is commonly used in computer serial ports.
The RS-232 standard defines the voltage ±12 V levels that correspond to logical one and logical zero levels.
RS-485
RS-485 is an OSI Model physical layer electrical specification of a two-wire, half-duplex, multipoint serial connection.
The standard specifies a differential form of signalling.
S
SAM (Security Access
Module)
A dedicated microprocessor
unit that conducts active authentication with a memory or microprocessor
card.
SD (Secure Digital)
Secure Digital is a flash memory (non-volatile) memory card format
used in portable devices, including digital cameras and handheld computers.
SDIO (Secure Digital Input Output)
Devices that support SDIO (typically PDAs or cell phones) can use small devices
designed for the SD form factor, like GPS receivers.
SDK (Software Development
Kit)
A set of development
utilities meant for writing software applications, usually associated with
specific environments.
Secret Key
A cryptographic system that
uses a single key for encrypting and signing data.
Session
Period of time between two
card resets, or between power up and a power down.
SHA-1 (Secure Hash
Algorithm 1)
A hash algorithm developed by
the National Institute of Standards and Technology and the National Security
Agency.
Signed Applets
An applet that incorporates a
digital signature to prove that it came from a particular trusted author.
SIM (Subscriber
Identification Module)
A smart card for GSM systems
holding the subscriber's ID number, security information and memory for a
personal directory of numbers thus allowing him to call from any GSM device.
Smart Card
Also called IC card, chip
card or memory card (for certain types). A card formed of a plastic body
with a chip (or module) embedded in a special cavity.
T
Terminal
Any device that can
communicate with a smart card (e.g., reader, coupler...). Certain terminals
can operate in standalone mode, while others must be connected to a central
information system to access an application.
TTL (Transistor-Transistor Logic )
All standardized common TTL circuits operate with a 5 volt power supply.
A TTL signal is defined as "low" or L when between 0V and 0.8V with respect to the ground terminal,
and "high" or H when between 2V and 5V.
U
UART (universal asynchronous receiver/transmitter )
A universal asynchronous receiver/transmitter (usually abbreviated UART, which is pronounced "you art")
is a type of "asynchronous receiver/transmitter", a piece of computer hardware that translates
data between parallel and serial interfaces. Used for serial data telecommunication,
a UART converts bytes of data to and from serial bit streams represented as electrical
impulses similar to Morse code.
UARTs are commonly used in conjunction with other communication standards such as RS-232
UIM (User Identity
Module)
(also R-UIM for "removable"
UIM) An identity module for standards other than GSM (notably for CDMA).
USB (Universal Serial
Bus)
A standard Input/Output bus
that supports very high transmission rates. Up to 120 devices can be
daisy-chained to a USB port.
V
Virtual Machine
A standalone operating
environment that acts as a separate device (applets in a Java virtual machine
have no access to the host operating system). See also J2SE, J2EE, JVM, and
KVM.
Volatile Memory
A memory device (e.g., RAM )
that does not retain stored information when power is switched off.
VPN (Virtual Private
Network)
A system to securely deliver
corporate information over a shared public infrastructure. The remote user
session is handled through a firewall using encrypted communications.