Project leader: dr. Jerry den Hartog, TUe (1 September 2005 till 1 December 2009)
PINPAS-JC focuses on the security of JavaCard chip cards. A chip card is a physically protected mini-computer, usually embedded in a plastic card, which can run relatively simple programs. They are found for example in bank cards, SIM cards in mobile phones, or in passports. This project is investigating the security of these new JavaCard chip cards against the most well-known and successful class of attack, the so-called side channel attacks, such as electrical and electromagnetic analyses and error-introducing attacks.
Within the project it was examined how a JavaCard can be hacked. An extensive tool was designed to test the firewall of this type of card. This tool is available on the web via a Technology Foundation STW licence. It was also investigated how malicious codes can break into the cards and how effective the current security methods for these cards are.
Partner Riscure has paid for a follow-up study into chip cards at Eindhoven University of Technology by seconding personnel and making equipment and software available. A PhD student from the project is now employed by Riscure where she is working further on this subject. The Nijmegen group carried out several months of contract research for the Ministry of the Interior and Kingdom Relations into the security of Dutch electronic passports. The Dutch Road Transport Directorate has also asked the group to help in developing a prototype for a new electronic driving licence and to investigate the interaction of this driving licence with DigID. In addition to this the group is working in the ov-chip 2.0 project, funded by Stichting NLNet and Trans Link, on a prototype of a privacy friendly public transport card. With PwC and Collis the group is working on the security of electronic passports for the EU Agency Frontex.
Universities and partners involved