Table of JavaCard hardware that is currently available:
Vendor |
Product |
RAM |
URL |
Code-Signing |
HRNG |
Maxim |
IButton DS-1957 |
200 KB |
unavailable |
no |
yes |
HID |
Crescendo |
72 KB |
? |
? |
|
Oberthur Card Systems |
ID One |
? |
? |
? |
Security issues of JavaCard in general:
- Missing code security: No Code-Signing, no code-authentication
Suggested fix: The Javacard should calculate and store a Hash of the applet when loading it. The stored hash shouldn´t be manipulateable by the applets. The stored hash should be delivered to the host when enumerating the applets, or when queriny the hash value of a specific applet (think md5sum). The hash-value should be pre-calculateable from the CAP file, so that they can be compared to the actual hash value.
There are only 2 insecure random number generators: InsecureRandom and SecureRandom. Both are PRNGs. (-> Dallas/Maxim made a propietory HRNG with it´s own proprietory API)
Suggested fix: Define an API-ID for a HRNG, so that every vendor can implement a HRNG.