For payments, pay-TV, as ID card for access control, or for car keys: smart cards and RFID systems are omnipresent when it comes to the identification and authentication of a user or a component. The available solutions range from highly-secure integrated chips, which use asymmetric cryptographic routines for authentication (as used in the smart card of the new German passport), to simple RFID systems, which transmit only a serial number for identification. On the other hand, the number but also the intensity of threads on smart cards and RFID systems is increasing. While for the first implementations of smart cards, cryptographic key data was stored unencrypted in the card's memory, today the newest smart cards implement sophisticated security measures to prevent the reading of key data. Such security measures are, e.g., the active and passive shielding of chip structures and sensors for detection of attacks. It turns out to be very difficult to find implementations and security architectures for smart cards and RFID systems that are also robust against nowadays (and future) advanced attacks. In addition, especially RFID systems suffer from a quite weak power supply, which limits implementations to light-weight crypto-algorithms that still need to be secure.

Competences and offerings

Fraunhofer AISEC develops technologies to harden smart cards and RFID systems. For this purpose, Fraunhofer AISEC operates an own hardware security lab, where attacks (side channel attacks, fault attacks) on smart cards and RFID systems are performed and existing systems are evaluated. The goal of those analyses is the design of innovative countermeasures for the protection of sensitive key data on the card. Together with industry partners, Fraunhofer AISEC creates security architectures for smart card and RFID systems, as well as secure and efficient protocols for identification and authentication.

Overview of competences and offerings

Main publications (selection)