projects techreports press lab location staff
citi top.2 top.3
citi mid.3
bot.1 bot.2 bot.3

Projects : Smart Cards

Smart Card Projects At CITI

Created, 12/14/1999, Naomaru Itoi.
Last Updated, 6/8/2000, Naomaru Itoi.

A name in parentheses means the person is responsible for this ongoing project. Projects are sorted by importance.

Projects On Releasing Stage
Need testing, documenting, and packaging.

  • Kerberos / smartcard integration (Evan)
  • SSH / Smartcard integration (Sheri)
  • pay-pcsc (Evan, Anna)
  • i-Button PC/SC-Lite driver (I believe this is done.)
  • SCFS on OpenBSD

Recently Finished Projects
These are projects recently finished.

  • Kerberos / SSH with remote smartcard -> internal deployment (Nao, Tomoko)
  • i-Button PC/SC-Lite driver and pay-pcsc (Mukesh)
  • xautolock with smartcard (Muzzle)

Projects To Be Ported

  • SCFS on Windows NT (Nao)
  • SCFS on Linux


  • smartcard encrypted filesystem (Muzzle, Evan)
  • kinit extension, store the session key on smartcard (Peter)
  • secure PC booting with smartcard (Nao)
  • Attack fingerprint scanners. Create silicon dummy of a fingerprint and fool fingerprint scanners. (refer to CARDIS paper) (Sheri)
  • PGP (or some other e-mail signing) with smartcard (low priority)
  • smartcard encrypted netscape cookie (encrypted FS should solve this)
  • PKI based user authentication with web server and smartcard (low priority)
  • SSL between smartcard and web server (to send data securely), or SSL between client and smartcard web server (low priority)

Programming Environments / Libraries / I/O

  • SUN RPC on smartcard (Nao)
  • SCFS Extension. Java wrapper for long file names and .i consistency. (Brian, Forbes, Nao) (reference, reference)
  • LDAP server on smartcard
  • Get Philips MIFARE PROX card and test it. This is a contactless card with crypto and large storage. Why don't we get them and start playing with them?
  • Cyberflex Simera. Scott said he bought Simera from Schlumberger. Shall we try doing the same? Can we get rid of Scott's Apache proxy if we do IP on SIM?
  • implement cryptoki (PKCS #11) on 7816 (thus JCA on cryptoki on 7816) (reference)
  • implement JCA (Java Cryptographic Architecture) on smartcard
  • T=1 for Towitoko driver (including Palm Reader)
  • Critical Evaluation of smartcards. Compare Cyberflex, iButton, STARCOS, and whatever cards we can get. (reference)

Palm Pilot and Smartcard

  • Manufacture Palm Readers (Brad)
  • Encrypted beaming
  • s/key with smartcard and Palm
  • smartcard as Palm's extended secure storage, e.g., storing secret address book in smartcard.
  • Extend Handspring's Visor (PalmOS compatible) memory module so that Palm applications can use smartcard as secure storage. Card is accessed through Palm reader. As an application for this, store multiple passwords in smartcard and view them through Palm. (What's up with this, Hugh?)

Convenient Applications

  • small database in a smartcard, e.g. schedule book in a smartcard. You can view/update schedule from PC or Palm.
  • I hate typing my name, address, e-mail address, and phone # in homepages. Automate this by storing such information in smartcard. We may be able to do this by integrating smartcard into Mozilla.
  • System administrators write passwords down because (1) they cannot remember all, but (2) they do not want to use the same one for all computers. PIN protected password storage (just to display them when needed, or to present them to PAM) might be useful.

That's it. Please send comments to us. projects | techreports | press | lab | location | staff Email address
or call +1 734 763 2929
Copyright © 1996-2013
The Regents of the University of Michigan