<!-- Edit EirGrabber 3.01 -->
<HTML>
<HEAD>
<TITLE>Smart Card Developer's Kit:Glossary</TITLE>



<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="ewtoc.html">Table of Contents</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<H2><A NAME="Heading1"></A><FONT COLOR="#000077">Glossary</FONT></H2>
<DL>
<DT><B>A3 and A8</B>
<DD>Two cryptographic algorithms used in GSM cellular telephony and typically implemented in GSM SIM smart cards.
<DT><B>ABS (acrylonitrile butadiene styrene)</B>
<DD>A common plastic material used for the manufacture of smart cards.
<DT><B>AC (access condition)</B>
<DD>An attribute in a file header that allows or denies execution of certain commands based on certain security conditions such as authentication of the entity attempting to execute the command.
<DT><B>AID (application identifier)</B>
<DD>A unique number assigned to smart card applications.
<DT><B>algorithm</B>
<DD>A set of detailed instructions for performing a mathematical operation.
<DT><B><TT>alt.technology.smartcards</TT>
</B>
<DD>A Usenet newsgroup devoted to smart cards.
<DT><B>ANSI (American National Standards Institute)</B>
<DD>An American technical standards body and the representative of the United States to the International Standards Organization (ISO).
<DT><B>anticollision</B>
<DD>When using a contactless smart card, the data being transmitted from the card to the reader doesn&#146;t collide or interfere with the data being transmitted from the reader to the card.
<DT><B>APDU (application protocol data unit)</B>
<DD>A unit of data transfer between a smart card and an application program; a smart card command or command response.
<DT><B>API (application programming interface)</B>
<DD>Contains calls a program can make on routines stored in a function library or implemented in the operating system.
<DT><B>Arimura, Dr. Kunitaka</B>
<DD>The Japanese inventor who received a patent on smart cards in 1971.
<DT><B>ASC (application-specific command)</B>
<DD>An extension of the basic smart card operating system, often stored in the smart card EEPROM.
<DT><B>ASCII (American Standard Code for Information Interchange)</B>
<DD>A method of digitally representing characters in the Latin alphabet using 1 byte or 8 bits. For example, 6116 is the ASCII representation of lowercase Latin letter <I>a. See also</I> Unicode.
<DT><B>asynchronous protocol</B>
<DD>A mode of data transmission in which the transmission start time of a character or block of characters is arbitrary. <I>See also</I> synchronous protocol.
<DT><B>ATR (answer to reset)</B>
<DD>A data string returned by a smart card when the microprocessor in the card is physically reset. Two types of data strings are standardized: They are described as asynchronous transfer protocols T=0 and T=1.
<DT><B>authenticate</B>
<DD>To establish the identity of the origination or originator of a transaction or other data-processing request.
<DT><B>authorize</B>
<DD>To grant privileges typically to access data, usually based on successful authentication.
<DT><B>batch card</B>
<DD>A smart card that carries a key that enables its holder to unlock a shipment or batch of other smart cards. A batch card carries a transport key. <I>See also</I> mother card.
<DT><B>biometrics</B>
<DD>The use of a person&#146;s physical characteristics such as fingerprints, hand geometry, voice or signature characteristics, eye patterns, and so on, for authentication.
<DT><B>black book</B>
<DD>A catalog of information used to subvert smart card security systems.
<DT><B>blinding</B>
<DD>Taking provisions in a smart card&#146;s operation to defeat voltage and timing attacks. Blinding, for example, would ensure that all multiplications take the same amount of time independent of the values of the multiplier and the multiplicand.
<DT><B>Bright, Roy</B>
<DD>The French publicist who coined the term smart card.
<DT><B>byte string</B>
<DD>A sequence of bytes.
<DT><B>C-SET (Chip-Secured Electronic Transaction)</B>
<DD>The French version of SET, which incorporates a smart card in its specification.
<DT><B>CA (certification authority)</B>
<DD>An organization or enterprise that issues digital certificates, primarily those attesting to an individual&#146;s identity.
<DT><B>CAD (card accepting device)</B>
<DD>A smart card reader.
<DT><B>capture</B>
<DD>To not return a card to the cardholder if an anomalous condition is encountered before a transaction is complete. A capture reader takes the smart card completely inside its physical security perimeter so that it cannot be extracted by the user before the transaction is completed.
<DT><B>Card Europe</B>
<DD>A smart card industry association. See <A HREF="www.gold.net/users/ ct96">www.gold.net/users/ ct96</A>.
<DT><B>cardholder</B>
<DD>The person carrying and using a smart card. A cardholder does not necessarily own the card or have any rights other than holding and using it.
<DT><B>CARDIS</B>
<DD>An international smart card conference, Smart Card Research and Advanced Applications, held roughly every 18 months, that features academic papers on smart card research.
<DT><B>CardTech/Securetech</B>
<DD>A North American smart card convention held twice a year.
<DT><B>Carte Bancaire</B>
<DD>The smart card issued by Groupement des Cartes Bancaires, a French bankcard association.
<DT><B>Cartes</B>
<DD>An annual smart card convention held in Paris.
<DT><B>Castrucci, Paul</B>
<DD>The American inventor who received U.S. Patent 3,702,464 on a smart card in 1972.
<DT><B>CEN (Comit&#233; Europ&#233;en de Normalisation)</B>
<DD>A European standards organization, located in Brussels.
<DT><B>cert</B>
<DD>Conversational shorthand for <I>digital certificate</I>.
<DT><B>challenge</B>
<DD>A random string of bytes sent from a data processing system to another system that it is trying to authenticate. The receiving system must encrypt the challenge with an encryption key in its possession and return the encrypted challenge to the sending system. If the sending system can decrypt the encrypted challenge, it knows the receiving system possesses the key that encrypted it and this authenticates the system to which the challenge was sent.
<DT><B>checksum</B>
<DD>A single numeric value computed from a large body of text or data that can be quickly recomputed by the recipient of the text and data to check if any characters in the body have been changed during transmission. Unlike a hash value, similar bodies of text may yield equal checksums. Checksums guard against random transmission errors (not deliberate attempts) to alter the content of a message.
<DT><B>CHV (cardholder verification)</B>
<DD>A secret number or password, known only to the cardholder, which is required to access certain services on a smart card. Also known as a personal identification number (PIN).
<DT><B>CLA</B>
<DD>The first data field in an ISO 7816-4 command that gives the class of the command.
<DT><B>CLK</B>
<DD>The contact or pad on a smart card module through which clock signals are provided to run the smart card processor.
<DT><B>clock rate</B>
<DD>The rate at which the clock signal provided to a smart card processor changes; typically, 5 MHz or 5,000,000 pulses per second. Smart card processors divide this by 2 and take on the average of 4 or 5 &#147;clocks&#148; per instruction and so run at about &#189; MIP or 500,000 instructions per second.
<DT><B>COMP128</B>
<DD>An authentication algorithm popular in telecommunications and often found on GSM SIM cards.
<DT><B>contact card</B>
<DD>A smart card that is activated by being inserted into a smart card reader, which presses contacts against the contact pads of the smart card module. <I>See also</I> contactless card.
<DT><B>contactless card</B>
<DD>A smart card that is activated by being held near the smart card reader rather than being put into the reader, as with contact cards. Power is provided to the card through inductance coils and communication occurs via radio frequency signals and a capacitive plate antenna. <I>See also</I> contact card.
<DT><B>core</B>
<DD>The instruction set used by a smart card; for example, an 8051 core implements the Intel 8051 instruction set. It is called the core because the integrated circuit that implements the instructions is the core of the smart card integrated circuit.
<DT><B>COS (card operating system)</B>
<DD>The program contained in the smart card ROM that is used for communicating with the smart card, managing security, and managing data in the smart card file system.
<DT><B>CPU (central processing unit)</B>
<DD>The integrated circuitry on a smart card that executes the program stored on the card.
<DT><B>CRT (Chinese remainder theorem)</B>
<DD>A theorem about the unique factorization of integers that is used in some cryptographic algorithms.
<DT><B>cryptogram</B>
<DD>An encrypted block of text or random data; used in smart card security protocols to demonstrate possession of a secret key without revealing the key itself.
<DT><B>cryptographic coprocessor</B>
<DD>Special integrated circuits for quickly doing calculations, particularly modular arithmetic and large integer calculations, associated with cryptographic operations and algorithms. These circuits are added to a standard processor core and therefore are called coprocessors.
<DT><B>cyclic file</B>
<DD>A type of file on a smart card that contains records such that the first record is returned when a read next command is issued on the last record; thus, the records form a ring and cycle from one to the next.
<DT><B>Danmont</B>
<DD>A smart card operating system developed in Denmark and used in the VisaCash card. See <A HREF="http://library.cs.tuiasi.ro/hardware/smart-card-developer-kit/www.iccard.dk">www.iccard.dk</A>.
<DT><B>daughter card</B>
<DD>One of a batch or shipment of cards that is unlocked with a mother card.
<DT><B>DEA (data encryption algorithm)</B>
<DD>Synonym for DES.
<DT><B>DES (data encryption standard)</B>
<DD>A secret key cryptographic algorithm defined and promoted by the U.S. government.
<DT><B>Dethloff, J&#252;rgen</B>
<DD>The German co-inventor of the smart card in 1968. <I>See also</I> Gr&#246;ttrupp, Helmut.
<DT><B>DF (dedicated file)</B>
<DD>A smart card directory file that holds other files.
<DT><B>digital certificate</B>
<DD>A digital message that contains the public key of an individual together with a guarantee from a certificate authority that the public key belongs to the individual.
<DT><B>digital signature</B>
<DD>A digital technique that authenticates the user&#146;s transaction. A digital signature can, for example, be the encryption of a hash of the transaction with the individual&#146;s private key.
<DT><B>diversified key</B>
<DD>A smart card key that is computed from a smart card&#146;s serial number and a master key. Diversified key techniques let every card in a large set of cards be accessed with a unique key without the necessity of maintaining a record of which key is on which card. Both the master key and the calculation program are kept in a highly secure environment.
<DT><B>DSA (digital signature algorithm)</B>
<DD> A cryptographic algorithm approved by the U.S. government for use in creating digital signatures.
<DT><B>DSS (digital signature standard)</B>
<DD> The U.S. standard that defines DSA and its use.
<DT><B>E-cash card</B>
<DD>A stored-value smart card that contains money in digital form in one or more national currencies such as kroner, francs, yen, marks, or dollars. When you spend money from the card, the host application decrements a currency value and when you add more money to the card, the host application increments a currency value. Don&#146;t try this at home.
<DT><B>EEPROM (electrically erasable programmable read-only memory)</B>
<DD>Memory in a smart card that holds its contents when power is removed, that is, when the card is removed from the card reader. Unlike with ROM, new values can be written to EEPROM by the smart card CPU. EEPROM is used to store smart card values that are set during personalization, such as account numbers or values that can change, such as the amount of value stored on the card.
<DT><B>EF (elementary file)</B>
<DD>An elementary file is part of the smart card file system that contains application data. <I>See also</I> DF (dedicated file), MF (master file).
<DT><B>EFT (electronic funds transfer)</B>
<DD>A funds transfer that is sent electronically, either by telecommunication or written on magnetic media such as tape, cassette, or disk.