FractalizeR's Smartcard Shield Suite: smartcard protection developer SDK -Dhaka Mobile - View Single Post
Dhaka Mobile

View Single Post
Old 10-01-2010, 12:59   #1
Senior Member
Join Date: Aug 2010
Posts: 403
Status: Offline
Thanks: 3
Thanked 0 Times in 0 Posts
Rep Power: 7
anowar_virus is on a distinguished road
Send a message via Yahoo to anowar_virus

FractalizeR's Smartcard Shield Suite: smartcard protection developer SDK

FractalizeR's Smartcard Shield Suite:

Smartcard Shield Suite is a softwares & sources pack for serious GSM developers, that need to quickly put a new GSM product to the market without having to learn for a long time how to protect the software with smartcards.

The pack includes:
- Protection applet with sources (*.java). Applet is modular and allows to separately modify secure session protocol and applet commands. Data communication works in this way: secured session is initiated and then all commands going to/from applet are encrypted and digitally signed.
- Eclipse development environment, presetup to develop applets
- Application (with Delphi sources) to test applet protocol stability under stress load
- Delphi source to work with applet using secure protocol
- The software to do m*************** card programming (several cards can be programmed at the same time, multithreaded). Binary version without sources, customized for customer demands.
- FractalizeR's SmartCard API (Delphi cl*************** library) to send commands to card and receive replies. With sources.

Applet features:
- Initiate / terminate secure session
- Easy customization, commented source code
- Card blocking mechanism (if someone makes any attempt to communicate card and sends malformed data stream to card - card stops responding to commands until next update)
- Several commands (like NOP, hello, encrypt, md5 etc) to provide an example on how to extend applet and tune it to your needs.
- Average simple command execution time inside secure session - 150-200ms on Gemalto TOP cards.
- Permanent serial number & permanent data storage (a storage that persists through card upgrades)

Softwares and applet can be tested on cards provided by customer to verify supported features.

No p***************ing or reselling provided materials. No p***************ing or reselling protection solutions, based on provided materials. Per-team licensing (the license to use the sources is granted to purchasing team and all their products. Any new team should purchase another license). Time needed to prepare sources - 2-4 weeks starting from receiving card samples the sources are targeted by.

Unique secure session protocol with a possibility to easily increase protection complexity. Algorithms are easy customizable and should be changed by customer in order to be unknown to the outsiders. Although no "unhackable" warranty is provided (spit on anyone, who dares to guarantee things like this), but the solution is strong enough.

Skills needed:
Basic Java knowledge to be able to modify applet and add command handling you need (consultations provided). Delphi knowledge to integrate protection sources.
  Reply With Quote
Clear Default Style - Mobile Style Clear
All times are GMT +1. The time now is 21:16.

Follow us below -

Copyright ©2010-2017. Dhaka Mobile
Registered trademark of vBulletin Solutions