智能卡中英文對(duì)照外文翻譯文獻(xiàn)

PAGEPAGE1中英文對(duì)照外文翻譯(文檔含英文原文和中文翻譯)智能卡:針對(duì)電子舞弊的一種符合成本效益的解決方法摘要智能卡有很大的優(yōu)勢(shì)，對(duì)自己的磁力線，能在自身的內(nèi)部電路執(zhí)行加密算法。這意味著用戶的秘密(關(guān)鍵的代碼或寄存數(shù)據(jù))從來(lái)沒(méi)有離開(kāi)過(guò)特制硅芯片，從而最大限度地保障了整個(gè)系統(tǒng)的卡保密性。智能卡控制專(zhuān)用控制芯片，內(nèi)置自我規(guī)劃和記憶的防偽特征，其目的在于使惡意攻擊的成本遠(yuǎn)遠(yuǎn)高于該芯片的成本。本文是調(diào)查智能卡現(xiàn)有的組成部分，并試圖把他們的申請(qǐng)做一些變化。1什么是智能卡與舊方法相比，現(xiàn)在的矽產(chǎn)業(yè)的想法是把智能卡加入到晶片塑膠卡，第一個(gè)專(zhuān)利離現(xiàn)在有21年的歷史，但實(shí)際應(yīng)用只出現(xiàn)在八年前，因?yàn)槭芟抻诖鎯?chǔ)和處理能力，以及過(guò)去的電路技術(shù)。硅加工的完善和新的幾何方法將使新一代卡和無(wú)線通訊等應(yīng)用更加發(fā)展；如(GSM)、收費(fèi)電視、接觸控制。國(guó)家的大公司和政府機(jī)構(gòu)在過(guò)去四年的里對(duì)智能卡需求也不斷增加,如電話、銀行和保險(xiǎn)機(jī)構(gòu)。家庭網(wǎng)絡(luò)和因特網(wǎng)的普及，使一個(gè)全新的市場(chǎng)蓬勃發(fā)展起來(lái)。傳統(tǒng)智能卡是塑料的矩形，可印制有關(guān)申請(qǐng)或者發(fā)行商廣告，以及含有卡持有人(如有效日期、照片)等相關(guān)資料。這也支持了帶有磁性條紋或條碼標(biāo)簽。按照IS07816標(biāo)準(zhǔn)建立的8位接觸模型模塊,通常只有6位是常用接觸的芯片，其位置是不固定的。引腳為交流電源供應(yīng)器(VCC,VPP)、地、時(shí)鐘、重新定序和數(shù)據(jù)通信鏈路(俗稱(chēng)I/O).其規(guī)格是考慮各方的標(biāo)準(zhǔn)的要求(經(jīng)兩次無(wú)壓的轉(zhuǎn)換，建立了第二次I/O銜接I2C等)。到現(xiàn)在為止,智能卡中央處理器為8位，最常見(jiàn)的控制芯片的核心是摩托羅拉、英特爾68HC05的80C51，但新的32位裝置已經(jīng)開(kāi)始出現(xiàn)。其能力(一般從76到512字節(jié))非常有限的物理限制卡。程序在生產(chǎn)階段寫(xiě)在具有存儲(chǔ)器卡的微處理器里，不能以任何方式改變。這就保證了生產(chǎn)的密碼是嚴(yán)格保密的。儲(chǔ)存用戶數(shù)據(jù)，實(shí)現(xiàn)一人一卡，第一代非揮發(fā)性記憶可擦寫(xiě)可編程只讀存儲(chǔ)器需要額外使用“高”電壓電源(通常從15V到25V)。最近只需要一個(gè)包含需要電源5V的EEPROM(擴(kuò)展的微處理器),可以書(shū)寫(xiě)或刪除數(shù)據(jù)在很短的時(shí)間內(nèi)。有時(shí)，根據(jù)持卡人的需要，可以輸入可執(zhí)行程序的卡的EEPROM。EEPROM大小的一個(gè)關(guān)鍵問(wèn)題是在設(shè)計(jì)公共鑰匙申請(qǐng)(如鍵比較大)。因此,智能卡編程經(jīng)常采用典型的優(yōu)化技術(shù)，例如重新生成的公用鑰匙的秘密——鑰匙在必要時(shí)重新生成的密鑰——鑰匙由短字節(jié)構(gòu)成，避免大型重點(diǎn)計(jì)劃(例如菲亞特-沙米)、或者執(zhí)行壓縮算法的多余數(shù)據(jù)(文本、用戶數(shù)據(jù)等)及EEPROM垃圾收集機(jī)制。真實(shí)、完整的經(jīng)營(yíng)系統(tǒng),其目的是為一些廠家服務(wù)。最后,溝通接口(循序異步連接)之間的信息交換和控制數(shù)據(jù)卡與外界的聯(lián)系資料。其優(yōu)點(diǎn)是共同的速度要快得多，通常的字節(jié)是9600點(diǎn)，但更快的通常用于接口(多達(dá)19200至115200位元/秒)完全符合ISO7816標(biāo)準(zhǔn)。首先是安全規(guī)則搜集所有這些因素為單一芯片。如果不這樣做，外部電線連接到一個(gè)芯片時(shí)，另一個(gè)可能的滲透路線可能是非法獲取(或使用)的卡。具體標(biāo)準(zhǔn)ISO卡承受能力是有一定的機(jī)械壓力的。芯片容量的大小是有限，因此，目前的制約是記憶能力和加密，主要是這兩點(diǎn)的限制。目前的智能卡芯片，大多數(shù)廠商都提供非?？煽康碾娫幢ＷC芯片的性能能夠使用十年或更長(zhǎng)時(shí)間。標(biāo)準(zhǔn)ISO卡是必須能免受機(jī)械、電子、化工攻擊。但目前大多數(shù)卡是因?yàn)槭褂煤荛L(zhǎng)時(shí)間，變得過(guò)時(shí)損壞。著名的例子是法國(guó)的電話卡，不合格率是每1萬(wàn)件少于3件。附件1列舉一些當(dāng)今最常見(jiàn)的芯片以及其特征(如時(shí)鐘=最大時(shí)鐘速度以MHz,8位EEPROM可擦寫(xiě)可編程只讀存儲(chǔ)器、記憶存儲(chǔ)(如發(fā)現(xiàn)被刪除異常EEPROM)、時(shí)鐘頻率、溫度、電壓異常(VPP)根據(jù)傳感器曝光，鈍化。這些資料的安全和擾亂探測(cè)器的抵御能力,往往難以取得明顯的安全效果)。一般的智能卡隨時(shí)可以滿足攜帶物品安全的需要,尤其是在需要的外部世界的數(shù)據(jù)與實(shí)際值不知道的情況下。智能卡加上公共密鑰加密,一般都提供足夠的安全，可以應(yīng)對(duì)每天出現(xiàn)的安全問(wèn)題。2智能卡通訊和指揮方式溝通智能卡是根據(jù)(上面提到的)ISO標(biāo)準(zhǔn)7816/3。目前這一標(biāo)準(zhǔn)規(guī)定只有兩個(gè)議定書(shū)(字節(jié)型T=0和阻撓型T=1)，盡管有多達(dá)14個(gè)預(yù)留(T=14非常罕見(jiàn),就是溝通議定書(shū)專(zhuān)利)。因此，各級(jí)電源錯(cuò)誤使用頻率以及對(duì)某一特定的硬件“外擴(kuò)”，這是一個(gè)相當(dāng)復(fù)雜的過(guò)程，UART提供更多功能。硬件的起碼要求，必須包括：機(jī)械接口：連接。電子介面:連接器。一個(gè)包含兩個(gè)因素：智能卡閱讀(或只是“讀”)。最簡(jiǎn)單的讀差不多只調(diào)制解調(diào)器和管理的ISO交流互動(dòng)，議定書(shū)((智能))操作系統(tǒng)的卡。他們被稱(chēng)為((讀透明))，應(yīng)(但實(shí)際上可能)有經(jīng)營(yíng)智能卡供應(yīng)商,完全符合ISO標(biāo)準(zhǔn)。最先進(jìn)卡能讀可編列的數(shù)據(jù)和應(yīng)用邏輯(例如RSA或DSA鑰匙),及程式檔案?？梢詧?zhí)行加密功能，完全取代了個(gè)人電腦，有鍵盤(pán)、大頭針或臺(tái)顯示器或一般用的特定的程序語(yǔ)言，并且不支持各種智能卡，即使能符合ISO標(biāo)準(zhǔn)(因?yàn)樗麄兺ǔＪ前阎噶钺槍?duì)某一特定的卡)。操作卡時(shí),讀者需要采取以下四項(xiàng)工作:（1）開(kāi)/關(guān)卡。（2）復(fù)位卡。（3）從卡上讀取數(shù)據(jù)(輸入指令)。（4）寫(xiě)數(shù)據(jù)卡(輸出指令)。輸入輸出數(shù)據(jù)，包括字頭(實(shí)際上一個(gè)功能代碼包括5字節(jié)，其中有CLS，INS，P1，P2，Len)根據(jù)這些數(shù)據(jù)卡來(lái)確定數(shù)據(jù)。獲取一個(gè)數(shù)據(jù)和字節(jié)(Sw1和SW2)在發(fā)送(后)指揮各個(gè)執(zhí)行。3卡的基本規(guī)律雖然卡制造的周期,有許多不同的來(lái)源說(shuō)明，我們特別推薦伯杰優(yōu)良概況。智能卡的設(shè)計(jì)與制造從卡操作系統(tǒng)及應(yīng)用軟件開(kāi)始，原則上適用于任何使用軟件應(yīng)用的安全。這本身就是一個(gè)任務(wù)，但至少可在智能卡芯片存儲(chǔ)比較小的范圍內(nèi)，形成最終規(guī)模的軟件。要有核對(duì)，其規(guī)格與操作系統(tǒng)的特征也沒(méi)有被包括在內(nèi)。邏輯存儲(chǔ)器的操作系統(tǒng)則交給芯片制造商,在一批芯片制造前，他們將返回執(zhí)行的代碼交叉檢查。這本身就是一種有用的方法，通常需要一個(gè)完整的檢查,但顯然的這是保密的密碼,因此應(yīng)嚴(yán)格控制其分發(fā).此外,該公司也將負(fù)責(zé)所有密碼,其中,由于故障率的出現(xiàn),則必須予以摧毀。否則,發(fā)動(dòng)任何形式原始攻擊都會(huì)使芯片不安全的運(yùn)行。這批發(fā)出的芯片,智能卡公司的任務(wù)是制造成塑膠卡芯片的。塑膠的作用聯(lián)系客戶與服務(wù)他們之間聯(lián)系。最起碼要在發(fā)行前測(cè)試完成IC卡業(yè)務(wù),以確保其作用的實(shí)現(xiàn)。在某些情況下,卡滿足發(fā)行的要求。4應(yīng)用4.1付費(fèi)電視最早的應(yīng)用是微控制型智能卡收費(fèi)電視?？ㄋ坪跸笳髁艘粋€(gè)理想的身份(相關(guān)的用戶)和效率的提高。大多數(shù)收費(fèi)電視申請(qǐng)(兩個(gè)最有名的例子歐洲加密與錄像加密)節(jié)目提供節(jié)目定期(一般每100至500豪秒)加密的控制字(臨時(shí)關(guān)鍵),那么形象就是加密。使用唯一有效的卡，即可提取圖像了。這個(gè)控制字的數(shù)據(jù)流，把它用解碼器進(jìn)行解碼。第二個(gè)是營(yíng)銷(xiāo)模式((計(jì)費(fèi)觀點(diǎn)))。在此背景下，觀眾購(gòu)買(mǎi)前，卡上已寫(xiě)滿時(shí)間的長(zhǎng)短(總時(shí)間為每個(gè)節(jié)目相關(guān)系數(shù))。最后，卡也似乎成為一個(gè)有效的工具。一般的問(wèn)題之一免費(fèi)卡只能在某一特定事件(例如一個(gè)球賽)使用分配。廣播將只取卡(自由)所有權(quán)。4.2移動(dòng)通信GSM是基于安全的智能卡(SIM卡更名為單元的標(biāo)準(zhǔn)特性=訂戶)。每個(gè)SIM卡伴隨著一系列秘密和公開(kāi)的參數(shù)(IMSI、Ki、PIN、PUK等)，讓經(jīng)營(yíng)者找到手機(jī)、電話線和數(shù)字信息(短訊服務(wù))。智能卡的安全構(gòu)成了嚴(yán)重的消極影響和花費(fèi)成本在識(shí)別代碼上。詐騙(主要是卡遺失或密碼透露)欺詐造成的損失遠(yuǎn)遠(yuǎn)低于密碼竊聽(tīng)非防偽系統(tǒng)。4.3電子現(xiàn)金認(rèn)證或微記憶卡可用于存儲(chǔ)或代表法定貨幣幾種方式：（1）卡可以雙向聯(lián)系卡持有人，其銀行帳戶。在這種情況下,可以檢查卡的各種真正的密碼議定書(shū)(主要依靠終端和卡的權(quán)力，各自計(jì)算)。（2）卡也可作為電子錢(qián)包，在商店EEPROM余額可轉(zhuǎn)換或從卡的POS(銷(xiāo)售點(diǎn))、銀行終端購(gòu)入。花費(fèi)可以使用匿名議定書(shū)(保存用戶的隱私像紙錢(qián)一樣)或?qū)徲?jì)(正如定期檢查帳戶)。智能卡業(yè)者認(rèn)為，在今后10年，銀行業(yè)將是卡的一個(gè)主要的應(yīng)用領(lǐng)域。4.4其他應(yīng)用智能卡也應(yīng)用在安全領(lǐng)域，電子版權(quán)(一般軟件保護(hù))、博彩、身體確認(rèn)控制、互聯(lián)網(wǎng)安全等諸多領(lǐng)域。珙加認(rèn)為，最好的方法是客戶恰當(dāng)?shù)男枨罂赡馨ㄏ蜃罱K用戶端提供一個(gè)空白，這就是存儲(chǔ)器包含的一般用途的高級(jí)別操作系統(tǒng),放在每個(gè)用戶卡上，可以加上他自己(自制)申請(qǐng)或準(zhǔn)備使用購(gòu)買(mǎi)的節(jié)目，這些可以下載一個(gè)軟件進(jìn)行編輯。在這種情況下,該卡自然損壞的能力,加上公共密鑰加密的能力,似乎是一個(gè)消極和積極的兩方面解決軟件保護(hù)。譯文：Smart-cards:Acost-effectivesolutionagainstelectronicfraudAbstractSmart-cardshavethetremendousadvantage,overtheirmagneticstripeancestors,ofbeingabletoexecutecryptographicalgorithmslocallyintheirinternalcircuitry.Thismeansthattheuser'ssecrets(bethesePINcodesorkeys)neverhavetoleavetheboundariesofthetamper-resistantsiliconchip,thusbringingmaximumsecuritytotheoverallsysteminwhichthecardsparticipate.Smart-cardscontainspecial-purposemicrocontrollerswithbuilt-inself-programmablememoryandtamper-resistantfeaturesintendedtomakethecostofamalevolentattackfarsuperiortothebenefits.Thispaperisbothasurveyoftheexistingcomponents,theirapplicationsandanattempttodescribesomeoftheirpossibleevolutions.1Whatisasmart-card?Inthetime-scaleofthesiliconindustry,theideaofinsertingachipintoaplasticcardisratherold:thefirstpatentsarenowtwentyyear'soldbutpracticalapplicationsemergedonlyaeightyearsagoduetolimitationsinstorageandprocessingcapacitiesofpastcircuittechnology.Newsilicongeometriesandprocessingrefinementsleadtheindustrytonewgenerationsofcardsandmoreambitiousapplicationssuchaswirelesscommunications;(GSM),pay-TV,loyaltyandphysicalaccess-control.Overthelastfouryearstherehasbeenanincreasingdemandforsmart-cardsfromnationaladministrationsandlargecompaniessuchastelephoneoperators,banksandinsurancecorporations.Morerecently,anothermarketopenedupwiththeincreasingpopularityofhomenetworkingandInternet.Thephysicalsupportofaconventionalsmart-cardisaplasticrectangleonwhichcanbeprintedinformationconcerningtheapplicationortheissuer(evenadvertising)aswellasreadableinformationaboutthecard-holder(asforinstance,avaliditydateoraphotograph).Thissupportcanalsocarryamagneticstripeorabarcodelabel.AnarrayofeightcontactsislocatedonthemicromoduleinaccordancewiththeIS07816standardbutonlysixofthesecontactsareactuallyconnectedtothechip,whichis(usually)notvisible.Thecontactsareassignedtopowersupplies(Vcc,Vpp),ground,clock,resetandaserialdatacommunicationlink(commonlycalledI/O).Theirspecificationpartinthestandardiscurrentlyreconsidereduponrequestsfromvariousparties(suppressionofthetwouselesscontacts,creationofasecondI/Oport,I2Cbridgingetc.).Forthetimebeing,cardCPUsarestill8bitmicrocontrollersandthemostcommoncoresareMotorola's68HC05andIntel's80C51butnew32-bitdeviceswillsoonbegintoappear.RAMcapacities(typicallyrangingfrom76to512bytes)areverylimitedbythephysicalconstraintsofthecard.Theprogramexecutedbythecard'smicroprocessoriswritteninROMatthemask-producingstageandcannotbemodifiedinanyway.Thisguaranteesthatthecodeisstrictlycontrolledbythemanufacturer.Forstoringuser-specificdata,individualtoeachcard,thefirstgenerationofnon-volatilememoriesusedEPROMwhichrequiredanextra"high"voltagepowersupply(typicallyfrom15Vto25V).RecentcomponentsonlycontainEEPROMwhichrequiresasingle5Vpowersupply(frequentlythatofthemicroprocessor)andcanbewrittenanderasedthousandsoftimes(cycles).Sometimes,itispossibletoimportexecutableprogramsintothecard'sEEPROMaccordingtotheneedsofthecardholder.EEPROMsizeisacriticalissueinthedesignofpublic-keyapplications(wherekeysarerelativelylarge).Consequently,smart-cardprogrammersfrequentlyadopttypicaloptimizationtechniquessuchasre-generatingthepublic-keysfromthesecret-keyswhenneeded,re-generatingthesecret-keysfromshorterseeds,avoidinglarge-keyschemes(forinstanceFiat-Shamir)orimplementingcompressionalgorithmsforredundantdata(text,userdata,etc.)andEEPROMgarbagecollectionmechanisms.Realandcompleteoperatingsystemshavebeendevelopedforthispurposebyseveralmanufacturers.Finally,acommunicationport(serialviaanasynchronouslink)forexchangingdataandcontrolinformationbetweenthecardandtheexternalworldisavailable.Acommonbitrateis9600bit&butmuchfasterinterfacesarecommonlybeingused(from19,200upto115,200bits/s)infullaccordancewithISO7816.Afirstruleofsecurityistogatheralltheseelementsintoasinglechip.Ifthisisnotdone,theexternalwires,linkingonechiptoanothercouldrepresentapossiblepenetrationrouteforillegalaccess(oruse)ofthecard.ISOstandardsspecifytheabilityofacardtowithstandagivensetofmechanicalstresses.Thesizeofthechipisconsequentlylimitedandpresentconstraints(especiallymemoryandcryptographiccapabilities)mainlyfollowfromthislimitation.Smart-cardchipsareveryreliableandmostmanufacturersguaranteetheelectricalpropertiesoftheirchipsfortenyearsormore.ISOstandardsspecifyhowacardmustbeprotectedagainstmechanical,electricalorchemicalaggressionsbutformostexistingapplications,acardisfarobsoletebeforeitbecomesdamaged.AwellknownexampleistheFrenchphonecardwherethefailurerateislessthanthreeper10,000pieces.Annex1listssomeoftoday'smostcommonchipsaswellastheircharacteristics(where0=maximalclockrategiveninMHz,8=EEPROM,U=EPROM,Witnesscell(detectsiftheEEPROMwaserasedabnormally),ClockFrequency.,Temperature,AbnormalVoltage(vpp),Lightexposureandpassivitysensor.Informationaboutsuchsecuritydetectorsandtamper-resistancecapabilitiesisusuallyratherhardtoobtainfromthemanufacturersforobvioussecurityreasons).Ingeneral,smart-cardscanhelpwheneversecureportableobjectsareneeded,andinparticularwhenevertheexternalworldHneedstoworkwithdatawithoutknowingitsactualvalue.Thecard'stamperproofness,combinedwithpublic-keycryptography(secretlessterminals),generallyprovideadequatesolutionstomanyeverydaysecurityproblems.2Smart-cardcommunicationandcommandformatCommunicationwithsmart-cardsisruledbythe(previously-mentioned)ISOstandard7816/3.Onlytwoprotocolsarecurrentlydefinedinthisstandard(byte-orientedT=0andblock-orientedT=1)althoughupto14arereserved(T=14isveryrare,andmeansthatthecommunicationprotocolisproprietary).Thustheelectricallevelsanderrorhandshakesaswellasthefrequencyusedimposeaspecifichardwareonthe<<externalside>>whichistheequivalentofaUARTwithmoresophisticatedfunctions.Thisminimalhardware,neededtooperateacard,consistsof:*Amechanicalinterface:theconnector*Anelectronicinterface:thecoupler*Andaboxcontainingtheabovetwoelements:thesmart-cardreader(orsimply<<reader>>)ThesimplestreadersarequitesimilartomodemsandmanageonlytheISOcommunicationprotocolwithoutinteracting((intelligently))withtheoperatingsystemofthecard.Theyarecalled((transparentreaders))andshould(butinpracticemay...)operatewithanysmart-cardfromanyvendorwhichcomplieswiththeISOstandard.Themostsophisticatedreaderscanbeprogrammedwithpartsoftheapplicationlogicandcontaindata(forinstanceRSAorDSApublickeys),filesandprograms.Theycanexecutecryptographicfunctions,replacecompletelyaPC,havekeyboards,pin-padsordisplaysandgenerallyuseaspecificprogramminglanguageanddonotsupportalltypesofsmart-cardseveniftheycomplywiththeISOstandard(becausetheyoftenintegrateparticularcommandsdedicatedtoagivencard).Tooperateacard,thereaderneedstoimplementthefollowingfourfunctions:(1)Poweron/offthecard(2)Resetthecard(3)Readdatafromthecard(getcommands)(4)Writedatatothecard(putcommands).Getandputcommandscontainaheader(actuallyafunctioncodeconsistingof5bytesdesignatedbyCLA,INS,P1,P2andLEN)accordingtowhichthecardprocessestheincomingdata.Anacknowledgebyteandacoupleofstatusbytes(SW1andSW2)aresentduring(andafter)theexecutionofeachcommand.3CardlifecycleAlthoughthecardlifecycleandmanufacturingaredescribedinmanydifferentsources,weparticularlyrecommendFuchsBerger&al’sexcellentoverview.Smart-cardmanufacturingstartswiththedesignofthecardoperatingsystemandtheapplicationsoftware,followingtheprinciplesapplyingtoanysoftwareforuseinsecurityapplications.Thisisinitselfanontrivialtaskbutatleastthememoryavailableinsmartcardchipsisrelativelysmallwhichlimitstheeventualsizeofthesoftware.Therehavetobechecksthattheoperatingsystemmeetsitsspecificationandalsothatnounintendedfeatureshavebeenincluded.TheROMmaskoftheoperatingsystemisthengiventothechipmanufacturer,whowillreturnanimplementationofthecodeforcross-checkingbeforemanufacturingthebatchofchips.Thisisinitselfausefulintegritycheckbutclearlyonenormallyrequiresthiscodetobekeptconfidentialandthereforeitsdistributionshouldbecarefullycontrolled.Furthermore,themanufacturerhastobeaccountableforallchipsmade,someofwhich,duetoyieldfailures,willneedtobedestroyed.Otherwise,anattackermayobtainrawchipstomountanyformofcounterfeitoperation.Thebatchofchipsisdistributedtothefabricator[smart-cardmanufacturer]whosetaskitistoembedthechipsintotheplasticcards?Theroleofthefabricatorvariesconsiderablybetweencustomersandtheirservices.AsaveryminimumthefabricatormusttestthecompleteICcardtoensureitsoperationalstate.Insomecasesthefabricatorcompletelypersonalizesthecardtotherequirementsoftheissuer.4Applications4.1Pay-TVOneofthefirstapplicationsofmicro-controller-basedsmart-cardswaspay-TV.Thecardappearstobebothanidealidentificationtoken(associatedtothesubscriber)andanefficientloyalty:support.Inmostpay-TVapplications(thetwobest-knownexamplesaremostprobablyEurocryptandVideocrypt),theprogramproviderbroadcastsperiodically(typicallyeach100to500ms)anencryptedcontrol-word(temporarykey)underwhichtheimageisencrypted.Onlyvalidcardscanextract.thiscontrol-wordfromthedatastream,decryptandsendittothedecoder.Asecondinterestingmarketingmodelis((pay-per-view)).Inthissetting,theviewerbuysapre-loadedcardandspendsprogressivelytheloadedamount(Ingeneral,atimecoefficientisassociatedtoeachprogram).Finally,cardsalsoappeartoanefficientsponsoringtool.Ingeneral,thesponsorissuesfreecards,validonlyduringagivenevent(forinstanceabase-ballmatch)anddistributesthem.Thebroadcastwillthenbeonly(freely)accessiblebythecard-owners.4.2MobilecommunicationsGSMsecurityisessentiallybasedonthetamperproofnessofthesmart-card(renamedSIM=SubscriberIdentityModuleinthestandard).EachSIMisassociatedwithasetofsecretandpublicparameters(IMSI,Ki,PIN,PUKetc)thatallowtheoperatortolocatethemobilephone,routecallsanddigitalmessages(ShortMessageServices).Smart-cardspresentmajorsecurityandcostadvantagesoverpassivecodeidentification.Fraud(mainlyduetocardlostorpassworddisclosure)isfarlowerthanfraudlossesduetopasswo