[Pcsclite-muscle] HELP! Any experience on smart card chip wearing?

Umberto Rustichelli umberto.rustichelli
Mon Sep 8 03:01:19 PDT 2014


On 09/08/2014 11:42 AM, Ludovic Rousseau wrote:
> 2014-09-08 11:19 GMT+02:00 Umberto Rustichelli <umberto.rustichelli at gt50.org>:
>> OK, tests for millions of signatures were mostly positive for you (you all
>> in the list up to now) and also for us (things always break in production,
>> don't you know?).
>> The main difference is that both my production environment and test
>> environment work with 14 cards, with 2 USB hubs, 7 cards per hub (not one
>> card) and I never re-login/reconnect, just go on signing exploiting the
>> existing PKCS#11 session.
>>
>> The only difference between my test and production environment were the
>> cards (the customer's cards are a bit more recent).
>> I think that we're going nowhere at the moment (my fault, given that I
>> cannot provide much debug data), anyway I'll keep listening if anyone can
>> help... I suppose that if we broaden the suspects pool to include a USB
>> glitch (excessive power drain that hampers USB communication) we are going
>> too far...
> It may be a temporary hardware issue.
> But in this case you should not have "apparently every time we restart
> the cards the time-to-failure gets shorter"
> Do you have numbers about the "gets shorter"? It is 10%, 50% or 90% shorter?

~80% would be a good guess. The customer is lazy and doesn't provide the 
count of requested signatures, so the estimate is really bad.
For sure, they had 14 cards doing fine for one month. After the shutdown 
and restart, we had the first card failing after two days, more followed 
in five days.

> Do you have the problem with different readers from different manufacturers?
Cannot test other readers because they wouldn't fit in the appliance for 
the way it is built (we use extra-slim readers, seven cradled in a 2.5" 
bay).
To be honest, we never experienced this sort of issues with this 
specific test, but -being many years we play with smart cards- I recall 
two situations that we can combine and obtain a scenario similar to the 
current one, but it's not convincing to me.
Recently, we had a card that failed after some n * 10K signatures and 
needed to be (physically) disconnected to work again.
A couple of years ago, instead, we had a card that failed miserably 
(among 98 cards connected) and took down the whole lot in a few seconds; 
I suppose the card was drawing too much energy and the USB chain, from 
the leaf to the root hub, shut down. The hunt for the bad card lasted 
two days :( -removed that one all was fine.
But the current failure won't bring down a whole hub, just more failures 
will follow, usually for the mostly-engaged cards, so it doesn't seem a 
matter of a single card doing the mess, rather a stress situation.
Thanks





More information about the pcsclite-muscle mailing list