View
26
Download
0
Category
Preview:
DESCRIPTION
Smart Card. 李開振 seinlin.cs95g@nctu.edu.tw 許家碩 kyo-haha@yahoo.com.tw Department of Computer Science National Chiao Tung University. Outline 1/2. Introductions ( 許家碩 ) History, Application area, Standardization Types of Cards ( 許家碩 ) - PowerPoint PPT Presentation
Citation preview
Smart Card李開振 seinlin.cs95g@nctu.edu.tw 許家碩 kyo-haha@yahoo.com.tw
Department of Computer ScienceNational Chiao Tung University
Outline 1/2 Introductions ( 許家碩 )
History, Application area, Standardization Types of Cards ( 許家碩 )
Embossed cards, magnetic-stripe cards, Smart Card, Optical Memory Card Physical and Electrical properties ( 許家碩 ) Smart Card Operation System ( 李開振 , 許家碩 )
Design, files management, sequential control, Open platform Smart Card Data Transmission ( 李開振 , 許家碩 )
Data transmission Protocols, message structure (APDU)
Outline 2/2 Smart Card Commands ( 李開振 ) Security Techniques ( 李開振 ) The Smart Card Life Cycle ( 李開振 )
The five phases of the Smart Card life Cycle Smart Card in Payment Systems ( 李開振 )
Payment transactions, Prepaid Memory Card, Electronic Purses Smart Card in Telecommunications ( 李開振 )
GSM, UMTS, Wireless Identification Module, Public Card Phones
Introductions
Introductions - History 1950s - The proliferation of plastic
cards started in the USA 1970s - It possible to integrate data
storage and processing logic on a single silicon chip
1974 - Roland Moreno registered his smart card patents in France
1984 - The French PTT (postal and telecommunications services agency) successfully carried out a field trial with telephone cards
Application area Memory Card
Application area Microprocessor cards
Application area Contactless cards
Standardization ISO TC68/SC6 ISO/IEC JTC1/SC17 ISO/IEC 7816 GSM 11.11
European Telecommunications Standards Institute (ETSI)
Types of Cards
Types of Cards Embossed Card Magnetic-stripe cards Smart Card
Types of Cards - Embossed Card
Type of Cards - Magnetic-stripe cards
Type of Cards - Smart Card
Smart Card Microcontrollers processor address and data buses three types of memory
(RAM, ROM and EEPROM) Input/Output
Smart Card - Memory
Smart Card - Microprocessor
Smart Card - Contactless smart card
Types of card - Optical Memory Card ISO/IEC 11 693 and 11 694
Physical and Electrical properties
Physical properties Physical properties - ID1:
external rectangle: width: 85.72 mm, height: 54.03 mm
internal rectangle: width: 85.46 mm, height: 53.92 mm
Physical properties ID000:
external rectangle: width: 25.10 mm, height: 15.10 mm
internal rectangle: width: 24.90 mm, height: 14.90 mm
Physical properties ID00:
external rectangle: width: 66.10 mm, height: 33.10 mm
internal rectangle: width: 65.90 mm, height: 32.90 mm
Smart Card Operation System
Smart Card Operation System The primary tasks of a smart card
operating system Transferring data to and from the smart
card Controlling the execution of commands Managing files Managing and executing cryptographic
algorithms Managing and executing program code.
Smart Card OS - I/O I/O manager
Protocol state machine
Send block
Send byte
Send bit Receive bit
Receive byte
Receive block
HardwareData flow
Smart Card OS – Commands processing
Smart Card OS - Filesystem Master File (MF)
The root directory of the filesystem Dedicated File (DF)
directory files Elementary File (EF)
hold the actual user data
Smart Card OS - FilesystemMF
EF
EF
DF
DF
DF
EF
EF
......
... ...
Filesystem - EF file structure Transparent file structure
Transparent file structure is often referred to as a binary structure.
Byte number0 1 2 3 4 5 …………………………. n
Offset Data
Filesystem - EF file structure Linear Fixed file structure
data structure is based on chaining fixed-length records Byte number
0 1 2 3 4 5 nRecordNumber
1234
m
Filesystem - EF file structure Linear variable file structure
each record can have an individually defined length Byte number
0 1 2 3 4 5 nRecordNumber
1234
m
Smart Card Data Transmission
Smart Card Data Transmission Answer to Reset (ATR)
Data transmission Structure of a character for data transmission
31 2 4 5 6 7 8
Start bit Parity bit
high
lowt
Data transmission conventions
31 2 4 5 6 7 8
Logic 1
Logic 1
31 2 4 5 6 7 8
Logic 0
Logic 1
high
high
low
low
(a)
(b)
t
t
(a) direct convention, (b) inverse convention
Data transmission Protocols
Protocol MeaningT=0 Asynchronous, half-duplex, byte oriented [ISO-7816-3]T=1 Asynchronous, half-duplex, block oriented [ISO-7816-3]T=2 Asynchronous, full-duplex, block oriented [ISO-10536]T=3 Full duplex; not yet specifiedT=4 Asynchronous, half-duplex, byte oriented, extension of T=0,
not yet specifiedT=5…
T=13Reserved for future use, not yet specified
T=14 For national use, not standardized by ISOT=15 Reserved for future use, not yet specified
Message structure (APDU) Structure of the command APDU
Message structure (APDU) Structure of the response APDU
Class Application
0X Standard commands compliant with ISO/IEC 7816-4/7/8
80 Electronic purses compliant with EN 1546-3
8X Application-specific and company-specific commands (private use)
8X Credit cards with chips, compliant with EMV
A0 GSM mobile telecommunication system compliant with GSM 11.11
Smart Card Commands
Smart Card Commands
Case Command data Expected response data
1 No data No data
2 No data Data
3 Data No data
4 Data Data
Smart Card Commands File selection Command Read and Write Command Search Command File Manipulation Commands Identification Commands Authentication Commands File management Commands
Security Techniques
Security Techniques User Identification
Symmetric unilateral Authentication Asymmetric unilateral Authentication Symmetric mutual Authentication
Smart Security Attacks at the social level Attacks at the physical level Attacks at the logical level
User Identification 1/3
User Identification 2/3
User Identification 3/3
Attacks on smart cards 1/2 Attacks at the social level
attacks that are primarily directed against people that work with smart cards
can only partially be countered by technical measures
Attacks at the physical level it is necessary to obtain physical access to
the smart card microcontroller hardware can be static or dynamic
Attacks on smart cards 2/2 Attacks at the logical level
most known successful attacks on smart cards
arise from pure mental reflection or computation
classical cryptanalysis , known faults in smart card operating systems and Trojan horses in the smart card application.
Power Analysis Attacks Simple Power Analysis (SPA) is power
analysis based on single power generated by an algorithm run on a smart card.
Differential Power Analysis (DPA) is a technique where power traces are combined in a statistical manner to obtain information about the algorithm running on the smart card.
Square and Multiply algorithms
DPA trace with power reference
Detached power apply
The Smart Card Life Cycle
The Smart Card Life Cycle 1/3 Phase 1: Production of the chip and
the smart card Designing the chip Generating the smart card operating
system Fabricating the chips and modules Producing the card body Embedding the module in the card body
The Smart Card Life Cycle 2/3 Phase 2: Card preparation
Completing the smart operating system Phase 3: Application preparation
Initializing the applications(s) Personalizing the applications(s), both visually and electrically
The Smart Card Life Cycle 3/3 Phase 4: Card usage
Activating the applications Deactivating the applications
Phase 5: Termination of card usage Deactivating the applications Deactivating the card
Smart Card in Telecommunications
The GSM System The subscriber identity module (SIM) Security
Subscriber identification SIM authentication Data encryption
The GSM System Data storage
Dialing numbers Short messages Mobile telephone settings Subscriber information SIM characterization
Managing services and supplementary applications
Subscriber administration
SIM in the GSM System
File system in SIM 1/2
File system in SIM 2/2
The UMTS System Third generation of mobile telecommunications system - Universal Mobile Telecommunication System (UMTS) Universal Subscriber Identity Module (USIM) UMTS security builds on the security of GSM UMTS uses mutual authentication
Important Standards for USIMStandard Title
TS 21.111 USIM and IC card requirements
TS 31.102 Characteristics of the USIM Application
TS 31.110 Numbering system for the telecommunication IC card application
TS 31.111 USIM Application Toolkit (USAT)
TS 31.121 USIM Application Test Specification
TS 31.122 USIM Conformance Test Specification
TS 102.221 Physical and Logical Characteristics
TS 102.222 Administrative Commands
UMTS Authentication
Thank You!
Recommended