Smart Card

1
Smart Card

• ??? seinlin.cs95g_at_nctu.edu.tw
• ??? kyo-haha_at_yahoo.com.tw
• Department of Computer Science
• National Chiao Tung University

2
Outline 1/2

• Introductions (???)
• History, Application area, Standardization
• Types of Cards (???)
• Embossed cards, magnetic-stripe cards, Smart
  Card, Optical Memory Card
• Physical and Electrical properties (???)
• Smart Card Operation System (???, ???)
• Design, files management, sequential control,
  Open platform
• Smart Card Data Transmission (???, ???)
• Data transmission Protocols, message structure
  (APDU)

3
Outline 2/2

• Smart Card Commands (???)
• Security Techniques (???)
• The Smart Card Life Cycle (???)
• The five phases of the Smart Card life Cycle
• Smart Card in Payment Systems (???)
• Payment transactions, Prepaid Memory Card,
  Electronic Purses
• Smart Card in Telecommunications (???)
• GSM, UMTS, Wireless Identification Module, Public
  Card Phones

4
Introductions
5
Introductions - History

• 1950s - The proliferation of plastic cards
  started in the USA
• 1970s - It possible to integrate data storage and
  processing logic on a single silicon chip
• 1974 - Roland Moreno registered his smart card
  patents in France
• 1984 - The French PTT (postal and
  telecommunications services agency) successfully
  carried out a field trial with telephone cards

6
Application area

• Memory Card

7
Application area

• Microprocessor cards

8
Application area

• Contactless cards

9
Standardization

• ISO TC68/SC6
• ISO/IEC JTC1/SC17
• ISO/IEC 7816
• GSM 11.11
• European Telecommunications Standards Institute
  (ETSI)

10
Types of Cards
11
Types of Cards

• Embossed Card
• Magnetic-stripe cards
• Smart Card

12
Types of Cards - Embossed Card
13
Type of Cards - Magnetic-stripe cards
14
Type of Cards - Smart Card
15

• Smart Card Microcontrollers
• processor
• address and data buses
• three types of memory (RAM, ROM and EEPROM)
• Input/Output

16
Smart Card - Memory
17
Smart Card - Microprocessor
18
Smart Card - Contactless smart card
19
Types of card - Optical Memory Card

• ISO/IEC 11 693 and 11 694

20
Physical and Electrical properties
21
Physical properties

• Physical properties - ID1
• external rectangle width 85.72 mm,
  height 54.03 mm
• internal rectangle width 85.46 mm,
  height 53.92 mm

22
Physical properties

• ID000
• external rectangle width 25.10 mm,
  height 15.10 mm
• internal rectangle width 24.90 mm,
  height 14.90 mm

23
Physical properties

• ID00
• external rectangle width 66.10 mm,
  height 33.10 mm
• internal rectangle width 65.90 mm,
  height 32.90 mm

24
Smart Card Operation System
25
Smart Card Operation System

• The primary tasks of a smart card operating
  system
• Transferring data to and from the smart card
• Controlling the execution of commands
• Managing files
• Managing and executing cryptographic algorithms
• Managing and executing program code.

26
Smart Card OS - I/O

• I/O manager

27
Smart Card OS Commands processing
28
Smart Card OS - Filesystem

• Master File (MF)
• The root directory of the filesystem
• Dedicated File (DF)
• directory files
• Elementary File (EF)
• hold the actual user data

29
Smart Card OS - Filesystem
30
Filesystem - EF file structure

• Transparent file structure
• Transparent file structure is often referred to
  as a binary structure.

31
Filesystem - EF file structure

• Linear Fixed file structure
• data structure is based on chaining fixed-length
  records

32
Filesystem - EF file structure

• Linear variable file structure
• each record can have an individually defined
  length

33
Smart Card Data Transmission
34
Smart Card Data Transmission

• Answer to Reset (ATR)

35
Data transmission

• Structure of a character for data transmission

36
Data transmission conventions

• (a) direct convention, (b) inverse convention

37
Data transmission Protocols
Protocol Meaning
T0 Asynchronous, half-duplex, byte oriented ISO-7816-3
T1 Asynchronous, half-duplex, block oriented ISO-7816-3
T2 Asynchronous, full-duplex, block oriented ISO-10536
T3 Full duplex not yet specified
T4 Asynchronous, half-duplex, byte oriented, extension of T0, not yet specified
T5T13 Reserved for future use, not yet specified
T14 For national use, not standardized by ISO
T15 Reserved for future use, not yet specified
38
Message structure (APDU)

• Structure of the command APDU

39
Message structure (APDU)

• Structure of the response APDU

40
Class Application
0X Standard commands compliant with ISO/IEC 7816-4/7/8
80 Electronic purses compliant with EN 1546-3
8X Application-specific and company-specific commands (private use)
8X Credit cards with chips, compliant with EMV
A0 GSM mobile telecommunication system compliant with GSM 11.11
41
Smart Card Commands
42
Smart Card Commands
Case Command data Expected response data
1 No data No data
2 No data Data
3 Data No data
4 Data Data
43
Smart Card Commands

• File selection Command
• Read and Write Command
• Search Command
• File Manipulation Commands
• Identification Commands
• Authentication Commands
• File management Commands

44
Security Techniques
45
Security Techniques

• User Identification
• Symmetric unilateral Authentication
• Asymmetric unilateral Authentication
• Symmetric mutual Authentication
• Smart Security
• Attacks at the social level
• Attacks at the physical level
• Attacks at the logical level

46
User Identification 1/3
47
User Identification 2/3
48
User Identification 3/3
49
Attacks on smart cards 1/2

• Attacks at the social level
• attacks that are primarily directed against
  people that work with smart cards
• can only partially be countered by technical
  measures
• Attacks at the physical level
• it is necessary to obtain physical access to the
  smart card microcontroller hardware
• can be static or dynamic

50
Attacks on smart cards 2/2

• Attacks at the logical level
• most known successful attacks on smart cards
• arise from pure mental reflection or computation
• classical cryptanalysis , known faults in smart
  card operating systems and Trojan horses in the
  smart card application.

51
Power Analysis Attacks

• Simple Power Analysis (SPA) is power analysis
  based on single power generated by an algorithm
  run on a smart card.
• Differential Power Analysis (DPA) is a technique
  where power traces are combined in a statistical
  manner to obtain information about the algorithm
  running on the smart card.

52
Square and Multiply algorithms
53
DPA trace with power reference
54
Detached power apply
55
The Smart Card Life Cycle
56
The Smart Card Life Cycle 1/3

• Phase 1 Production of the chip and the smart
  card
• Designing the chip
• Generating the smart card operating system
• Fabricating the chips and modules
• Producing the card body
• Embedding the module in the card body

57
The Smart Card Life Cycle 2/3

• Phase 2 Card preparation
• Completing the smart operating system
• Phase 3 Application preparation
• Initializing the applications(s)
• Personalizing the applications(s), both visually
  and electrically

58
The Smart Card Life Cycle 3/3

• Phase 4 Card usage
• Activating the applications
• Deactivating the applications
• Phase 5 Termination of card usage
• Deactivating the applications
• Deactivating the card

59
Smart Card in Telecommunications
60
The GSM System

• The subscriber identity module (SIM)
• Security
• Subscriber identification
• SIM authentication
• Data encryption

61
The GSM System

• Data storage
• Dialing numbers
• Short messages
• Mobile telephone settings
• Subscriber information
• SIM characterization
• Managing services and supplementary applications
• Subscriber administration

62
SIM in the GSM System
63
File system in SIM 1/2
64
File system in SIM 2/2
65
The UMTS System

• Third generation of mobile telecommunications
  system - Universal Mobile Telecommunication
  System (UMTS)
• Universal Subscriber Identity Module (USIM)
• UMTS security builds on the security of GSM
• UMTS uses mutual authentication

66
Important Standards for USIM
Standard Title
TS 21.111 USIM and IC card requirements
TS 31.102 Characteristics of the USIM Application
TS 31.110 Numbering system for the telecommunication IC card application
TS 31.111 USIM Application Toolkit (USAT)
TS 31.121 USIM Application Test Specification
TS 31.122 USIM Conformance Test Specification
TS 102.221 Physical and Logical Characteristics
TS 102.222 Administrative Commands
67
UMTS Authentication
68
Thank You!