Title: Smart Card
1Smart Card
- ??? seinlin.cs95g_at_nctu.edu.tw
- ??? kyo-haha_at_yahoo.com.tw
- Department of Computer Science
- National Chiao Tung University
2Outline 1/2
- Introductions (???)
- History, Application area, Standardization
- Types of Cards (???)
- Embossed cards, magnetic-stripe cards, Smart
Card, Optical Memory Card - Physical and Electrical properties (???)
- Smart Card Operation System (???, ???)
- Design, files management, sequential control,
Open platform - Smart Card Data Transmission (???, ???)
- Data transmission Protocols, message structure
(APDU)
3Outline 2/2
- Smart Card Commands (???)
- Security Techniques (???)
- The Smart Card Life Cycle (???)
- The five phases of the Smart Card life Cycle
- Smart Card in Payment Systems (???)
- Payment transactions, Prepaid Memory Card,
Electronic Purses - Smart Card in Telecommunications (???)
- GSM, UMTS, Wireless Identification Module, Public
Card Phones
4Introductions
5Introductions - History
- 1950s - The proliferation of plastic cards
started in the USA - 1970s - It possible to integrate data storage and
processing logic on a single silicon chip - 1974 - Roland Moreno registered his smart card
patents in France - 1984 - The French PTT (postal and
telecommunications services agency) successfully
carried out a field trial with telephone cards
6Application area
7Application area
8Application area
9Standardization
- ISO TC68/SC6
- ISO/IEC JTC1/SC17
- ISO/IEC 7816
- GSM 11.11
- European Telecommunications Standards Institute
(ETSI)
10Types of Cards
11Types of Cards
- Embossed Card
- Magnetic-stripe cards
- Smart Card
12Types of Cards - Embossed Card
13Type of Cards - Magnetic-stripe cards
14Type of Cards - Smart Card
15- Smart Card Microcontrollers
- processor
- address and data buses
- three types of memory (RAM, ROM and EEPROM)
- Input/Output
16Smart Card - Memory
17Smart Card - Microprocessor
18Smart Card - Contactless smart card
19Types of card - Optical Memory Card
- ISO/IEC 11 693 and 11 694
20Physical and Electrical properties
21Physical properties
- Physical properties - ID1
- external rectangle width 85.72 mm,
height 54.03 mm - internal rectangle width 85.46 mm,
height 53.92 mm
22Physical properties
- ID000
- external rectangle width 25.10 mm,
height 15.10 mm - internal rectangle width 24.90 mm,
height 14.90 mm
23Physical properties
- ID00
- external rectangle width 66.10 mm,
height 33.10 mm - internal rectangle width 65.90 mm,
height 32.90 mm
24Smart Card Operation System
25Smart Card Operation System
- The primary tasks of a smart card operating
system - Transferring data to and from the smart card
- Controlling the execution of commands
- Managing files
- Managing and executing cryptographic algorithms
- Managing and executing program code.
26Smart Card OS - I/O
27Smart Card OS Commands processing
28Smart Card OS - Filesystem
- Master File (MF)
- The root directory of the filesystem
- Dedicated File (DF)
- directory files
- Elementary File (EF)
- hold the actual user data
29Smart Card OS - Filesystem
30Filesystem - EF file structure
- Transparent file structure
- Transparent file structure is often referred to
as a binary structure.
31Filesystem - EF file structure
- Linear Fixed file structure
- data structure is based on chaining fixed-length
records
32Filesystem - EF file structure
- Linear variable file structure
- each record can have an individually defined
length
33Smart Card Data Transmission
34Smart Card Data Transmission
35Data transmission
- Structure of a character for data transmission
36Data transmission conventions
- (a) direct convention, (b) inverse convention
37Data transmission Protocols
Protocol Meaning
T0 Asynchronous, half-duplex, byte oriented ISO-7816-3
T1 Asynchronous, half-duplex, block oriented ISO-7816-3
T2 Asynchronous, full-duplex, block oriented ISO-10536
T3 Full duplex not yet specified
T4 Asynchronous, half-duplex, byte oriented, extension of T0, not yet specified
T5T13 Reserved for future use, not yet specified
T14 For national use, not standardized by ISO
T15 Reserved for future use, not yet specified
38Message structure (APDU)
- Structure of the command APDU
39Message structure (APDU)
- Structure of the response APDU
40Class Application
0X Standard commands compliant with ISO/IEC 7816-4/7/8
80 Electronic purses compliant with EN 1546-3
8X Application-specific and company-specific commands (private use)
8X Credit cards with chips, compliant with EMV
A0 GSM mobile telecommunication system compliant with GSM 11.11
41Smart Card Commands
42Smart Card Commands
Case Command data Expected response data
1 No data No data
2 No data Data
3 Data No data
4 Data Data
43Smart Card Commands
- File selection Command
- Read and Write Command
- Search Command
- File Manipulation Commands
- Identification Commands
- Authentication Commands
- File management Commands
44Security Techniques
45Security Techniques
- User Identification
- Symmetric unilateral Authentication
- Asymmetric unilateral Authentication
- Symmetric mutual Authentication
- Smart Security
- Attacks at the social level
- Attacks at the physical level
- Attacks at the logical level
46User Identification 1/3
47User Identification 2/3
48User Identification 3/3
49Attacks on smart cards 1/2
- Attacks at the social level
- attacks that are primarily directed against
people that work with smart cards - can only partially be countered by technical
measures - Attacks at the physical level
- it is necessary to obtain physical access to the
smart card microcontroller hardware - can be static or dynamic
50Attacks on smart cards 2/2
- Attacks at the logical level
- most known successful attacks on smart cards
- arise from pure mental reflection or computation
- classical cryptanalysis , known faults in smart
card operating systems and Trojan horses in the
smart card application.
51Power Analysis Attacks
- Simple Power Analysis (SPA) is power analysis
based on single power generated by an algorithm
run on a smart card. - Differential Power Analysis (DPA) is a technique
where power traces are combined in a statistical
manner to obtain information about the algorithm
running on the smart card.
52Square and Multiply algorithms
53DPA trace with power reference
54Detached power apply
55The Smart Card Life Cycle
56The Smart Card Life Cycle 1/3
- Phase 1 Production of the chip and the smart
card - Designing the chip
- Generating the smart card operating system
- Fabricating the chips and modules
- Producing the card body
- Embedding the module in the card body
57The Smart Card Life Cycle 2/3
- Phase 2 Card preparation
- Completing the smart operating system
- Phase 3 Application preparation
- Initializing the applications(s)
- Personalizing the applications(s), both visually
and electrically
58The Smart Card Life Cycle 3/3
- Phase 4 Card usage
- Activating the applications
- Deactivating the applications
- Phase 5 Termination of card usage
- Deactivating the applications
- Deactivating the card
59Smart Card in Telecommunications
60The GSM System
- The subscriber identity module (SIM)
- Security
- Subscriber identification
- SIM authentication
- Data encryption
61The GSM System
- Data storage
- Dialing numbers
- Short messages
- Mobile telephone settings
- Subscriber information
- SIM characterization
- Managing services and supplementary applications
- Subscriber administration
62SIM in the GSM System
63File system in SIM 1/2
64File system in SIM 2/2
65The UMTS System
- Third generation of mobile telecommunications
system - Universal Mobile Telecommunication
System (UMTS) - Universal Subscriber Identity Module (USIM)
- UMTS security builds on the security of GSM
- UMTS uses mutual authentication
66Important Standards for USIM
Standard Title
TS 21.111 USIM and IC card requirements
TS 31.102 Characteristics of the USIM Application
TS 31.110 Numbering system for the telecommunication IC card application
TS 31.111 USIM Application Toolkit (USAT)
TS 31.121 USIM Application Test Specification
TS 31.122 USIM Conformance Test Specification
TS 102.221 Physical and Logical Characteristics
TS 102.222 Administrative Commands
67UMTS Authentication
68Thank You!