Introduction To SC

Introduction to Smart Cards
JEAN-LUC Giraud MacCrypto01
Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?
29/01/2001 Bull Patents
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto
What is a Smart Card?
A Closer Look (1)
A Closer Look (2)
Outline
Manufacturing: Cutting
Manufacturing: Gluing
Manufacturing: Bonding
Manufacturing: Encapsulation
10
Manufacturing: Finished Modules
11
Manufacturing: Module on Body
Electrical Initialisation
29/01/2001 Bull Patents 12
Manufacturing: Personalisation
Electrical and Physical Personalisation

Outline
14
Card Families
Memory
Microprocessor
Memory Cards
I Bitmap, synchronous access
N R/W
10110101 00111011 10110111 1
N R/Erase only
00000000 00000000 00001111 0
16
Enhanced Memory Cards

I Onboard hardwired crypto engine
N Card Authentication N MAC on balance
17
Memory Card Application

I Loyalty I Payphones
18
Smarter Smart Cards

I I I I Microprocessor based Onboard Memory (RAM, ROM and EEPROM/Flash) Programmable Onboard processing
I Security features
N Crypto coprocessor (PK, DES,) N Physical sensors (V, freq,) N Physical protections (shielding,)
19
Chip Structure (0.25mm2)
RAM
FLASH / EEPROM CPU ROM
20
Smart Card Module

Data Bus
Microprocessor Vcc Reset Clock Ground Vpp I/O CPU EEPROM / ROM FLASH RAM
Address Bus
Microcontact
Microchip
Micromodule
Communications
I One communication channel: serial line I Layered transmission protocol
N Application: Application Protocol Data Unit N Transport: T=0, T=1, T=14
22
The Application Protocol Data Unit

I An APDU contains: N a command message, N a response message.
IFD
command APDU ICC response APDU
23
ADPU Syntax
I APDU Command
CLA INS P1 P2 Lc Data Le
Class
Parameters
Command Data Response Length
Instruction
Data Length
I APDU Response
Data SW
Response Data
Status Word
Example
READ BINARY (P1,P2,Le) Data, SW
CLA A0
INS B0
P1 xx
P2 xx
Lc 0
Data Le Le
P1, P2 : specify the data to be retrieved Le : length of data to retrieve
25
Required Infrastructure
I Personalisation Center I Issuing Center I Reader I Middleware (CDSA) I Back-end System
http://www.gemplus.com/usb
Middleware (Windows platform)
Software
PKCS #11
Token X Token Y Token Z CSP A
CAPI
CSP B CSP C
PC/SC
Hardware
PCI IBM card
RS232 Reader
USB GemSAFE
PCMCIA
27
Outline
28
Mask your Own Code

I Pros:
N Small code footprint N Complete control
I Cons:
N N N N Development in C and target assembly language Use emulators Mask lead time (~2 month) Bug fixes
29
Use Proprietary Cards

I What you (usually) get:
N File System N Fixed set of APDU Commands Read/Write files Cryptographic computations
I Pros:
N Off the shelf products N Cheaper
I Cons:
N Not extensible N Bug fixes
30
Use Open Cards

I Choice
N Java
N Microsoft
I Standard API
N Crypto N GSM (SMS, Pro active commands)
31
Applet Life Cycle

I I I I I Write code in Java Compile it Debug it (simulator) Verify and Convert it (specific byte code) Load it
N Personalisation center N Point of sale N Over the Internet
32
Outline
33
Why use a Smart Card?

Crypto Theoretical Practical
34
Advantages of a Smart Card

I Tamper resistance N Storage I Tamper resistance N Processing
[Blah Blah]
[@^#~r&]
I Portability I Ease of use I Onboard key generation
35
Main applications
I Public phone cards (pre-paid), I Cellular phone GSM cards, I Banking cards, I Health cards.
36
New applications
I Electronic purse, I Transport, I Security of information system, I Identity , I Loyalty , Loyalty I Games, I Physical access control.
37
Attacking Smart Cards

I Timing Attacks I Power Analysis
N Simple Power Analysis N Differential Power Analysis
I Invasive Attacks
N Probe Stations N Focused Ion Beam
38
Standards : ISO/IEC 7816 Integrated circuits cards with contacts

I ISO/IEC 7816-1 : Physical characteristics. I ISO/IEC 7816-2 : Dimension & location of contacts. I ISO/IEC 7816-3 : Electronic signals & transmission protocols. I ISO/IEC 7816-4 : Inter-industry commands. I ISO/IEC 7816-5 : Registration system for applications in IC card. I ISO/IEC 7816-6 : Inter-industry data elements. I ISO/IEC 7816-7 : Inter-industry commands for Structured Card Query Language (SCQL). I ISO/IEC 7816-8 : Security architecture and related inter-industry commands.
39
Resources
I On Card development: N Java card : http://www.javacard.org Java Card Technology for Smart Cards, Zhiqun Chen, Sun Java Series, ISBN: 0-201-70329-7 N Windows for SC : http://www.microsoft.com/smartcard/ N Gemplus Developer web site: http://www.gemplus.fr/developers/index.htm Developer conference: http://www.key3studios.com/gemplusworld/
June 20, 21, Paris.
I Middleware: N PCSC-Lite : http://www.linuxnet.com/ N OCF (java) : http://ww.opencard.org/ N CDSA : http://www.opengroup.org/security/l2-cdsa.htm N PKCS : http://www.rsasecurity.com/rsalabs/pkcs/index.html I Questions: N Jean-Luc.Giraud@gemplus.com
Conclusion
Smart Personal Portable Secure
41

Introduction To SC

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Introduction To SC

Hochgeladen von

Copyright:

Verfügbare Formate

Introduction to Smart Cards

JEAN-LUC Giraud MacCrypto01

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

What is a Smart Card?

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

A Closer Look (1)

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

A Closer Look (2)

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Finished Modules

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Module on Body

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Electrical and Physical Personalisation

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

10110101 00111011 10110111 1

00000000 00000000 00001111 0

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Enhanced Memory Cards

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Memory Card Application

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Smarter Smart Cards

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Chip Structure (0.25mm2)

FLASH / EEPROM CPU ROM

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Smart Card Module

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

The Application Protocol Data Unit

command APDU ICC response APDU

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Command Data Response Length

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

READ BINARY (P1,P2,Le) Data, SW

P1, P2 : specify the data to be retrieved Le : length of data to retrieve