Smart Card Chip Plastic card A very secure way of storing a small amount of sensitive data 1 Smart Card applications Retail Sale of goods using Electronic Purses, Credit / Debit Vending machines Loyalty programs Tags & smart labels Entertainment Pay-TV Public event access control Healthcare Insurance data Personal data Personal file Communication GSM Payphones Transportation Public Traffic Parking Road Regulation (ERP) Car Protection 2
Smart Card applications Educational facilities Physical access Network access Personal data (results) Copiers, vending machines, restaurants,... Office Physical access Network access Time registration Secure e-mail & Web applications E-commerce sale of information sale of products sale of tickets, reservations E-banking access to accounts to do transactions Shares Government Identification Passport Driving license 3 History - Smart Card Plastic cards :1950 Magnetic Stripe Card Very cheap to produce Can store dynamic data Easy to manipulate and copy (not always!) Integrated Circuit Card (ICC): 1974 Cheap to produce (Semiconductor technology) Can store dynamic data and can perform computation Can be hardened against unauthorized manipulation Standard credit card-sized with a microchip embedded on it Two types Memory-only chips Microprocessor chips 4
History - Smart Card 1968 - German inventors patent combination of plastic cards with micro chips. 1970 - Japan patent different version. 1974 - Roland Moreno invents integrated chip card and patents it in France. 1977 - Motorola produces first smart card microchip. 1979 - Motorola develops first single chip microcontroller for bank in France. 1982 - ATM cards with smart chips tested and smart chips placed on telephone cards. 1991 - AT&T declared its contactless smart card 5 History - Smart Card 1992 - Germany uses smart card for health care 1994 - Europay, Mastercard, and Visa (EMV) specifications for global microchip-based bank cards 1996 - First university campus deployment of chip cards. 1996 (November) - Schlumberger shows how Java can be used to simplify smartcard programming JavaCard 1.0 Standard 1997 - Sun releases JavaCard 2.0 1999 - Version 2.1 JavaCard with: The JavaCard 2.1 API Specification The JavaCard 2.1 Runtime Environment Specification The JavaCard 2.1 Virtual Machine Specification 6
History - Smart Card Moreno Patent French PTT Trial GSM SIM EMV JavaCard Specification 1974 1984 1990 1994 1996 Milestones 7 Smart Card characteristics Connection (Contact vs. contactless): Contact cards Contact smart card are inserted in a smart card reader making physical contact with the reader Contactless smart cards Smart cards that employ a radio frequency (RFID) between card and reader without physical insertion of the card Hybrid-card Combines the two features With two independent chips The two chips are not connected Combi-card Combines the two features But has a single chip Can access the chip via the contact or contactless interface combines the two features in a single chip 10
Smart Card characteristics Processor: Small processors 8 or 16 bits @ up to 16 MHz (currently up to 32 bits) Very small memory 8k, 16k, 32k, 64k, 128kB of ROM Between 1 and 64 kbit of EEPROM Between 256 bytes and 4kB of RAM Chip Operating System (COS) Usually occupies less than 16 KB» Eg: MultOS; JavaCard; Cyberflex; StarCOS; Handles: File Handling and Manipulation Memory Management Data Transmission Protocols 11 Smart Card characteristics Hardware Closed package (usually tamper-proof) Memory encapsulation Fuses Security logic (sensors) Cryptographic coprocessors and random generator Software Decoupling applications and operating system Application separation (Java card) Restricted file access Life cycle control Various cryptographic algorithms and protocols 12
Smart card Life-cycle Production ROM : programming of code and constants Initialization EEPROM (Electrical Erasable Programmable ROM) : programming Personalization EEPROM : programming of user/application specific data Use Decommission Invalidate data or make card not usable. 13 Basic Smart Card features EEPROM: 1KB to 128KB RAM: 256 bytes to 4KB Cryptography algorithms: 3DES, AES, RSA, Elliptic curve, SHA-1, SHA-256,. Random number generator: pseudo RNG or hardware RNG Communication with the exterior: T=0, T=1, and contactless smart card protocols Chip Operating System (COS): Directory-based file system Single-application and multi-application support Simplified security based OS Power consumption: EMV allows up to 50mW Telecom devices up to 6 mw 14
Standardization ISO 7816 Sizes of cards ID-1 = 85.60 53.98 mm Credit card size - ID-000 = 25 x 15 mm SIM card Size 0,76 mm 54 mm 85 mm Speciation of physical requirements (temperature, humidity,...) 15 Standardization Contact Layout sizes and location (ID-1) 1.7mm 19.23 2mm 10.25mm Vcc Reset Clock RS1 Gnd Vpp I/O RS2 16
Standardization Communication command format Protocol: APDU Application Protocol Data Unit Communication between card-reader (CAD) and Smartcard Command messages APDU for Commands APDU for Response Compulsory cla ins P1 P2 Lc data le data sw1 sw2 Optional 17 Standardization ISO/OSI layers: layer specification OSI layer 7: transfer of application data Application Layer ISO/IEC 7816-4 EMV GSM 11.11: SIM OSI layer 2: transfer of data frames Link Layer ISO/IEC 7816-3: T=0 / T=1 ISO/IEC 10536-4: T=2 OSI layer 1: transfer of characters Physical Layer ISO/IEC 7816-3 18
Smart Card Acceptance Devices ISO 7816-4 standard Terminals Have memory, logic, power Eg: ATMs, gas pumps Readers Connect to a computer Eg:USB, serial, parallel port 19 Communication Protocol Typical transfer rates: - Contact cards @9600 bps - Contactless cards @7800 bps 20
Inside the smart card Simple Processor Co-processors (optional) No internal power source Memory ROM Read only from the birth of the card» JCRE, applications, native code EEPROM Persistent memory, >10 years RAM Transient Memory, expensive, fast 21 Inside the smart card CPU Central Processing Unit: heart of the chip 22
Inside a smart card CPU security logic security logic: detecting abnormal conditions, e.g. low voltage 23 Inside a smart card CPU security logic serial I/O interface: contact to the outside world serial I/O interface 24
Inside the smart card CPU security logic serial i/o interface test logic test logic: self-test procedures 25 Inside the smart card CPU security logic serial i/o interface test logic ROM ROM: card operating system self-test procedures typically 16 kbytes up to 128 kbytes 26
Inside the smart card CPU security logic serial i/o interface test logic ROM RAM RAM: scratch pad of the processor typically 512 bytes up to 4 kbyte 27 Inside the smart card CPU security logic serial i/o interface test logic ROM RAM EEPROM EEPROM: cryptographic keys PIN code biometric template balance application code typically 8 kbytes 28
Inside the smart card CPU security logic serial i/o interface databus test logic ROM RAM EEPROM databus: connection between elements of the chip 8 or 16 bits wide Up to 32 bits 29 Inside the smart card Secure data COS 30
Inside the smart card Numerical Processing Unit VCC Reset/Ctrl Clock Ground IO NPU CPU IO M P U RAM EEPROM ROM Memory Protection Unit 31 Inside the smart card Infineon SLE66 32
Communication protocols Communication protocols: T=0 protocol Byte-oriented Speed Rate: 115 kbps T=1 protocol Block-oriented Great Layer separation Speed Rate: 115 kbps (Electrical) byte transmission 33 APDU Commands ISO 7816: Standard describing the protocol for communication between smartcard and terminal Messages are called APDUs (Application Protocol Data Units), which are sequences of bytes in a certain format Terminal sends command APDU to card, card sends a response APDU back APDU for Commands APDU for Response Compulsory cla ins P1 P2 Lc data le data sw1 sw2 Optional 34
APDU - Application Protocol Data Unit APDU Direction - 2 flavors Request Response Extra Data 2 flavors Some APDUs have only a command Some APDUs have command + a data buffer Request Response Without data buffer select With data buffer writebinary APDU Commands Without data buffer verifypin With data buffer getchallenge 35 APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF Minimum of 6 bytes, maximum of? APDU for Commands APDU for Response Compulsory cla ins P1 P2 Lc data le data sw1 sw2 Optional 36
APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF CLA (Class of instruction) - indicates the type of command. 37 APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF INS (Instruction code) - is the Instruction code being applied to the applet. Examples: 60? Select File 20? Pin Verify 84? Get Challenge 38
CLA INS P1 P2 APDU Commands Lc L Le 00 60 0B 0C 00 ((v)) FF P1and P2 (Instruction parameters) - are parameters sent to the card. Can be used as two 1 byte parameters or one 2 byte parameter. Not used with all commands simply send 00 00 Example: shows which file to choose, in this case 0B0C 39 APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF Lc is the optional data buffer length if additional info is needed to be sent with this command. 40
APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF L is the optional data buffer if additional info is needed to be sent with this command. If Lc is zero, there is no input data buffer. 41 APDU Commands CLA INS P1 P2 Lc L Le 00 60 0B 0C 00 ((v)) FF Le is the expected length of the return data buffer in the response APDU. Card may need to handle this (throw exception or otherwise) if not enough space is requested. 42
APDU Commands ((d)) SW1 SW2 ((v)) 90 00 The first field is the variable length data buffer being returned. How does the client know how long it is? 43 APDU Commands ((d)) SW1 SW2 ((v)) 90 00 The next two bytes indicate a status word indicating a success/error code. 44
APDU Commands SW1, SW2 Response Codes 45 Example Get Challenge Command CLA 80 INS 84 P1 00 P2 00 Lc 00 Le 08 0x80 0x84 - getchallenge Not used Not used Not used 0x08 8 bytes expected in return buffer 80 84 00 00 00 08 46
Examples Get Challenge Response Returned bytes: 00112233445566779000 Data 0011223344556677 SW1 90 SW2 00 Hex data being returned Status Word1 90 Status Word2 00 Status = 9000 : success, normal completion 47 CLA 80 Examples PIN Verify Command INS 20 P1 00 P2 00 Lc 03 L 010203 Le 00 80 20 00 00 03 010203 00 48
Examples PIN Verify Response Data (nothing) SW1 90 SW2 00 Some possible Status Words: 9000 normal termination, acceptance, success 67LL wrong length data buffer to return (Le) 6581 memory failure 6985 conditions not satisfied 49 Chip Operating System Chip Operating System (COS): sometimes referred to as the Mask is a sequence of instructions, permanently embedded in the ROM of the smart card Chip Operating Systems are divided into two families: General purpose COS which features a generic command set to cover most applications» Java card Dedicated COS with commands designed for specific applications can even contain the application itself.» An example of a dedicated COS would be a card designed to specifically support an electronic purse application. 50
Chip Operating System The baseline functions of the COS, include: Communication: between the card and the outside world, primarily in terms of the interchange protocol Data Management: of the files and data held in memory Access control: to information and functions e.g: select file, read, write, and update data Card security: management cryptographic algorithm procedures Maintaining reliability: particularly in terms of data consistency, sequence interrupts, and recovering from an error Smart Card's life cycle: management of various phases microchip fabrication, personalization, active life, and end of life 51 COS - File System Organization Predefined file structures: Binary files, Secret Key files, Accessed by a set of dedicated commands: Read, Write, Update 52
COS - File System MF (Master File) = Root Directory Containing other directories No data can be stored Always present & only 1 exists DF (Dedicated Files) Can be Nested Typically no more than 2 to 3 levels (limited space in the SC!) DF for applications also exit application dedicated file (ADF) Not located below the MF, can be considered a type of MF EF (Elementary Files) Always in DF Types of EF: Working EF : All data that are intended for the external world. Not used by the OS Internal EF : The OS files, store data for the operating system itself Application EF : Files containing user data for a particular application 53 COS - File Names 54
COS - File structures EF file structures: Transparent: Very small amounts of data or, Data having no internal structure (e.g. JPEG file) Linear: Equal-length records (e.g. telephone directory) Linear Variable: Variable record-length (e.g. Addresses)» Optimizes the used file space Cyclic: Linear model + Recently Written Record log files, the oldest is overwritten by the new entry Other file structures: Execute, Database, Data object, Sequence control 55 COS - Access Rights There are five basic levels of access rights to a file (both DF and EF): Some OS provide further levels. Basic levels can be categorized, increasingly in security, as follows: Always (ALW): Access of the file can be performed without any restriction. Card holder verification 1 (CHV1): Access can only be possible when a valid CHV1 value is presented. Card holder verification 2 (CHV2): Access can only be possible when a valid CHV2 value is presented. Administrative (ADM): Allocation of these levels and the respective requirements for their fulfilment are the responsibility of the appropriate administrative authority. Never (NEV): Access to the file is forbidden. 56
Authentication with Smartcards Unlike passwords private keys cannot be remembered typically 1024 or more bits File based storage provides weak security and no mobility Smartcards provide secure, tamper-resistant storage with mobility However: less easily shared than passwords card cost, need for readers 57 Authentication with Smartcards Unlocked by a PIN 58
Authentication with Smartcards Combining Fingerprints and Smartcards for Authentication Replace PINs with fingerprint verification Store template on card Match provided fingerprint on card Reader extracts minutiae features Security and privacy advantages Match-on-card leverages smartcard as trusted computing platform Match-on-card requires no additional trusted entity Mimics PIN verification Template stored on card as opposed to accessible database 59 Authentication with Smartcards Multi-factor authentication - combination of: What you know e.g.: passwords, PINs What you have e.g.: OTP tokens, smartcards What you are (biometrics) e.g.: fingerprints, iris scans, face recognition Typically two-factor authentication is used e.g.: PIN + Card (e.g. ATMs) Password + One-time-password (OTP) token Fingerprint + Smartcard 60
Acknowledgments Jean Rodrigues @ STEVENS Institute of Technology Berk USTUNDAG @ Istanbul Technical University Marc Witteman @Riscure.com Dr. Hakim Fourar-Laidi @ Prince Sultan University Joshua Lawrence @ Florida State University Erik Poll @ University of Nijmegen 61