Smart Card Technology Capabilities

Similar documents

Measurement and Analysis Introduction of ISO7816 (Smart Card)

Java Card TM Open Platform for Smart Cards

Smart Cards a(s) Safety Critical Systems

Smart Card. Smart Card applications

Smart Card Application Development Using the Java Card Technology

What is a Smart Card?

Introducing etoken. What is etoken?

Smart Card Evolution

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

Smart Card HOWTO. Tolga KILIÇLI. Copyright 2001 by Tolga KILIÇLI

IRT84. Irt84. Datasheet. EMV L1 compliant terminal with ISO14443A/B. 1

Java Card. Smartcards. Demos. . p.1/30

CHAPTER 5 SMART CARD TECHNOLOGY

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Secure Dual Interface PKI Smart Card Controller

ACR880 GPRS Portable Smart Card Terminal

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Gemalto Mifare 1K Datasheet

Smart Cards and Biometrics in Physical Access Control Systems

How To Protect A Smart Card From Being Hacked

Entrust Smartcard & USB Authentication

M2M For industrial and automotive

Description of the Technical Component:

Classification of Smart Card Operating Systems

Index. 1-FLYPOS hardware/firmware Technology Overview 2-FLYPOS software architecture 3-Gateway/Acquirer Interface 4-Letters of Approval

Secure Network Communications FIPS Non Proprietary Security Policy

Athena Smartcard Inc. IDProtect Key with LASER PKI FIPS Cryptographic Module Security Policy. Document Version: 1.0 Date: April 25, 2012

SMART CARD CONTENT SECURITY

MDG. MULTOS Developer's Guide. MAO-DOC-TEC-005 v MAOSCO Limited. MULTOS is a registered trademark of MULTOS Limited.

Hardware Specifications of V2AF Series Hybrid Card Reader

Evaluating Elliptic Curve Cryptography for Use on Java Card

Biometric, Smart Card & POS - Interoperability & Standards

VASCO Data Security International, Inc. DIGIPASS GO-7. FIPS Non-Proprietary Cryptographic Module Security Policy

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Secure Hardware PV018 Masaryk University Faculty of Informatics

Side Channel Analysis and Embedded Systems Impact and Countermeasures

SOSSE. Matthias Brüstle Simple Operating System for Smartcard Education. Kommunikationsnetz Franken e.v.

Smart Cards and their Operating Systems

Training. MIFARE4Mobile. Public. MobileKnowledge April 2015

Lesson-3 CASE STUDY OF AN EMBEDDED SYSTEM FOR SMART CARD

Security & Chip Card ICs SLE 44R35S / Mifare

SLE66CX322P or SLE66CX642P / CardOS V4.2B FIPS with Application for Digital Signature

ACR120 Technical Specifications version 2.9 November 2005

A+ Guide to Managing and Maintaining Your PC, 7e. Chapter 1 Introducing Hardware

1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

SECURE USB FLASH DRIVE. Non-Proprietary Security Policy

A Guide to EMV. Version 1.0 May Copyright 2011 EMVCo, LLC. All rights reserved.

Smart Card Based User Authentication

Banking. Extending Value to Customers. KONA Banking product matrix. is leading the next generation of payment solutions.

Chapter 15 User Authentication

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base

How To Use A Smart Card For A Multi-User Communication

Chip Card & Security ICs Mifare NRG SLE 66R35

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

Quick Installation. A Series of Intelligent Bar Code Reader with NeuroFuzzy Decoding. Quick Installation

MF1 IC S General description. Functional specification. 1.1 Contactless Energy and Data Transfer. 1.2 Anticollision. Energy

Using AES 256 bit Encryption

PUF Physical Unclonable Functions

RVS Seminar Deployment and Performance Analysis of JavaCards in a Heterogenous Environment. Carolin Latze University of Berne

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

HIPAA Compliance and Smart Cards: Solutions to Privacy and Security Requirements

Moving to Multi-factor Authentication. Kevin Unthank

UPS PIco. to be used with. Raspberry Pi B+, A+, B, and A. HAT Compliant. Raspberry Pi is a trademark of the Raspberry Pi Foundation

Smart Card in Biometric Authentication

CRESCENDO SERIES Smart Cards. Smart Card Solutions

SmartMX2 family P60D080 and P60D144

NXP Secure Smart Card Controllers P5CC008, P5CC012 V1A/ V1A(s)

Mobile and Contactless Payment Security

Lesson 10:DESIGN PROCESS EXAMPLES Automatic Chocolate vending machine, smart card and digital camera

eid Security Frank Cornelis Architect eid fedict All rights reserved

White Paper. EMV Key Management Explained

Embedded Java & Secure Element for high security in IoT systems

GlobalPlatform. Card Specification. Version 2.2

Side-Channel Monitoring of Contactless Java Cards

Secure egovernment Where convenience meets security.

ST19NP18-TPM-I2C. Trusted Platform Module (TPM) with I²C Interface. Features

Payment and Identification Secure solutions

A Guide to EMV Version 1.0 May 2011

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

NXP Secure Smart Card Controllers P5CD016V1D / P5CD021V1D / P5CD041V1D / P5Cx081V1D with DESFire EV1

GENERAL SERVICES ADMINISTRATION FEDERAL SUPPLY SERVICE AUTHORIZED FEDERAL SUPPLY SCHEDULE PRICE LIST

A Secure and Open Solution for Seamless Transit Systems

advant advanced contactless smart card system

Secure My-d TM and Mifare TM RFID reader system by using a security access module Erich Englbrecht (info@eonline.de) V0.1draft

Security Target Lite STARCOS 3.4 Health HBA C1

JCAT. Java Card TM. An environment for attack and test on. Serge Chaumette, Iban Hatchondo, Damien Sauveron CCCT 03 & ISAS 03

CSC Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0. Accellion, Inc.

Extending EMV payment smart cards with biometric on-card verification

The Canadian Migration to EMV. Prepared By:

Enhancing the Contactless Cards UAT. Enabling faster and efficient transactions.

Contactless Technology for Secure Physical Access: Technology and Standards Choices

EMV: A to Z (Terms and Definitions)

Crescendo offers the lowest total cost of ownership (TCO) for a combined logical and physical access control solution.

Transcription:

Smart Card Technology Capabilities Won J. Jun Giesecke & Devrient (G&D) July 8, 2003 Smart Card Technology Capabilities 1

Table of Contents Smart Card Basics Current Technology Requirements and Standards Next Steps Smart Card Technology Capabilities 2

Smart Card Basics Definition Components Different Types Standards and Specifications Applications Smart Card Technology Capabilities 3

Definition What is a smart card? A plastic card with an embedded microprocessor chip. What is the essence of a smart card? Authentication Data storage Validation Self-lock mechanism Smart Card Technology Capabilities 4

The Dimensions Smart Card according to ISO/IEC 7810 and ISO/IEC 7816-2 19 mm Magnetic Stripe 29 mm 54 mm Embossing 10 mm 20 mm 85.6 mm 0.76 mm Smart Card Technology Capabilities 5

The Contacts Contacts of the Smart Card Module according ISO/IEC 7816-2 7,6 mm VCC Power Supply Voltage 7,6 mm VCC RST GND VPP RST Reset CLK Clock RFU Reserved for Future Use CLK I/O GND Ground (RFU) (RFU) > 1,7 mm VPP Programming Voltage I/O Input/Output > 2,0 mm Smart Card Technology Capabilities 6

The Module Cross-Section of a Smart Card Module Adhesive Area Bond Wire Globe Top Covering Epoxy Tape 0,6 mm CHIP 0,2 mm 12-14 mm Chip/Dye Contact Plate/ Metallization (Au/Ni/Cu) Smart Card Technology Capabilities 7

The Chip Features: 32 kbyte ROM 16 kbyte EEPROM 1.3 kbyte RAM Crypto Unit ACE Chip size: Area = 21.23 mm² x = 4.28 mm, y = 4.96 XRAM EEPROM ECO2000 ACE Peripherals ROM Smart Card Technology Capabilities 8

Different Types Contact Contactless Contact Hybrid Dual-Interface (Combi) Smart Card Technology Capabilities 9

Simple Memory Card No Security How Smart? Intelligent Memory Cards Access Control Conditions for defined areas Dedicated functionality (e.g., Telephone-Chip Card) Microprocessor Card Microcomputer / Microcontroller Super Smart Card Microcomputer, Keypad, Display, Battery, etc. Smart Card Technology Capabilities 10

Relevant Standards and ISO 7810 ISO 7816 Specs ISO 14443 Types A and B Java Card 2.1.1 and 2.2 Global Platform Card Specification 2.0.1 and 2.1 GSCIS v2.1 (draft) Smart Card Technology Capabilities 11

Types of Usage Identification and authentication Encryption and digital signature (RSA 1024/2048 bit; on-card key-pair generation) Biometric (on-card matching) Secure Data storage Single Sign-on Smart Card Technology Capabilities 12

Assessing the Current Technology Areas to Assess: Card Operating System (COS) Protocol Memory capacity Functionality Smart Card Technology Capabilities 13

Card Operating System File-structure vs. Java Card ISO 7816 part 4 + compliant COS Analogous to Java Card and Global Platform compliant COS Unix Windows There are Pro s and Con s for both types of COS s. Both can be made secure and flexible. It is analogous to comparing Unix and Windows operating systems. The philosophical arguments can be made for file-structure-based or Java-based card. However....Java Cards are in fashion! Smart Card Technology Capabilities 14

File-Structure Based Smart Cards MF DF DF EF DF DF EF DF EF EF DF EF EF EF EF EF EF Smart Card Technology Capabilities 15

Purpose of a Smart Card OS ISO International Standards Secure Messaging RSA Signature Data Structures ISO 7816-4 Dynamic Installation Smart Card Multi-Purpose Command Set Transmission T=1, T=0 Access Control Encryption Multi-Application State Machine Concept Smart Card Technology Capabilities 16

Java Card Security Architecture Security Domains Appl. Appl. Appl. Card M anager (GP/OP) A PIs Virtual M achine I/O Crypto Native Services Hardware Security is provided by the JCVM, Firewalls and Security Domains Smart Card Technology Capabilities 17

Java Card Basics A multi-application smart card Several applications can be loaded on to the same card Firewall between applications Sharing between applications ISO-7816/4 compliant application selection. Smart card interoperable- at the source code level at the load file level at the loader level. Smart Card Technology Capabilities 18

Protocol T=0 : Byte transfer. Developed by the French T=1 : Block transfer. Developed by the Germans USB : Based on existing USB v.1.1+ Specs. Smart Card Technology Capabilities 19

Memory Capacity 16 KB 32 KB * 64 KB 128 KB * Currently most popular Smart Card Technology Capabilities 20

Functionality Highlights: RSA 1024/2048 bit algorithms Triple-DES, SHA-1 On-card key-pair generation On-card Biometrics matching engine Smart Card Technology Capabilities 21

Biometrics On-card Matching Main advantages: Sensor independent Latest developments: Fingerprint on-card matching Iris on-card matching On-card matching Java applet Smart Card Technology Capabilities 22

Basics of On-card Matching The actual data is preprocessed in the background system and sent to the card Biometric verification takes place on the chip card Reference data does not leave the card The card itself changes the security status (e.g., unblocks itself) after a successful verification. Smart Card Technology Capabilities 23

Other Form Factors Smart chip with USB interface. Same Chip Operating System as on smart card. Connectivity through USB port. Smart card reader not necessary. Three features in one single USB device: Multiapplication smart card operating system Fingerprintsensor Imageprocessing software Smart Card Technology Capabilities 24

Current Trends Java Card 2.1 Global Platform 2.0.1 32 to 64K EEPROM On-card key-pair generation (RSA 1024-bit) Biometric on-card matching (fingerprint) Hybrid and composite card bodies (ISO 14443) FIPS 140-2, Level 2 or 3 Smart Card Technology Capabilities 25

Current Trends Smart Card Technology Capabilities 26

Requirements and Standards CAC Release 2.0 ICC Specification Java Support Java Card 2.1 Standards: ISO 7816, parts 1-7 T=0 EMV. Global Platform 2.0.1. DAP verification Delegated management and services ISO 10373 Parts 1-3 ISO 7810 GSCIS 2.0 Micro-controller/ Processor: 32KB EEPROM 8-bit processor. Cypto co-processor Smart Card Technology Capabilities 27

Requirements and Standards CAC Release 2.0 ICC Specification (Cont d) Crypto Algorithms: Digest Algorithms: Key Exchange: Signature Algorithms: On-Card Key Generation Security: Triple DES SHA-1 RSA RSA (1024-bit key length) FIPS PUB 180-1 Secure Hash Standard FIPS PUB 186-1 Digital Signature Standard 30 seconds or less FIPS 140, Level 2 or 3 validation Countermeasures for Differential Power Analysis and Simple Power Analysis Attacks Smart Card Technology Capabilities 28

Requirements and Standards Requirements on the horizon: 2048-bit key length On-card Biometric Verification Contactless PKI Hybrid and Dual-interface cards Super Smart Cards Smart Card Technology Capabilities 29

Next Steps Standards are needed to address the coming requirements. Existing standards may need to be updated to accommodate the changing technology. Validations are needed to test conformance. Smart Card Technology Capabilities 30