smart card technology presented by: dr. hakim fourar-laidi cis - prince sultan university
TRANSCRIPT
Smart CardTechnology
Presented by:
Dr. Hakim Fourar-LaidiCIS - Prince Sultan University
Agenda
Overview Classification of Smart Cards Architecture API and Access functions PC/SC Operating Systems
MPCOS-EMV JAVA CARD
Applications of smart card Smart cards & Cryptography Companies, Work groups, Links Questions
What is a Smart Card?
Contact Smart Card
Communication through electrical contactsCommunication through electrical contacts
ISO/IEC 7816
What is a Smart Card?
ChipChipA very secure way of storing a small amount of sensitive data
What’s In The Chip?
Chip Operating System
Applicative memory (where you store your
data)
Classification
Memory vs. microprocessor Memory cards
simply store data read and write to a fixed address on the card
Straight Memory Cards Protected Cards: configured to restrict access through a password Stored Value Memory Cards: such as a telephone card, the chip has
memory cells, one for each telephone unit. A memory cell is cleared each time a telephone unit is used.
Microprocessor cards Miniature Computer with microprocessor chip, input/output port, OS,
ROM, EEPROM, RAM Add, delete, manipulate information in its memory Built-in security features multiple functions and/or different applications reside on the card
Classification
Contact vs. contactless Contact smart card
are inserted in a smart card reader making physical contact with the reader
Contactless smart cards smart cards that employ a radio frequency (RFID) between
card and reader without physical insertion of the card
Combi card combines the two features
Predefined file structures: Binary files, Secret Key files, … A set of dedicated commands: Read, Write, Update Cryptographic capabilities: 3DES, RSA, ...
The Chip Operating System COS
Platform
Small processors 8 or 16 bits
Very small memory 8k, 16k, 32k, 64k, 128K of ROM Between 1 and 32 Kb of EEPROM Between 256 bytes and 4Kb of RAM
Communication through RS232 serial and USB ports, PCMCIA slots, floppy
disk slots, parallel ports, infrared IRDA ports, …
Life Cycle
Fabrication phase
Pre-personalisation Phase
Personalisation Phase
Utilisation Phase
End-of-Life Phase
Examples
GPK 8000 MPCOS-EMV compatible with ISO7816-4 8Kb EEPROM 3DES, RSA/DSA (up to 1024 bits), SHA-1, MD5
GemSafeXpresso 32K Java Card platform compatible with ISO7816 - 1/2/3/4 32K EEPROM RSA (512 - 2048 bits), 3DES algorithms
SIM Back-up cards Capacity: 254 phone numbers & names Capacity: 30 text messages Dedicated to personal data storage
PC/SC Smart card readers
What is PC/SC?What is PC/SC? Standardizes communication compatible
with the ISO-7816 between computer software and smart cards
Developed by smart card and computer manufacturers
Promoted by Microsoft
SerialSerial
PC CardPC Card
USBUSB
PS/2PS/2
PC/SC
What is PC/SC
Facilitate Smart Card Integration into PC Environment
Smart Card Reader and Smart Card Interoperability at Different Levels
Application and Vendor Neutral
Platform Independent Specifications
PC/SC
Core Members of the PC/SC Workgroup
PC/SC
PC/SC Architecture
ICC-Aware ApplicationICC-Aware ApplicationICC-Aware Application
Service Providers
Service Providers
Service Provider
Drivers
Smart Card Readers
Smart Cards
PC/SC IFD Handler Interface
PC/SC RM Interface
PC/SC Service ProviderReference Interfaces
ICC-Aware ApplicationICC-Aware ApplicationICC-Aware ApplicationICC-Aware ApplicationICC-Aware ApplicationICC-Aware Application
Resource ManagerMicrosoft Resource Manager
Service Providers
Service Providers
Service Provider
Service Providers
Service Providers
Service Provider
IFDHandler
IFDHandler
IFDHandler
IFD IFD IFD
ICC ICC ICC
IFDHandler
IFDHandler
IFDHandler
IFD IFD IFD
ICC ICC ICC
PC/SC
The interfaces of PC/SC
Smart Card Resource Manager
Smart Card Aware Applications
Smart Card User Interface Smart Card Service Providers
WinSCard.dll
SCardDlg.dll
SCardSvr.exe
scardssp.dll and others
use the COMinterface model!
PC/SC
Smart Card and Reader Access Functions SCardEstablishContext GetOpenCardName() / SCardUIDlgSelectCard() SCardConnect() SCardListCards() SCardListReaders() SCardGetStatusChange() SCardIntroduceCardType() SCardStatus() SCardTransmit() SCardReconnect() SCardLocateCards() SCardReleaseContext SCardDisconnect()
This is the contentof ConsoleApp.cpp
ReturnCode = connectToCard(DlgStruct->hSCardContext,
DlgStruct->lpstrRdr,
SCARD_SHARE_SHARED,
SCARD_PROTOCOL_T0,
&(DlgStruct->hCardHandle),
&(DlgStruct->dwActiveProtocol));
if(ReturCode != SCARD_S_SUCCESS)
printf("Failed connection to the card0X%0X.\n",ReturnCode);
PC/SC
The application exchangesa Select File APDU and
displays the resultsBB
Operating Systems
Fixed File Structure Multi-application Payment Chip Operating System EMV
(MPCOS-EMV) The card is treated as secure computing and storage device Files and permissions are set in advance by the issuer ideal for a fixed type of card structure and functions that will
not change in the near future
Dynamic Application System Java Card, MULTOS
enables developers to build, test, and deploy different applications securely
OS and applications are more separate Example SIM card for mobile GSM
MPCOS-EMV
Communication send and receive data under the T=0 communication
protocol format according to the ISO 7816-3 standard
T=1 or T=14 communication protocol can be activated
Baud Rates supported with 3.68 MHz Reader: 9 600 baud 19 200 baud 38 400 baud 57 600 baud 115 200 baud
MPCOS-EMV Files
Initial File Structure
MPCOS-EMV Files
Public key files, secret code files, Purse files... File Descriptors When we create a file, the crlFile
command generate a File descriptor
EF Descriptor DF Descriptor
MPCOS-EMV
Data Access Management Files can be secured by secret codes Secret codes are stored in Elementary files (Efsc) Each EFsc can store to eight secret codes, (0 to 7)
Access Control Allowed without any restriction Possible after PIN verification Forbidden
PIN Management1. PIN has been presented2. PIN has not been presented or was presented incorrectly 3. PIN is blocked
MPCOS-EMV Cryptography
3DES Algorithm 16 bits secret key Encrypting /decrypting Computing signatures Secure messaging (Authentication)
MPCOS-EMV Commands
Command Format
Response Format
Header Body
CLA INS P1 P2 Lc Parameters/data Le
Body Trailer
Data SW1 , SW2
MPCOS-EMV Commands
Administration commands, Create File, Read Binary, Select File, Read File, Write
Binary, Update Binary, Read Record, Verify Pin, Select File, Read Record, Internal authenticate, external authenticate
Payment commands E.g., Credit a purse, Debit a purse, Read Balance …
What’s Java Card 2.2
A set of specifications Issued by Sun Microsystems Promoted by the JavaCard Forum Based on the Java language
Three parts The Java Card API
Subset of Java API
The Java Card Run-time Environment (JCRE) Subset of JRE
The Java Card Virtual Machine (JCVM) Subset of JVM
Java Card Architecture
Microprocessor + Memory + I/O
Native layer
Java Card 2.1 VMJava Card 2.1 VM
Java Card 2.1 APIJava Card 2.1 API
Card
M
an
ag
er
Pure Java Pure Java
Card. Card. Applet 3Applet 3
Pure Java Pure Java
Card.Card. Applet 1 Applet 1
Pure Java Pure Java
Card.Card. Applet 2Applet 2
Java Card 2.2
CompilationCompilation
JC Applet.class
JC Applet.class
SpecificationSpecification
JC Applet.java
JC Applet.java
JC ConversionJC Conversion
JC Applet.cap
JC Applet.cap
Load / InstallLoad / Install
Java CardJava Card
Client / HostApplication
Run !Run !
PC
CARD
Applet Interaction
Java Card applets can only interact with JCRE through APDUs (Application Protocol Data
Units)
Methods( )Methods( ) Methods( )
Applet 1 Applet 2 Applet i
Data DataData
JCRE
CAD
AP
DU
APDU commands
2 types of APDU can be sent to the card:
OS/Administrative commands Available in JCRE and CM
eg: INSTALL, LOAD, SELECT …
Applicative commands specific to the JC applets loaded in the card eg: debit, credit, getbalance for an e-purse applet
CLA INS P1 P2 Lc "data" Le
SW1 SW2
Applet Life Cycle
Appletloaded
Appletactivated
Appletselected
Class filebytecode
Java Cardsource code
CAP fileBytecode
AppletProcessing
APDUs
Install / Register
Select / Deselect
Process
Load / Remove
ON-CARDOFF-CARD
Applet structure
1. PREPARATION:package com.psu.applet.TestAuth;import javacard.framework.* ;import javacard.security.*;import javacardx.crypto.*;public class MyBaseApplet extends javacard.framework.Applet{
private final static byte CONSTANT = 0x.. ;private static final int myVariable = ... ;private int counterValue ;
MyBaseApplet() { super() ; counterValue = ... ; }
2. INITIALIZATION:public static void install( byte[] param, short offs, byte length ) {
MyBaseApplet myApplet = new MyBaseApplet() ;myApplet.register() ; }
public boolean select() {return true ; }
Applet structure
3. COMMAND DISPATCHING:public void process( APDU apdu ) { switch(apduBuffer[ISO7816.OFFSET_INS]) { case INS_BIN_READ: case INS_BIN_UPDATE: ProcessFileCommand(apdu); break; case INS_SET_STATUS: ProcessSetStatus(apdu); break; case INS_VERIFY_PIN: VerifyPIN(apdu); break; case INS_PUT_KEYS: PutKeys(apdu); break;
…………. default: ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED); }}
Applet structure
4. PRIVATE METHODS:
private void ProcessFileCommand(APDU apdu)
{byte[] buffer = apdu.getBuffer();
// check for the P1 complience to ISO 7816-4 specification of format
if((buffer[ISO7816.OFFSET_P1] & (byte)0xE0) != (byte)0x80)
ISOException.throwIt(ISO7816.SW_WRONG_P1P2);
…………………………………..
apdu.setOutgoing();
apdu.setOutgoingLength( (short)nbr2ReadOrWrite );
apdu.sendBytesLong(Files[file].Data, (short)offset, (short)nbr2ReadOrWrite);
}
private void VerifyPIN( APDU _apdu ) { ... }
// get the APDU buffer and the OFFSET_LC
byte[] buffer = apdu.getBuffer();
………………….
}
APDU commands
4 Cases Case 1
No command data, no response data Case 2
No command data, sends response data Case 3
Card Receives command data, no response data Case 4
Card Receives command data, sends response data
APDU messages Case 1 commands
CLA INS P1 P2 P3
Com
man
d cl
ass
Inst
ruct
ion
code
1st
para
met
er
2nd
para
met
er
Len
gth
= 0
Header Bytes
SW1 SW2
Status word
No Data sentNo Data sent
No DataNo Datareceived !received !
Case 1 commands
process() method is called INS is examined Applet performs the request process() returns
CLA INS P1 P2 O
SW1 SW2
Method1( )
Method2( )
Methodx( )
Process( )
SW1 SW2SW1 SW2
INS = V1
INS =V2INS = Vx
APDU messages Case 2 commands
CLA INS P1 P2 P3
Com
man
d cl
ass
Inst
ruct
ion
code
1st
para
met
er
2nd
para
met
er
Leng
th e
xpec
ted
Outgoing data
Header Bytes
SW1 SW2
Status word
No Data sentNo Data sent
Case 2 commands process() method is called INS is examined Le obtained from P3 setOutgoing setOutgoingLength(short le_bytes) sendBytes(short Offset,short le_bytes) process() returns
SW1 SW2
Method1( )
Method2( )
Methodx( )
Process( )
SW1 SW2
SW1 SW2
INS = V1
INS =V2 INS = Vx
CLA INS P1 P2 Le
Datax
Data2
Data1
APDU messages Case 4 commands -1st part
CLA INS P1 P2 P3
Com
man
d cl
ass
Inst
ruct
ion
code
1st
para
met
er
2nd
para
met
er
Leng
th s
ent
Incoming dataHeader
SW1 SW2
Status wordDataDatapreparedpreparedfor laterfor laterretrievalretrieval
......
APDU messages Case 4 commands -2nd part
CLA INS P1 P2 P3
Com
man
d cl
ass
GE
T R
ES
PO
NS
EIn
stru
ctio
n co
deG
ET
RE
SP
ON
SE
Inst
ruct
ion
code
1st
para
met
er
2nd
para
met
er
Leng
th e
xpec
ted
Header
Outgoing data
SW1 SW2
Status word
““Get Response”Get Response”commandcommand
for data retrievalfor data retrieval
Smart card Applications
Loyalty, financial, healthcare, Storage: medical information government
Identification, electronic money, computer access
Access to physical items (e.g., buildings, cell phones) parking meters, subway use
Smart Cards & Cryptography
Symmetric: DES, 3DES, AES
Public-key: RSA, DSA
Physically secure storage device: Passwords or keys Personal Information
Cryptography Provides
Privacy Authentication Integrity Non-repudiation
2 different security schemes...
Secret Key Algorithm = Symmetric Algorithm
Public Key Algorithm = Asymmetric Algorithm
1 Key
2 Keys
Same keySame key for all operations
One key for encryption & signature verification
One key for decryption & signature generation
My public key is064626541487548654
• Private• Public
c=e(m, k)
Encryption Decryption
m=e-1(c, k)
Plaintextblock
Plaintextblock
m
c
mciphertextblock
ff ff-1-1M M’ M
c=e(m, c=e(m, k1k1))
Encryption Decryption
m=em=e-1-1(c, (c, k2k2))
Plaintextblock
Plaintextblock
m
c
mciphertextblock
RSA:RSA:
signature generation & verification
encryption & decryption messages
DSA:DSA:signature only
Ensuring Integrity & Privacy
SendSend
Compute hash digest (mathematical
summary)
Sign the hash with the sender’s PRIVATE
key
Append the signature to the
documentDocumen
t
Encrypt the signed document with a one-time symmetric key
Encrypt the one-time symmetric key with the receiver’s PUBLIC key
Ensuring Integrity & Privacy
ReceiveReceive
Unwrap the one-time symmetric key with the receiver’s PRIVATE key
Decrypt the document
Verify the signature using the sender’s PUBLIC key
Compute the expected hash from the received message
?
?
Web access security
HTTPClient
HTTPServer
?
Web access security
Client
Browsersecurity
management
Workstation
CryptographicModule SSL Channel
HTTPS(SSL)
Authentication&
access controlmanagement
Server
HTTPSServer
Cryptographicmodule
Authentication Server Client (optional)
Privacy
Web access security
EmailClient
EmailClient
EmailServers
S/MIME
Digital Signatures: electronic markDigital Signatures: electronic markIdentify the signerEnsure data integrity
Provide: Provide:
Authentication (signature generation/verification)
Privacy (encryption / decryption)
Thanks for Listening
Any Smart Questions?