smart cards evolution
DESCRIPTION
Description about current trend and evolution of smart cardsTRANSCRIPT
![Page 1: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/1.jpg)
Smart Cards
![Page 2: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/2.jpg)
04/13/2023 ITECH 7215 Information Security 2
Topics Covered Defining Smart Cards Smart Card Architecture Smart Card – Working Smart Card – Security Data Storage in Smart Card Types of Smart Card Usage and Application Advantages and Disadvantages Future Development
![Page 3: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/3.jpg)
DEFINING SMART CARDS
• Known by other names like Chip Cards, Integrated Circuit Cards (ICC) and Processor Cards.
• Size is same as any other Credit card With or without contact information.
• Cards have an operating system.• The OS provides
A standard way of interchanging information.An interpretation of the commands and data.
• Cards must interface to a computer or terminal through a standard card reader.
04/13/2023 ITECH 7215 Information Security 3
![Page 4: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/4.jpg)
Card and Card Reader• Computer based readers:
Connect through USB or COM (Serial) ports• Dedicated terminals:
Usually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner.
04/13/2023 ITECH 7215 Information Security 4
![Page 5: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/5.jpg)
SMART CARD ARCHITECTURE
04/13/2023 ITECH 7215 Information Security 5
![Page 6: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/6.jpg)
SMART CARD ARCHITECTURE• 256 bytes to 4KB RAM.
• 8KB to 32KB ROM.• 1KB to 32KB EEPROM.• Crypto-coprocessors (implementing 3DES, RSA etc., in hardware) are
optional.• 8-bit to 16-bit CPU. 8051 based designs are common.The price of a mid-level chip when produced in bulk is less than US$1.
CLK
RSTVcc
Vpp
I/ORFU
GNDRFU
04/13/2023 ITECH 7215 Information Security 6
![Page 7: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/7.jpg)
WORKING STRUCTURE
• Central Processing Unit: Heart of the Chip• All the processing of data preforms in here.
CPU
04/13/2023 ITECH 7215 Information Security 7
![Page 8: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/8.jpg)
WORKING STRUCTURE
• security logic: detecting abnormal conditionse.g. low voltage
CPU
security logic
04/13/2023 ITECH 7215 Information Security 8
![Page 9: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/9.jpg)
WORKING STRUCTURE
• serial i/o interface: contact to the outside world
CPU
security logic
serial i/ointerface
04/13/2023 ITECH 7215 Information Security 9
![Page 10: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/10.jpg)
WORKING STRUCTURE
• test logic: self-test procedures
CPU
security logic
serial i/ointerface
test logic
04/13/2023 ITECH 7215 Information Security 10
![Page 11: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/11.jpg)
WORKING STRUCTUREROM:• card operating system• self-test procedures• typically 16 kbytes• future 32/64 kbytes
CPU
security logic
serial i/ointerface
test logic
ROM
04/13/2023 ITECH 7215 Information Security 11
![Page 12: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/12.jpg)
WORKING STRUCTURE
RAM:• ‘Buffer memory’ of the processor• typically 512 bytes• future 1 kbyte
CPU
security logic
serial i/ointerface
test logic
ROM
RAM
04/13/2023 ITECH 7215 Information Security 12
![Page 13: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/13.jpg)
WORKING STRUCTURE
EEPROM:• cryptographic keys• PIN code• biometric template• balance• application code• typically 8 kbytes• future 32 kbytes
CPU
security logic
serial i/ointerface
test logic
ROM
RAM
EEPROM
04/13/2023 ITECH 7215 Information Security 13
![Page 14: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/14.jpg)
WORKING STRUCTUREdatabus:• connection between elements of the chip• 8 or 16 bits wide
CPU
security logic
serial i/ointerface
test logic
ROM
RAM
EEPROM
Databus
04/13/2023 ITECH 7215 Information Security 14
![Page 15: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/15.jpg)
SMART CARD WORKING
04/13/2023 ITECH 7215 Information Security 15
![Page 16: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/16.jpg)
TERMINAL/PC CARD INTERACTION
• The terminal/PC sends commands to the card (through the serial line).
• The card executes the command and sends back the reply.
• The terminal/PC cannot directly access memory of the card o Data in the card is protected from
unauthorized access. This is what makes the card smart.
04/13/2023 ITECH 7215 Information Security 16
![Page 17: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/17.jpg)
HOW IT WORKS
04/13/2023 ITECH 7215 Information Security 17
Card is inserted in the terminal Card gets power. OS boots up. Sends ATR (Answer to reset)
ATR negotiations take place to set up data transfer speeds, capability negotiations etc.
Terminal sends first command to select MF
Card responds with an error (because MF selection is only on password presentation)
Terminal prompts the user to provide password
Terminal sends password for verification
Card verifies P2. Stores a status “P2 Verified”. Responds “OK”
Terminal sends command to select MF again
Card responds “OK”
Terminal sends command to read EF1 Card supplies personal data and responds “OK”
![Page 18: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/18.jpg)
COMMUNICATION• Communication between smart card and reader is
standardized: ISO 7816 standard
• Commands are initiated by the terminal Interpreted by the card OSCard state is updatedResponse is given by the card.
• Commands have the following structure
• Response from the card include 1..Le bytes followed by Response Code
04/13/2023 ITECH 7215 Information Security 18
![Page 19: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/19.jpg)
SMART CARD SECURITY
04/13/2023 ITECH 7215 Information Security 19
![Page 20: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/20.jpg)
SECURITY MECHANISM
• PasswordCard holder’s protection
• Cryptographic challenge ResponseEntity authentication
• Biometric informationPerson’s identification
• A combination of one or more
04/13/2023 ITECH 7215 Information Security 20
![Page 21: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/21.jpg)
PASSWORD VERIFICATION
1. Terminal asks the user to provide a password.2. Password is sent to Card for verification.3. Scheme can be used to permit user
authentication.Not a person identification scheme
04/13/2023 ITECH 7215 Information Security 21
![Page 22: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/22.jpg)
CRYPTOGRAPHIC VERIFICATION
1. Terminal verify card (INTERNAL AUTH)• Terminal sends a random number to card to
be hashed or encrypted using a key.• Card provides the hash or cyphertext.
2. Terminal can know that the card is authentic.3. Card needs to verify (EXTERNAL AUTH)
• Terminal asks for a challenge and sends the response to card to verify
• Card thus know that terminal is authentic.4. Primarily for the “Entity Authentication”
04/13/2023 ITECH 7215 Information Security 22
![Page 23: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/23.jpg)
BIOMETRIC MECHANISM
• Finger print identification.Features of finger prints can be kept on the card (even verified on the card)
• Photograph/IRIS pattern etc.Such information is to be verified by a
person. The information can be stored in the card securely.
04/13/2023 ITECH 7215 Information Security 23
![Page 24: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/24.jpg)
DATA STORAGE
04/13/2023 ITECH 7215 Information Security 24
![Page 25: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/25.jpg)
DATA STORAGE
• Data is stored in smart cards in EEPROM• Card OS provides a file structure mechanism• File types:
Binary file (unstructured)Fixed size record fileVariable size record file
04/13/2023 ITECH 7215 Information Security 25
MF
DF DF
DF
EF EF
EF
EF EF
![Page 26: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/26.jpg)
ACCESSING FILES
• Applications may specify the access controls• A password (PIN) on the MF selection e.g. SIM
password in mobiles• Multiple passwords can be used and levels of security
access may be given
• Applications may also use cryptographic authentication
04/13/2023 ITECH 7215 Information Security 26
![Page 27: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/27.jpg)
SMART CARD TYPES
04/13/2023 ITECH 7215 Information Security 27
![Page 28: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/28.jpg)
MAGNETIC STRIPE CARDS
Standard technology for bank cards, driver’s licenses, library cards, and so on……
04/13/2023 ITECH 7215 Information Security 28
![Page 29: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/29.jpg)
OPTICAL CARDS
• Uses a laser to read and write the card• US Cards Contains:• Photo ID• Fingerprint
04/13/2023 ITECH 7215 Information Security 29
![Page 30: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/30.jpg)
MEMORY CARDS
• Can store:Financial InfoPersonal InfoSpecialized Info
• Cannot process Info
04/13/2023 ITECH 7215 Information Security 30
![Page 31: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/31.jpg)
MICROPROCESSOR CARDS
• Has an integrated circuit chip• Has the ability to:• Store information• Carry out local processing• Perform Complex Calculations
04/13/2023 ITECH 7215 Information Security 31
![Page 32: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/32.jpg)
USAGE/APPLICATIONS
04/13/2023 ITECH 7215 Information Security 32
![Page 33: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/33.jpg)
SMART CARD USAGE
Commercial ApplicationsBanking/payment Identification Parking and toll collection Universities use smart cards for ID purposes and at the library, vending machines, copy machines, and other services on campus. EMV standard
Mobile TelecommunicationsSIM cards used on cell phonesAll GSM phones with smart cards Contains mobile phone security, subscription information, phone number on the network, billing information, and frequently called numbers
04/13/2023 ITECH 7215 Information Security 33
![Page 34: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/34.jpg)
SMART CARD USAGE
• Information Technology• Secure logon and authentication of users to PCs and networks • Encryption of sensitive data
• Other Applications• Over 4 million small dish TV satellite receivers in the US use a
smart card as its removable security element and subscription information.
• Pre-paid, reloadable telephone cards• Health Care, stores the history of a patient• Fast ticketing in public transport, parking, and road tolling in
many countries• JAVA cards
04/13/2023 ITECH 7215 Information Security 34
![Page 35: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/35.jpg)
OTHER SMART CARD APPLICATIONS
04/13/2023 ITECH 7215 Information Security 35
![Page 36: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/36.jpg)
SMART CARD APPLICATIONSRetail
Sale of goodsusing Electronic Purses, Credit / DebitVending machinesLoyalty programsTags & smart labels
04/13/2023 ITECH 7215 Information Security 36
CommunicationGSMPayphones
TransportationPublic TrafficParkingRoad Regulation (ERP)Car Protection
Entertainment– Pay-TV– Public event access
control
![Page 37: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/37.jpg)
SMART CARD APPLICATIONS
HealthcareInsurance dataPersonal dataPersonal file
GovernmentIdentificationPassportDriving license
04/13/2023 ITECH 7215 Information Security 37
E-commercesale of informationsale of productssale of tickets, reservations
E-bankingaccess to accountsto do transactionsshares
![Page 38: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/38.jpg)
SMART CARD APPLICATIONS
Educational facilitiesPhysical accessNetwork accessPersonal data (results)Copiers, vending machines, restaurants, ...
04/13/2023 ITECH 7215 Information Security 38
OfficePhysical accessNetwork accessTime registrationSecure e-mail & Web applications
![Page 39: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/39.jpg)
ADVANTAGES/DISADVANTAGES
04/13/2023 ITECH 7215 Information Security 39
![Page 40: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/40.jpg)
ADVANTAGESIn comparison to it’s predecessor, the magnetic strip card, smart cards have many advantages including:
• Life of a smart card is longer• A single smart card can house multiple applications.
Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc.
• Smart cards cannot be easily replicated and are, as a general rule much more secure than magnetic stripe cards. it has relatively powerful processing capabilities that allow it to do more than a magnetic stripe card (e.g., data encryption).
• Data on a smart card can be protected against unauthorized viewing. As a result of this confidential data, PINs and passwords can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a transaction.
04/13/2023 ITECH 7215 Information Security 40
![Page 41: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/41.jpg)
DISADVANTAGES
• NOT tamper proof • Can be lost/stolen• Lack of user mobility – only possible if user has
smart card reader every he goes• Has to use the same reader technology• Can be expensive• Working from PC – software based token will be
better• No benefits to using a token on multiple PCs to using
a smart card• Still working on bugs
04/13/2023 ITECH 7215 Information Security 41
![Page 42: Smart Cards Evolution](https://reader035.vdocuments.net/reader035/viewer/2022062514/5580be6bd8b42ac6088b5218/html5/thumbnails/42.jpg)
FUTURE DEVELOPMENT
• Microprocessor Cards (Contactless Smart Card)
• Microprocessor Cards (Combi / Hybrid Cards)Hybrid Card:
Has two chips: contact and contactless interface. The two chips are not connected.
Combi Card:Has a single chip with a contact and contactless interface. Can access the same chip via a contact or contactless interface, with a very high level of security.
04/13/2023 ITECH 7215 Information Security 42