Introduction to

1. Introduction toSmart Cards

Pascal Paillier Crypto & Security Department Gemplus

2. Outline

3. What is a Smart Card?

4. A Closer Look (1)

5. A Closer Look (2)

6. Outline

What are Smart Cards? How do we make them? How do they work? What can you do with them? How can you program them?

7. Manufacturing: Cutting

8. Manufacturing: Gluing

9. Manufacturing: Bonding

10. Manufacturing: Encapsulation

11. Manufacturing: Finished Modules

12. Manufacturing: Module on Body

Electrical Initialisation

13. Smart Card Personalization

Artwork Electrical

14. The Players

Chip Manufacturer Card Manufacturer Card Issuer Card Holder Electronic Circuit Initialization Personalization Card Distribution ( Personalization )

15. Card Manufacturer�s role

Initialization Card associated with issuer Security conditions Personalization Application profile into every card.The cards belong to one given application. Cardholder profile into the card: name, identification number... Initialization Personalization

16. Card Personalization

Electrical personalization: downloading of data (application & cardholder) Graphical personalization: printing text or artwork on the card body My name My name Making each card unique !

17. Manufacturing: Personalisation

Electrical and Physical Personalisation

18. Outline

What are Smart Cards? How do we make them? How do they work? What can you do with them? How can you program them?

19. What is a Chip...

Sheep? Chips? Cheap?

20. Main features

Tiny semiconductor based component Millions of basic electronic components Contains memory zones Erasable or not Protected or not

21. The Chip

Different memory blocks pad Silicon wafer A Chip

22. Main chip providers

ST ATMEL Infineon Philips Hitachi Samsung Nec Others �

23. Chip Layout

CPU 8 bits (8051, 6805, Custom) 16 & 32 bits Memory (EEPROM, RAM, ROM, Flash) Control registers Clock generator (3.57 MHz) Timer(s) Serial IO interface (9600 bit/s) Crypto-Coprocessor (DES, AES, RSA) 25 mm� max.

24. Close-up view...

25. Memory Characteristics

EEPROM (non volatile memory) Up to 64K Bytes Application data storage ROM (write once) Up to 208 K Bytes Software (Operating System) storage RAM (temporary) Up to 5 K Bytes Working memory Flash (non volatile memory) Software patches or static application code & data

26. What Does It Stand For?

ROM Read Only Memory EEPROM Electrically Erasable Programmable R O M RAM Random Access Memory

27. Smart Cards and Cryptography

Typical figures (internal clock @ 5 to 33 MHz) Assembly language (software implementation) DES : 5 ms SHA-1 : 10 ms AES : 5 ms Public Key coprocessors (hardware implementation) RSA 1024 signature: ~ 200 ms ECC 160 signature: ~ 200 ms

28. Smart Card Life cycle

Silicon Manufacturing Card Manufacturing Personalization Hardware: CPU, RAM, EEPROM, � Software burning (ROM) EEPROM (Files) Software Development

29. Card Life Cycle

IC Manufacturer Card Manufacturer From Manufacturing to Application phase Software Manufacturer System Integrator Card Accepting Devices Card Issuer End User Software manufacturer : OS + Gemplus software (software modules that can interface existing software) System integrator : Through our partners and VARsSoftware manufacturer : OS + Gemplus software (software modules that can interface existing software) System integrator : Through our partners and VARs

30. Outline

What are Smart Cards? How do we make them? How do they work? What can you do with them? How can you program them?

31. Card Families

32. Bitmap, synchronous access

Memory Cards 1 Read 0 Write Erase 0 Read Erase First Generation Technology Second Generation Technology

33. Enhanced Memory Cards

Onboard hardwired crypto engine Card Authentication MAC on balance

34. Memory Card Application

Loyalty Payphones

35. Smarter Smart Cards

36. Smarter Smart Cards

Microprocessor based Onboard Memory (RAM, ROM and EEPROM/Flash) Programmable Onboard processing Security features Crypto coprocessor (PK, DES,�) Physical sensors (V, freq,�) Physical protections (shielding,�)

37. Standards : ISO/IEC 7816Integrated circuits cards with contacts

ISO/IEC 7816-1 : Physical characteristics. ISO/IEC 7816-2 : Dimension & location of contacts. ISO/IEC 7816-3 : Electronic signals & transmission protocols. ISO/IEC 7816-4 : Inter-industry commands. ISO/IEC 7816-5 : Registration system for applications in IC card. ISO/IEC 7816-6 : Inter-industry data elements. ISO/IEC 7816-7 : Inter-industry commands for  Structured Card Query Language (SCQL). ISO/IEC 7816-8 : Security architecture and related inter-industry commands. Apr�s, pour chaque appli, des standards : ETSI, B0��, etc...Apr�s, pour chaque appli, des standards : ETSI, B0��, etc...

38. Smart Card Module

Microcontact Microchip Micromodule

39. Communications

One communication channel: serial line �Layered� transmission protocol Application: Application Protocol Data Unit Transport: T=0, T=1, T=14

40. How to communicate with a smart card ?

41. Required Infrastructure

Personalisation Center Issuing Center Reader Middleware Back-end System

42. APDU Messages

The card communicates with the reader by exchanging APDU messages (Application Protocol Data Unit) A message is a Command : From the reader to the card a Response : From the card to the reader Command Response

43. Example

Read Name Gemplus Id: Gemplus

44. APDU Syntax

APDU Command APDU Response SW Data

45. Example

P1, P2 : specify the data to be retrieved Le : length of data to retrieve READ BINARY (P1,P2,Le) Data, SW

46. APDU Commands Model

Command Response Based on ISO 7816-3 APDU Format Command CLA INS P1 P2 Lc DATA Le Response DATA SW1 SW2

47. APDU Commands - 4 Cases(1/2)

Case 1 No command data, No response data COMMAND: CLA INS P1 P2 RESPONSE: SW1 SW2 Case 2 No command data, sends response data COMMAND: CLA INS P1 P2 Le RESPONSE: Data SW1 SW2

48. APDU Commands - 4 Cases(2/2)

Case 3 Card Receives command data, No response data COMMAND: CLA INS P1 P2 Lc Data RESPONSE: SW1 SW2 Case 4 Card Receives command data, sends response data COMMAND: CLA INS P1 P2 Lc Data Le RESPONSE: Data SW1 SW2

49. Select WIM Application Command

50. Outline

What are Smart Cards? How do we make them? How do they work? What can you do with them? How can you program them?

51. Mask your Own Code

Pros: Small code footprint �Complete� control Cons: Development in C and target assembly language Use emulators Mask lead time (~2 month) Bug fixes

52. Use Proprietary Cards

What you (usually) get: File System Fixed set of APDU Commands Read/Write files Access to cryptographic functions Pros: Off the shelf products Cheaper Cons: Not extensible Bug fixes

53. Use Open Cards

Choice Java Microsoft Standard API Crypto GSM (SMS, Pro active commands�)

54. Applet Life Cycle

Write code in Java Compile it Debug it (simulator) Verify and Convert it (specific byte code) Load it Personalisation center Point of sale Over Networks (Internet, Wireless,�)

55. Resources

On Card development: Java card : http://www.javacard.org �Java Card Technology for Smart Cards�, Zhiqun Chen, Sun Java Series, ISBN: 0-201-70329-7 Windows for SC : http://www.microsoft.com/smartcard/ Gemplus Developer web site: http://www.gemplus.fr/developers/index.htm Developer conference: http://www.key3studios.com/gemplusworld/ June 20, 21, Paris. Middleware: PCSC-Lite : http://www.linuxnet.com/ OCF (java) : http://ww.opencard.org/ CDSA : http://www.opengroup.org/security/l2-cdsa.htm PKCS : http://www.rsasecurity.com/rsalabs/pkcs/index.html

56. Outline

What are Smart Cards? How do we make them? How do they work? What can you do with them? How can you program them?

57. A Smart Card is part of an

58. Application Players

59. Application Software

Application software developed for customer�s needs Designed to communicate with user card

60. Readers

Link between: the host the cards

61. Role of the Reader

Application Software Reader Card The reader is the interface between the card and the application It serves as a translator It accepts the messages from the card and from the application software

62. Why use a Smart Card?

Crypto

63. Advantages of a Smart Card

Tamper resistance Storage Portability Tamper resistance Processing Ease of use Onboard key generation

64. Main applications

65. New applications

Security of information system, Loyalty, Physical access control. Transport : Metro SEOUL. Security of information system : login, chiffrement du mail, signature, (Windows 2000). Identity : carte d��identit� ou permis de conduire dans certains pays d��Am�rique du Sud. Loyalty : Casino, Carrefour. Jeux : Poker en Russie Physical access control : Gemplus.Transport : Metro SEOUL. Security of information system : login, chiffrement du mail, signature, (Windows 2000). Identity : carte d��identit� ou permis de conduire dans certains pays d��Am�rique du Sud. Loyalty : Casino, Carrefour. Jeux : Poker en Russie Physical access control : Gemplus.

67. Attacking Smart Cards

Timing Attacks Power Analysis Simple Power Analysis Differential Power Analysis High-order, EMA, � Invasive Attacks Probe Stations Focused Ion Beam

68. Security Notions

69. Attacks on Smart cards :

Physical security Invasive Attacks Side Channel Attacks Fault Generation Wide range of techniques, requiring various skills, equipment and time:

70. Open Platform Threats

Flawed program (ex: server) Bad design (ex: no verification) Bad implementation (ex: buffer overflow) Trojan horse Piece of software (plug-ins..) hiding amongst its normal functionalities some malicious ones

71. JavaCard Threats

Stack overflow / underflow Type mismatch (e.g. pointer forgery) Data execution as Byte Code as native code Goal: bypass Java Virtual Machine controls and access local resources directly

72. Integrity hash algorithms Checksums Authentication MAC forgery External authentication Internal Authentication Mutual authentication Confidentiality Plaintext recovery Key recovery Ciphertext forgery

Cryptographic Attacks

73. Replay attacks Man-in-the middle attacks Session high-jacking Eavesdropping

Application level security : Protocols

74. Focus on Smart Card SecurityorHow to defeat Tamper resistance

75. Conclusion

Smart Personal Portable Secure =