1 / 68

Smart Card

Smart Card. 李開振 seinlin.cs95g@nctu.edu.tw 許家碩 kyo-haha@yahoo.com.tw Department of Computer Science National Chiao Tung University. Outline 1/2. Introductions ( 許家碩 ) History, Application area, Standardization Types of Cards ( 許家碩 )

coyne
Download Presentation

Smart Card

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Smart Card 李開振 seinlin.cs95g@nctu.edu.tw 許家碩 kyo-haha@yahoo.com.tw Department of Computer Science National Chiao Tung University

  2. Outline 1/2 • Introductions (許家碩) • History, Application area, Standardization • Types of Cards (許家碩) • Embossed cards, magnetic-stripe cards, Smart Card, Optical Memory Card • Physical and Electrical properties (許家碩) • Smart Card Operation System (李開振, 許家碩) • Design, files management, sequential control, Open platform • Smart Card Data Transmission (李開振, 許家碩) • Data transmission Protocols, message structure (APDU)

  3. Outline 2/2 • Smart Card Commands (李開振) • Security Techniques (李開振) • The Smart Card Life Cycle (李開振) • The five phases of the Smart Card life Cycle • Smart Card in Payment Systems (李開振) • Payment transactions, Prepaid Memory Card, Electronic Purses • Smart Card in Telecommunications (李開振) • GSM, UMTS, Wireless Identification Module, Public Card Phones

  4. Introductions

  5. Introductions - History • 1950s - The proliferation of plastic cards started in the USA • 1970s - It possible to integrate data storage and processing logic on a single silicon chip • 1974 - Roland Moreno registered his smart card patents in France • 1984 - The French PTT (postal and telecommunications services agency) successfully carried out a field trial with telephone cards

  6. Application area • Memory Card

  7. Application area • Microprocessor cards

  8. Application area • Contactless cards

  9. Standardization • ISO TC68/SC6 • ISO/IEC JTC1/SC17 • ISO/IEC 7816 • GSM 11.11 European Telecommunications Standards Institute (ETSI)

  10. Types of Cards

  11. Types of Cards • Embossed Card • Magnetic-stripe cards • Smart Card

  12. Types of Cards - Embossed Card

  13. Type of Cards - Magnetic-stripe cards

  14. Type of Cards - Smart Card

  15. Smart Card Microcontrollers • processor • address and data buses • three types of memory (RAM, ROM and EEPROM) • Input/Output

  16. Smart Card - Memory

  17. Smart Card - Microprocessor

  18. Smart Card - Contactless smart card

  19. Types of card - Optical Memory Card • ISO/IEC 11 693 and 11 694

  20. Physical and Electrical properties

  21. Physical properties • Physical properties - ID1: • external rectangle: width: 85.72 mm, height: 54.03 mm • internal rectangle: width: 85.46 mm, height: 53.92 mm

  22. Physical properties • ID000: • external rectangle: width: 25.10 mm, height: 15.10 mm • internal rectangle: width: 24.90 mm, height: 14.90 mm

  23. Physical properties • ID00: • external rectangle: width: 66.10 mm, height: 33.10 mm • internal rectangle: width: 65.90 mm, height: 32.90 mm

  24. Smart Card Operation System

  25. Smart Card Operation System • The primary tasks of a smart card operating system • Transferring data to and from the smart card • Controlling the execution of commands • Managing files • Managing and executing cryptographic algorithms • Managing and executing program code.

  26. Protocol state machine Send block Receive block Send byte Receive byte Send bit Receive bit Hardware Data flow Smart Card OS - I/O • I/O manager

  27. Smart Card OS–Commands processing

  28. Smart Card OS - Filesystem • Master File (MF) • The root directory of the filesystem • Dedicated File (DF) • directory files • Elementary File (EF) • hold the actual user data

  29. MF EF EF DF ... EF ... DF DF ... EF ... Smart Card OS - Filesystem

  30. Byte number 0 1 2 3 4 5 …………………………. n Offset Data Filesystem - EF file structure • Transparent file structure • Transparent file structure is often referred to as a binary structure.

  31. Byte number 0 1 2 3 4 5 n 1 2 3 4 m Record Number Filesystem - EF file structure • Linear Fixed file structure • data structure is based on chaining fixed-length records

  32. Byte number 0 1 2 3 4 5 n 1 2 3 4 m Record Number Filesystem - EF file structure • Linear variable file structure • each record can have an individually defined length

  33. Smart Card Data Transmission

  34. Smart Card Data Transmission • Answer to Reset (ATR)

  35. high 1 2 3 4 5 6 7 8 low t Start bit Parity bit Data transmission • Structure of a character for data transmission

  36. (a) Logic 1 high 1 2 3 4 5 6 7 8 low t Logic 1 (b) Logic 0 high 1 2 3 4 5 6 7 8 low t Logic 1 Data transmission conventions • (a) direct convention, (b) inverse convention

  37. Data transmission Protocols

  38. Message structure (APDU) • Structure of the command APDU

  39. Message structure (APDU) • Structure of the response APDU

  40. Smart Card Commands

  41. Smart Card Commands

  42. Smart Card Commands • File selection Command • Read and Write Command • Search Command • File Manipulation Commands • Identification Commands • Authentication Commands • File management Commands

  43. Security Techniques

  44. Security Techniques • User Identification • Symmetric unilateral Authentication • Asymmetric unilateral Authentication • Symmetric mutual Authentication • Smart Security • Attacks at the social level • Attacks at the physical level • Attacks at the logical level

  45. User Identification 1/3

  46. User Identification 2/3

  47. User Identification 3/3

  48. Attacks on smart cards 1/2 • Attacks at the social level • attacks that are primarily directed against people that work with smart cards • can only partially be countered by technical measures • Attacks at the physical level • it is necessary to obtain physical access to the smart card microcontroller hardware • can be static or dynamic

  49. Attacks on smart cards 2/2 • Attacks at the logical level • most known successful attacks on smart cards • arise from pure mental reflection or computation • classical cryptanalysis , known faults in smart card operating systems and Trojan horses in the smart card application.

More Related