420 likes | 747 Views
Smart Cards Operating Systems أنظمة التشغيل للبطاقات الذكية. By: Dr Muhammad Wasim Raad Computer Engineering Department. Smart Chip - 2001+. Power (1.8 Volt). Co-Processor & 3-DES Engine. ROM (96 KB ). Ground. RAM (4 KB). Clock. 16/32-bit RISC Processor. EEPROM (64+ KB)
E N D
Smart Cards Operating Systemsأنظمة التشغيل للبطاقات الذكية By: Dr Muhammad Wasim Raad Computer Engineering Department Muhammad Wasim Raad
Smart Chip - 2001+ Power (1.8 Volt) Co-Processor & 3-DES Engine ROM(96 KB) Ground RAM (4 KB) Clock 16/32-bit RISC Processor EEPROM (64+ KB) FLASH (64 KB) Reset ISO 7816 I/O Contact: ISO 7816 and USB MMU USB I/O DPA & SPA Resistant Logic Contactless: ISO 14443 Muhammad Wasim Raad
ماهو نظام تشغيل البطاقة الذكيةWhat is a COS? Muhammad Wasim Raad
Card OS Roleوظيفة نظام تشغيل البطاقة Muhammad Wasim Raad
Transmission Protocol Muhammad Wasim Raad
File Architecture Muhammad Wasim Raad
File Architecture(Cont) Muhammad Wasim Raad
Command Sets Muhammad Wasim Raad
ISO 7816-4 Command Sets Muhammad Wasim Raad
Protocol Application LayerAPDU Format Muhammad Wasim Raad
Access Conditions Muhammad Wasim Raad
Access Conditions Examples Muhammad Wasim Raad
Access Conditions Examples Muhammad Wasim Raad
Smart Card Operating Systems • Smart card operating systems (SCOS) have little resemblance to desktop OS. • SCOS supports a collection of instructions on which user applications can be built. • ISO 7816-4 standardizes a wide range of instructions in the format of APDUs. • Most SMOS supports File Systems Muhammad Wasim Raad
Very low amount of program code: 3-30KB • ROM masks for OS need 10-12 weeks for correcting errors • The secure state of EEPROM has noticeable influence on design of OS Muhammad Wasim Raad
For example all retry counters must be designed such that their maximum value corresponds to the erased state of the EEPROM • If this is not the case, it would be possible to reset counter to its initial value by intentionally removing the card during transaction Muhammad Wasim Raad
This type of attack can be resisted by proper coding of the counter or by making the process of writing the retry counter an atomic process • Trap doors must be avoided • Cryptographic functions must execute in very short time Muhammad Wasim Raad
OS can be loaded into EEPROM, but due to expensive EEPROM most OS is in ROM • Almost all OS allow program code for additional commands or special cryptographic algorithms to be loaded into EEPROM during completion Muhammad Wasim Raad
OS must be able to automatically recognize the size of the EEPROM • Technical implementation involves OS routine reading the manufacturer’s finishing data • Current Smart Card OS is not able to adapt itself to varyations in size of ROM or RAM Muhammad Wasim Raad
Primary tasks of Smart card OS • Transferring data to and from a smart card • Controlling execution of commands • Managing files • Managing and executing cryptographic algorithms Muhammad Wasim Raad
Smart Card Communication Model * The card sends out an ATR (Answer to Reset) immediately after insertion. ** APDU stands for Application Protocol Data Unit (ISO 7816-4). Muhammad Wasim Raad Source: Z. Chen, “Java Card Technology for Smart Cards”
MF DF DF DF EF EF EF EF EF EF MF Master File (root directory, must always be present) DF Dedicated File (directory file, can contain directory and data files) EF Elementary File (data file) Smart Card File System (ISO 7816-4) Muhammad Wasim Raad
MF FID File Identifier (2 bytes) DF FID File Identifier (2 bytes) EF DF Name (1-16 Bytes)usually ISO 7816-5 AID Short-FID (5bits) FID File Identifier (2 bytes) Smart Card File Names (ISO 7816-4) Reserved FIDs 3F00MF root directory 0000EF PIN and PUK #10100EF PIN and PUK #2 0001EF application keys0011EF management keys 0002EF manufacturing info0003EF card ID info0004EF card holder info0005EF chip info 3FFF file path selection FFFF reserved for future use Muhammad Wasim Raad
EEPROM pages100'000 write cycles64 byte page size Header pointer EF Body Smart Card Internal File Structure • Header: file structure info, access control rights, pointer to data body content changes never or seldom, protected from erasure • Body: data, content might change often, many write operations Muhammad Wasim Raad
MULTOS • A high security architecture • Apps needing high security can reside next to apps needing low security • Co-residence of multiple, inter-operable, platform independent applications • Dynamic remote loading and deletion of applications over the lifetime of a card • Achieved using the language MEL (MULTOS Executable Language) Muhammad Wasim Raad
PC/SC • Architecture designed to ensure the following work together even if made by different manufacturers: • smart cards • smart card readers • computers • Differs from OpenCard because it offers API interoperability rather than uniform API • Designed for Windows environment with development in Visual C++ Muhammad Wasim Raad
Java card • The Java Card specifications enable Java technology to run on smart cards and other devices • Multi-Application Capable - Java Card technology enables multiple applications to co-exist securely on a single smart card • Dynamic: - New applications can be installed securely • Secure: - relies on the inherent security of the Java programming language to provide a secure execution environment. - platform's proven industry deployments and security evaluations ensure that card issuers benefit from the most capable and secure technology available today. Muhammad Wasim Raad
Java Card • Platform independent • Does not support issuer control • Not secure enough for finantial applications Muhammad Wasim Raad
Java Card Architecture Components Muhammad Wasim Raad
Java Card I/O with APDUs OS selects applet and invokes its process method commandAPDU, incl. applet ID applet applet applet applet Applet sends response APDU applet executes Java Cardplatform terminal smartcard hardware Muhammad Wasim Raad
To Managing Finances Securely and Conveniently Entertainment on Demand Earning and redeeming rewards with Virtual Merchants To store personal data for covenience on-line Virtual Health, Govt or other Services To Secure Virtual World Shopping with Credit (Chip SecureCode) or e-Cash How can the SMART card help in new channels? Muhammad Wasim Raad
Native EMV Code Native Loyalty Code Native EMV Code Native EMV Code Native Loyalty Code Proprietary OS A Proprietary OS B Proprietary Smart Card Operating Systems • Proprietary Chip OS developed in “native” code - specific to underlying silicon - to access chip functions. OS often dedicated to performing a single specific function – e.g. EMV Data Data Data Data E2 E2 ROM ROM • OS code is fixed in the ROM of the chip, and cannot be changed after the chip is made. Chip Hardware A Chip Hardware B • Limited number of programmers able to make adaptations to proprietary OS – impact on time to market if changes / new functions required. • In order to multi-source silicon, native code must be redeveloped from scratch for new chip. Muhammad Wasim Raad Chip Hardware A Chip Hardware B
KILLER Applications Muhammad Wasim Raad
MULTOS • The only OS obtaining ITSEC(E6) Very secure • Multi-application support • Requires Coprocessor for RSA makes it expensive Muhammad Wasim Raad
MULTOS: The OPEN STANDARD smart card operating system • MULTOS defines a standard CHIP HARDWARE INDEPENDENT Smart CardOperating System: • Portable: • Develop applications ONCE and run on ANY MULTOS chip. • Open: • Develop in C or Java and Compile. API FREELY available. MEL Editor C Compiler Java Compiler / Translator EMV EMV • Highest Hardware and OS Security Assurance: • ITSEC E6 High evaluated • MULTOS SCHEME facilitates management of multiple applications • Advanced Asymmetric Cryptographic mechanism PKI Application A PKI Application A E2PROM E2PROM MULTOS API MULTOS API MULTOS VM MULTOS VM ROM ROM Infineon Silicon Renesas Silicon Muhammad Wasim Raad
Operating System Options Logical & Physical Access WIM SIM Loyalty E-Purse Credit/Debit Open Platform (Card Manager & Security Domain) API MULTOS by Mondex International and MAOSCO Council Windows for Smart Card by Microsoft and Global Platform Java Card by Sun Micro and Global Platform or or Multos Muhammad Wasim Raad