Introduction to SC

7/31/2019 Introduction to SC

1/41

Introduction toIntroduction to

Smart CardsSmart Cards

JEAN-LUC GiraudMacCrypto01


2/41

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001

Bull Patents2

OutlineOutline

IIWhat are Smart Cards?What are Smart Cards?

IIHow do we make them?How do we make them?

IIHow do they work?How do they work?

IIWhat can you do with them?What can you do with them?

IIHow can you program them?How can you program them?


3/41


Bull Patents3

What is a Smart Card?What is a Smart Card?


4/41


Bull Patents4

A Closer Look (1)A Closer Look (1)


5/41


Bull Patents5

A Closer Look (2)A Closer Look (2)


6/41


Bull Patents6

OutlineOutline


II

How do we make them?How do we make them?





7/41


Bull Patents7

Manufacturing: CuttingManufacturing: Cutting


8/41


Bull Patents8

Manufacturing: GluingManufacturing: Gluing


9/41


Bull Patents9

Manufacturing: BondingManufacturing: Bonding


10/41


Bull Patents10

Manufacturing: EncapsulationManufacturing: Encapsulation


11/41


Bull Patents11

Manufacturing: Finished ModulesManufacturing: Finished Modules


12/41


Bull Patents12

Manufacturing: Module on BodyManufacturing: Module on Body

Electrical InitialisationElectrical Initialisation


13/41


Bull Patents13

Manufacturing: PersonalisationManufacturing: Personalisation

Electrical and Physical PersonalisationElectrical and Physical Personalisation


14/41


Bull Patents14

OutlineOutline







15/41


Bull Patents15

Card FamiliesCard Families

MicroprocessorMicroprocessor

MemoryMemory


16/41


Bull Patents16

Memory CardsMemory Cards

I Bitmap, synchronous access

N R/W

N R/Erase only

11 00 11 11 11 11 11

11 00 11 11 00 11 00 11

00 00 11 11 11 00 11 110011 00 11 11 11 11 11

11 00 11 11 00 11 00 11

00 00 11 11 11 00 11 111111 00 11 11 11 11 11

11 00 11 11 00 11 00 11

00 00 11 11 11 00 11 1100

00 00 00 00 11 11 11

00 00 00 00 00 00 00 00

00

00

00

00

00

00

00

00

1100 00 00 00 11 11 11

00 00 00 00 00 00 00 00

00

00

00

00

00

00

00

00

00


17/41


18/41


Bull Patents18

Memory Card ApplicationMemory Card Application

I Loyalty I Payphones


19/41


Bull Patents19

Smarter Smart CardsSmarter Smart Cards

I Microprocessor based

I Onboard Memory (RAM, ROM and EEPROM/Flash)

IProgrammable

I Onboard processing

ISecurity featuresN Crypto coprocessor (PK, DES,)

N Physical sensors (V, freq,)

N Physical protections (shielding,)


20/41


Bull Patents20

Chip Structure (0.25mmChip Structure (0.25mm22))

FLASH / EEPROM

ROM

RAM

CPU


21/41


Bull Patents21

Smart Card ModuleSmart Card Module

EEPROM /

FLASHRAMROM

Data Bus

Address Bus

MicroprocessorMicroprocessor

VccReset

Clock

GroundVpp

I/O

CPUCPU

Microcontact Microchip

Micromodule


22/41


Bull Patents22

CommunicationsCommunications

I One communication channel: serial line

ILayered transmission protocolN Application: Application Protocol Data Unit

N Transport: T=0, T=1, T=14


23/41


Bull Patents23

I An APDU contains:

N a command message,

N a response message.

IFD

ICC

command APDU

response APDU

The Application Protocol Data UnitThe Application Protocol Data Unit


24/41


Bull Patents24

ADPU SyntaxADPU Syntax

I APDU Command

IAPDU Response

CLA INS P1 P2 Lc Data Le

Parameters Command Data

Data Length Response LengthInstruction

Class

SWData

Response Data Status Word


25/41


Bull Patents25

ExampleExample

P1, P2 : specify the data to be retrieved

Le : length of data to retrieve

READ BINARY (P1,P2,Le)

Data, SW

CLA INS P1 P2 Lc Data Le

A0 B0 xx xx 0 Le


26/41


Bull Patents26

Required InfrastructureRequired Infrastructure

I Personalisation Center

IIssuing Center

I Reader

I Middleware (CDSA)

I Back-end System

http://www.http://www.gemplusgemplus.com/.com/usbusb


27/41


Bull Patents27

Middleware (Windows platform)Middleware (Windows platform)

PKCS #11PKCS #11

Token XToken X Token YToken Y Token ZToken Z

CAPICAPI

CSP ACSP A CSP BCSP B CSP CCSP C

RS232RS232 USBUSB PCMCIAPCMCIA

PC/SCPC/SC

PCIPCI

IBM cardIBM card GemSAFEGemSAFEReaderReader

Hardware

So

ftware


28/41


Bull Patents28

OutlineOutline







29/41


Bull Patents29

Mask your Own CodeMask your Own Code

I Pros:

N Small code footprint

N Complete control

I Cons:

N Development in C and target assembly language

N Use emulators

N Mask lead time (~2 month)

N Bug fixes


30/41


Bull Patents30

Use Proprietary CardsUse Proprietary Cards

I What you (usually) get:

N File System

N Fixed set of APDU Commands

Read/Write files

Cryptographic computations

I Pros:

N Off the shelf products

N Cheaper

I Cons:

N Not extensibleN Bug fixes


31/41


Bull Patents31

Use Open CardsUse Open Cards

I Choice

N Java

N Microsoft

I Standard API

N Crypto

N GSM (SMS, Pro active commands)


32/41


Bull Patents32

Applet Life CycleApplet Life Cycle

I Write code in Java

I Compile it

IDebug it (simulator)

I Verify and Convert it (specific byte code)

I Load it

N Personalisation center

N Point of sale

N Over the Internet


33/41


Bull Patents33

OutlineOutline







34/41


Bull Patents34

Why use a Smart Card?Why use a Smart Card?

CryptoCrypto

TheoreticalTheoretical PracticalPractical


35/41


Bull Patents35

Advantages of a Smart CardAdvantages of a Smart Card

I Tamper resistance

N Storage

I Portability

I Tamper resistance

N Processing

I Ease of use

I Onboard key generation

[Blah Blah]

[@^#~r&]


36/41


Bull Patents36

Main applicationsMain applications

II Cellular phone GSMCellular phone GSM cardscards,,

II Health cardsHealth cards..

II Banking cardsBanking cards,,

II Public phonePublic phone cardscards ((prepre--paidpaid),),


37/41


Bull Patents37

New applicationsNew applications

II SecuritySecurity ofofinformationinformation systemsystem,,

II LoyaltyLoyalty ,,

II Physical accessPhysical access control.control.

II IdentityIdentity,,

II GamesGames,,

II Transport,Transport,

II Electronic purseElectronic purse,,


38/41


Bull Patents38

Attacking Smart CardsAttacking Smart Cards

I Timing Attacks

I Power Analysis

N Simple Power Analysis

N Differential Power Analysis

I Invasive Attacks

N Probe Stations

N Focused Ion Beam

Standards : ISO/IEC 7816Standards : ISO/IEC 7816


39/41


Bull Patents39

Standards : ISO/IEC 7816Standards : ISO/IEC 7816

Integrated circuits cards with contactsIntegrated circuits cards with contacts

I ISO/IEC 7816-1 : Physical characteristics.

I ISO/IEC 7816-2 : Dimension & location of contacts.

I ISO/IEC 7816-3 : Electronic signals & transmission protocols.

I ISO/IEC 7816-4 : Inter-industry commands.

I ISO/IEC 7816-5 : Registration system for applications in IC card.

I ISO/IEC 7816-6 : Inter-industry data elements.

I ISO/IEC 7816-7 : Inter-industry commands for

Structured Card Query Language (SCQL).

I ISO/IEC 7816-8 : Security architecture and related inter-industry commands.

R


40/41


Bull Patents40

ResourcesResources

I On Card development:

N Java card : http://www.javacard.org

Java Card Technology for Smart Cards, Zhiqun Chen, Sun Java Series,

ISBN: 0-201-70329-7

N Windows for SC : http://www.microsoft.com/smartcard/

N Gemplus

Developer web site: http://www.gemplus.fr/developers/index.htm

Developer conference: http://www.key3studios.com/gemplusworld/

June 20, 21, Paris.I Middleware:

N PCSC-Lite : http://www.linuxnet.com/

N OCF (java) : http://ww.opencard.org/

N CDSA : http://www.opengroup.org/security/l2-cdsa.htm

N PKCS : http://www.rsasecurity.com/rsalabs/pkcs/index.html

I Questions:

N [email protected]

C l iC l i


41/41


Bull Patents41

ConclusionConclusion

SmartSmart

PersonalPersonal

PortablePortableSecureSecure

==

Introduction to SC

Documents

Transcript of Introduction to SC