Introduction to SC
Transcript of Introduction to SC
-
7/31/2019 Introduction to SC
1/41
Introduction toIntroduction to
Smart CardsSmart Cards
JEAN-LUC GiraudMacCrypto01
-
7/31/2019 Introduction to SC
2/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents2
OutlineOutline
IIWhat are Smart Cards?What are Smart Cards?
IIHow do we make them?How do we make them?
IIHow do they work?How do they work?
IIWhat can you do with them?What can you do with them?
IIHow can you program them?How can you program them?
-
7/31/2019 Introduction to SC
3/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents3
What is a Smart Card?What is a Smart Card?
-
7/31/2019 Introduction to SC
4/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents4
A Closer Look (1)A Closer Look (1)
-
7/31/2019 Introduction to SC
5/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents5
A Closer Look (2)A Closer Look (2)
-
7/31/2019 Introduction to SC
6/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents6
OutlineOutline
IIWhat are Smart Cards?What are Smart Cards?
II
How do we make them?How do we make them?
IIHow do they work?How do they work?
IIWhat can you do with them?What can you do with them?
IIHow can you program them?How can you program them?
-
7/31/2019 Introduction to SC
7/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents7
Manufacturing: CuttingManufacturing: Cutting
-
7/31/2019 Introduction to SC
8/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents8
Manufacturing: GluingManufacturing: Gluing
-
7/31/2019 Introduction to SC
9/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents9
Manufacturing: BondingManufacturing: Bonding
-
7/31/2019 Introduction to SC
10/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents10
Manufacturing: EncapsulationManufacturing: Encapsulation
-
7/31/2019 Introduction to SC
11/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents11
Manufacturing: Finished ModulesManufacturing: Finished Modules
-
7/31/2019 Introduction to SC
12/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents12
Manufacturing: Module on BodyManufacturing: Module on Body
Electrical InitialisationElectrical Initialisation
-
7/31/2019 Introduction to SC
13/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents13
Manufacturing: PersonalisationManufacturing: Personalisation
Electrical and Physical PersonalisationElectrical and Physical Personalisation
-
7/31/2019 Introduction to SC
14/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents14
OutlineOutline
IIWhat are Smart Cards?What are Smart Cards?
IIHow do we make them?How do we make them?
IIHow do they work?How do they work?
IIWhat can you do with them?What can you do with them?
IIHow can you program them?How can you program them?
-
7/31/2019 Introduction to SC
15/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents15
Card FamiliesCard Families
MicroprocessorMicroprocessor
MemoryMemory
-
7/31/2019 Introduction to SC
16/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents16
Memory CardsMemory Cards
I Bitmap, synchronous access
N R/W
N R/Erase only
11 00 11 11 11 11 11
11 00 11 11 00 11 00 11
00 00 11 11 11 00 11 110011 00 11 11 11 11 11
11 00 11 11 00 11 00 11
00 00 11 11 11 00 11 111111 00 11 11 11 11 11
11 00 11 11 00 11 00 11
00 00 11 11 11 00 11 1100
00 00 00 00 11 11 11
00 00 00 00 00 00 00 00
00
00
00
00
00
00
00
00
1100 00 00 00 11 11 11
00 00 00 00 00 00 00 00
00
00
00
00
00
00
00
00
00
-
7/31/2019 Introduction to SC
17/41
-
7/31/2019 Introduction to SC
18/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents18
Memory Card ApplicationMemory Card Application
I Loyalty I Payphones
-
7/31/2019 Introduction to SC
19/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents19
Smarter Smart CardsSmarter Smart Cards
I Microprocessor based
I Onboard Memory (RAM, ROM and EEPROM/Flash)
IProgrammable
I Onboard processing
ISecurity featuresN Crypto coprocessor (PK, DES,)
N Physical sensors (V, freq,)
N Physical protections (shielding,)
-
7/31/2019 Introduction to SC
20/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents20
Chip Structure (0.25mmChip Structure (0.25mm22))
FLASH / EEPROM
ROM
RAM
CPU
-
7/31/2019 Introduction to SC
21/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents21
Smart Card ModuleSmart Card Module
EEPROM /
FLASHRAMROM
Data Bus
Address Bus
MicroprocessorMicroprocessor
VccReset
Clock
GroundVpp
I/O
CPUCPU
Microcontact Microchip
Micromodule
-
7/31/2019 Introduction to SC
22/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents22
CommunicationsCommunications
I One communication channel: serial line
ILayered transmission protocolN Application: Application Protocol Data Unit
N Transport: T=0, T=1, T=14
-
7/31/2019 Introduction to SC
23/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents23
I An APDU contains:
N a command message,
N a response message.
IFD
ICC
command APDU
response APDU
The Application Protocol Data UnitThe Application Protocol Data Unit
-
7/31/2019 Introduction to SC
24/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents24
ADPU SyntaxADPU Syntax
I APDU Command
IAPDU Response
CLA INS P1 P2 Lc Data Le
Parameters Command Data
Data Length Response LengthInstruction
Class
SWData
Response Data Status Word
-
7/31/2019 Introduction to SC
25/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents25
ExampleExample
P1, P2 : specify the data to be retrieved
Le : length of data to retrieve
READ BINARY (P1,P2,Le)
Data, SW
CLA INS P1 P2 Lc Data Le
A0 B0 xx xx 0 Le
-
7/31/2019 Introduction to SC
26/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents26
Required InfrastructureRequired Infrastructure
I Personalisation Center
IIssuing Center
I Reader
I Middleware (CDSA)
I Back-end System
http://www.http://www.gemplusgemplus.com/.com/usbusb
-
7/31/2019 Introduction to SC
27/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents27
Middleware (Windows platform)Middleware (Windows platform)
PKCS #11PKCS #11
Token XToken X Token YToken Y Token ZToken Z
CAPICAPI
CSP ACSP A CSP BCSP B CSP CCSP C
RS232RS232 USBUSB PCMCIAPCMCIA
PC/SCPC/SC
PCIPCI
IBM cardIBM card GemSAFEGemSAFEReaderReader
Hardware
So
ftware
-
7/31/2019 Introduction to SC
28/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents28
OutlineOutline
IIWhat are Smart Cards?What are Smart Cards?
IIHow do we make them?How do we make them?
IIHow do they work?How do they work?
IIWhat can you do with them?What can you do with them?
IIHow can you program them?How can you program them?
-
7/31/2019 Introduction to SC
29/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents29
Mask your Own CodeMask your Own Code
I Pros:
N Small code footprint
N Complete control
I Cons:
N Development in C and target assembly language
N Use emulators
N Mask lead time (~2 month)
N Bug fixes
-
7/31/2019 Introduction to SC
30/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents30
Use Proprietary CardsUse Proprietary Cards
I What you (usually) get:
N File System
N Fixed set of APDU Commands
Read/Write files
Cryptographic computations
I Pros:
N Off the shelf products
N Cheaper
I Cons:
N Not extensibleN Bug fixes
-
7/31/2019 Introduction to SC
31/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents31
Use Open CardsUse Open Cards
I Choice
N Java
N Microsoft
I Standard API
N Crypto
N GSM (SMS, Pro active commands)
-
7/31/2019 Introduction to SC
32/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents32
Applet Life CycleApplet Life Cycle
I Write code in Java
I Compile it
IDebug it (simulator)
I Verify and Convert it (specific byte code)
I Load it
N Personalisation center
N Point of sale
N Over the Internet
-
7/31/2019 Introduction to SC
33/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents33
OutlineOutline
IIWhat are Smart Cards?What are Smart Cards?
IIHow do we make them?How do we make them?
IIHow do they work?How do they work?
IIWhat can you do with them?What can you do with them?
IIHow can you program them?How can you program them?
-
7/31/2019 Introduction to SC
34/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents34
Why use a Smart Card?Why use a Smart Card?
CryptoCrypto
TheoreticalTheoretical PracticalPractical
-
7/31/2019 Introduction to SC
35/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents35
Advantages of a Smart CardAdvantages of a Smart Card
I Tamper resistance
N Storage
I Portability
I Tamper resistance
N Processing
I Ease of use
I Onboard key generation
[Blah Blah]
[@^#~r&]
-
7/31/2019 Introduction to SC
36/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents36
Main applicationsMain applications
II Cellular phone GSMCellular phone GSM cardscards,,
II Health cardsHealth cards..
II Banking cardsBanking cards,,
II Public phonePublic phone cardscards ((prepre--paidpaid),),
-
7/31/2019 Introduction to SC
37/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents37
New applicationsNew applications
II SecuritySecurity ofofinformationinformation systemsystem,,
II LoyaltyLoyalty ,,
II Physical accessPhysical access control.control.
II IdentityIdentity,,
II GamesGames,,
II Transport,Transport,
II Electronic purseElectronic purse,,
-
7/31/2019 Introduction to SC
38/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents38
Attacking Smart CardsAttacking Smart Cards
I Timing Attacks
I Power Analysis
N Simple Power Analysis
N Differential Power Analysis
I Invasive Attacks
N Probe Stations
N Focused Ion Beam
Standards : ISO/IEC 7816Standards : ISO/IEC 7816
-
7/31/2019 Introduction to SC
39/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents39
Standards : ISO/IEC 7816Standards : ISO/IEC 7816
Integrated circuits cards with contactsIntegrated circuits cards with contacts
I ISO/IEC 7816-1 : Physical characteristics.
I ISO/IEC 7816-2 : Dimension & location of contacts.
I ISO/IEC 7816-3 : Electronic signals & transmission protocols.
I ISO/IEC 7816-4 : Inter-industry commands.
I ISO/IEC 7816-5 : Registration system for applications in IC card.
I ISO/IEC 7816-6 : Inter-industry data elements.
I ISO/IEC 7816-7 : Inter-industry commands for
Structured Card Query Language (SCQL).
I ISO/IEC 7816-8 : Security architecture and related inter-industry commands.
R
-
7/31/2019 Introduction to SC
40/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents40
ResourcesResources
I On Card development:
N Java card : http://www.javacard.org
Java Card Technology for Smart Cards, Zhiqun Chen, Sun Java Series,
ISBN: 0-201-70329-7
N Windows for SC : http://www.microsoft.com/smartcard/
N Gemplus
Developer web site: http://www.gemplus.fr/developers/index.htm
Developer conference: http://www.key3studios.com/gemplusworld/
June 20, 21, Paris.I Middleware:
N PCSC-Lite : http://www.linuxnet.com/
N OCF (java) : http://ww.opencard.org/
N CDSA : http://www.opengroup.org/security/l2-cdsa.htm
N PKCS : http://www.rsasecurity.com/rsalabs/pkcs/index.html
I Questions:
C l iC l i
-
7/31/2019 Introduction to SC
41/41
Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto29/01/2001
Bull Patents41
ConclusionConclusion
SmartSmart
PersonalPersonal
PortablePortableSecureSecure
==