SlideShare une entreprise Scribd logo

Smart Cards Evolution

Télécharger en tant que PPTX, PDF
Hometrack Australia
Hometrack Australia

Description about current trend and evolution of smart cards

1  sur  42
Smart Cards
Topics Covered  Defining Smart Cards  Smart Card Architecture  Smart Card – Working  Smart Card – Security  Data Storage in Smart Card  Types of Smart Card  Usage and Application  Advantages and Disadvantages  Future Development 12/13/2011 ITECH 7215 Information Security 2
DEFINING SMART CARDS • Known by other names like Chip Cards, Integrated Circuit Cards (ICC) and Processor Cards. • Size is same as any other Credit card With or without contact information. • Cards have an operating system. • The OS provides A standard way of interchanging information. An interpretation of the commands and data. • Cards must interface to a computer or terminal through a standard card reader. 12/13/2011 ITECH 7215 Information Security 3
Card and Card Reader • Computer based readers: Connect through USB or COM (Serial) ports • Dedicated terminals: Usually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner. 12/13/2011 ITECH 7215 Information Security 4
SMART CARD ARCHITECTURE 12/13/2011 ITECH 7215 Information Security 5
SMART CARD ARCHITECTURE • 256 bytes to 4KB RAM. • 8KB to 32KB ROM. • 1KB to 32KB EEPROM. • Crypto-coprocessors (implementing 3DES, RSA etc., in hardware) are optional. • 8-bit to 16-bit CPU. 8051 based designs are common. The price of a mid-level chip when produced in bulk is less than US$1. CLK RST Vcc RFU GND Vpp RFU I/O 12/13/2011 ITECH 7215 Information Security 6
WORKING STRUCTURE • Central Processing Unit: Heart of the Chip • All the processing of data preforms in here. CPU 12/13/2011 ITECH 7215 Information Security 7
WORKING STRUCTURE • security logic: detecting abnormal conditions e.g. low voltage CPU security logic 12/13/2011 ITECH 7215 Information Security 8
WORKING STRUCTURE • serial i/o interface: contact to the outside world CPU security logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 9
WORKING STRUCTURE • test logic: self-test procedures CPU test logic security logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 10
WORKING STRUCTURE ROM: • card operating system • self-test procedures • typically 16 kbytes • future 32/64 kbytes CPU test logic security ROM logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 11
WORKING STRUCTURE RAM: • ‘Buffer memory’ of the processor • typically 512 bytes • future 1 kbyte CPU test logic security ROM logic RAM serial i/o interface 12/13/2011 ITECH 7215 Information Security 12
WORKING STRUCTURE EEPROM: • cryptographic keys • PIN code CPU test logic • biometric template security ROM logic • balance RAM serial i/o • application code interface EEPROM • typically 8 kbytes • future 32 kbytes 12/13/2011 ITECH 7215 Information Security 13
WORKING STRUCTURE databus: • connection between elements of the chip • 8 or 16 bits wide Databus CPU test logic security ROM logic RAM serial i/o interface EEPROM 12/13/2011 ITECH 7215 Information Security 14
SMART CARD WORKING 12/13/2011 ITECH 7215 Information Security 15
TERMINAL/PC CARD INTERACTION • The terminal/PC sends commands to the card (through the serial line). • The card executes the command and sends back the reply. • The terminal/PC cannot directly access memory of the card o Data in the card is protected from unauthorized access. This is what makes the card smart. 12/13/2011 ITECH 7215 Information Security 16
HOW IT WORKS Card is inserted in the terminal Card gets power. OS boots up. Sends ATR (Answer to reset) ATR negotiations take place to set up data transfer speeds, capability negotiations etc. Card responds with an error Terminal sends first command to (because MF selection is only on select MF password presentation) Terminal prompts the user to provide password Card verifies P2. Stores a status “P2 Terminal sends password for Verified”. Responds “OK” verification Terminal sends command to select Card responds “OK” MF again Card supplies personal data and Terminal sends command to read EF1 responds “OK” 12/13/2011 ITECH 7215 Information Security 17
COMMUNICATION • Communication between smart card and reader is standardized: ISO 7816 standard • Commands are initiated by the terminal Interpreted by the card OS Card state is updated Response is given by the card. • Commands have the following structure • Response from the card include 1..Le bytes followed by Response Code 12/13/2011 ITECH 7215 Information Security 18
SMART CARD SECURITY 12/13/2011 ITECH 7215 Information Security 19
SECURITY MECHANISM • Password Card holder’s protection • Cryptographic challenge Response Entity authentication • Biometric information Person’s identification • A combination of one or more 12/13/2011 ITECH 7215 Information Security 20
PASSWORD VERIFICATION 1. Terminal asks the user to provide a password. 2. Password is sent to Card for verification. 3. Scheme can be used to permit user authentication. Not a person identification scheme 12/13/2011 ITECH 7215 Information Security 21
CRYPTOGRAPHIC VERIFICATION 1. Terminal verify card (INTERNAL AUTH) • Terminal sends a random number to card to be hashed or encrypted using a key. • Card provides the hash or cyphertext. 2. Terminal can know that the card is authentic. 3. Card needs to verify (EXTERNAL AUTH) • Terminal asks for a challenge and sends the response to card to verify • Card thus know that terminal is authentic. 4. Primarily for the “Entity Authentication” 12/13/2011 ITECH 7215 Information Security 22
BIOMETRIC MECHANISM • Finger print identification. Features of finger prints can be kept on the card (even verified on the card) • Photograph/IRIS pattern etc. Such information is to be verified by a person. The information can be stored in the card securely. 12/13/2011 ITECH 7215 Information Security 23
DATA STORAGE 12/13/2011 ITECH 7215 Information Security 24
DATA STORAGE • Data is stored in smart cards in EEPROM • Card OS provides a file structure mechanism • File types: Binary file (unstructured) Fixed size record file Variable size record file MF DF DF EF EF DF EF EF EF 12/13/2011 ITECH 7215 Information Security 25
ACCESSING FILES • Applications may specify the access controls • A password (PIN) on the MF selection e.g. SIM password in mobiles • Multiple passwords can be used and levels of security access may be given • Applications may also use cryptographic authentication 12/13/2011 ITECH 7215 Information Security 26
SMART CARD TYPES 12/13/2011 ITECH 7215 Information Security 27
MAGNETIC STRIPE CARDS Standard technology for bank cards, driver’s licenses, library cards, and so on…… 12/13/2011 ITECH 7215 Information Security 28
OPTICAL CARDS • Uses a laser to read and write the card • US Cards Contains: • Photo ID • Fingerprint 12/13/2011 ITECH 7215 Information Security 29
MEMORY CARDS • Can store: Financial Info Personal Info Specialized Info • Cannot process Info 12/13/2011 ITECH 7215 Information Security 30
MICROPROCESSOR CARDS • Has an integrated circuit chip • Has the ability to: • Store information • Carry out local processing • Perform Complex Calculations 12/13/2011 ITECH 7215 Information Security 31
USAGE/APPLICATIONS 12/13/2011 ITECH 7215 Information Security 32
SMART CARD USAGE Commercial Applications Banking/payment Identification Parking and toll collection Universities use smart cards for ID purposes and at the library, vending machines, copy machines, and other services on campus. EMV standard Mobile Telecommunications SIM cards used on cell phones All GSM phones with smart cards Contains mobile phone security, subscription information, phone number on the network, billing information, and frequently called numbers 12/13/2011 ITECH 7215 Information Security 33
SMART CARD USAGE • Information Technology • Secure logon and authentication of users to PCs and networks • Encryption of sensitive data • Other Applications • Over 4 million small dish TV satellite receivers in the US use a smart card as its removable security element and subscription information. • Pre-paid, reloadable telephone cards • Health Care, stores the history of a patient • Fast ticketing in public transport, parking, and road tolling in many countries • JAVA cards 12/13/2011 ITECH 7215 Information Security 34
OTHER SMART CARD APPLICATIONS 12/13/2011 ITECH 7215 Information Security 35
SMART CARD APPLICATIONS Retail Sale of goods Communication GSM using Electronic Purses, Payphones Credit / Debit Vending machines Loyalty programs Tags & smart labels Entertainment Transportation – Pay-TV Public Traffic – Public event access Parking control Road Regulation (ERP) Car Protection 12/13/2011 ITECH 7215 Information Security 36
SMART CARD APPLICATIONS Healthcare E-commerce Insurance data sale of information sale of products Personal data sale of tickets, reservations Personal file Government Identification E-banking access to accounts Passport to do transactions Driving license shares 12/13/2011 ITECH 7215 Information Security 37
SMART CARD APPLICATIONS Educational facilities Office Physical access Physical access Network access Network access Time registration Personal data (results) Secure e-mail & Web Copiers, vending machines, applications restaurants, ... 12/13/2011 ITECH 7215 Information Security 38
ADVANTAGES/DISADVANTAGES 12/13/2011 ITECH 7215 Information Security 39
ADVANTAGES In comparison to it’s predecessor, the magnetic strip card, smart cards have many advantages including: • Life of a smart card is longer • A single smart card can house multiple applications. Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc. • Smart cards cannot be easily replicated and are, as a general rule much more secure than magnetic stripe cards. it has relatively powerful processing capabilities that allow it to do more than a magnetic stripe card (e.g., data encryption). • Data on a smart card can be protected against unauthorized viewing. As a result of this confidential data, PINs and passwords can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a transaction. 12/13/2011 ITECH 7215 Information Security 40
DISADVANTAGES • NOT tamper proof • Can be lost/stolen • Lack of user mobility – only possible if user has smart card reader every he goes • Has to use the same reader technology • Can be expensive • Working from PC – software based token will be better • No benefits to using a token on multiple PCs to using a smart card • Still working on bugs 12/13/2011 ITECH 7215 Information Security 41
FUTURE DEVELOPMENT • Microprocessor Cards (Contactless Smart Card) • Microprocessor Cards (Combi / Hybrid Cards) Hybrid Card: Has two chips: contact and contactless interface. The two chips are not connected. Combi Card: Has a single chip with a contact and contactless interface. Can access the same chip via a contact or contactless interface, with a very high level of security. 12/13/2011 ITECH 7215 Information Security 42

Recommandé

Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityReben Dalshad
 
smart card
smart cardsmart card
smart cardSumit Kumar
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Smart card
Smart cardSmart card
Smart cardSantosh Khadsare
 
Smart card
Smart cardSmart card
Smart cardSaumya Ranjan Behura
 
Smart Card
Smart CardSmart Card
Smart Carditsvineeth209
 

Recommandé

Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityReben Dalshad
 
smart card
smart cardsmart card
smart cardSumit Kumar
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Smart card
Smart cardSmart card
Smart cardSantosh Khadsare
 
Smart card
Smart cardSmart card
Smart cardSaumya Ranjan Behura
 
Smart Card
Smart CardSmart Card
Smart Carditsvineeth209
 
Smart card
Smart cardSmart card
Smart cardRitika Golash
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyShashank Karamballi
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technologythinkahead.net
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologyapuneet bhatia
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyPushkar Dutt
 
Smart card
Smart cardSmart card
Smart cardram212213
 
Smart cards system
Smart cards systemSmart cards system
Smart cards systemపవన్ కుమార్
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technologyvishnu murthy
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card TechnologyAmit Gaur
 
smart card and typrs of smart card
smart card and typrs of smart cardsmart card and typrs of smart card
smart card and typrs of smart cardAL Rehman
 
Smart card
Smart cardSmart card
Smart cardRahul Srivastava
 
Smart cards
Smart cards Smart cards
Smart cards Punjab College Of Technical Education
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICSkajal
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyLav Pratap
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemSensePost
 
Smart cards
Smart cardsSmart cards
Smart cardsimshubham
 
Smart Card
Smart CardSmart Card
Smart CardAlan Leewllyn Bivera
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securityOKsystem
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarAnuj Pawar
 
Smart cards
Smart cardsSmart cards
Smart cardsjaswinderkaur144
 
Lect 1 Into.pptx
Lect 1 Into.pptxLect 1 Into.pptx
Lect 1 Into.pptxSangeetaTripathi8
 
ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1Irsandi Hasan
 

Contenu connexe

Tendances

Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologyapuneet bhatia
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyPushkar Dutt
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technologyvishnu murthy
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card TechnologyAmit Gaur
 
smart card and typrs of smart card
smart card and typrs of smart cardsmart card and typrs of smart card
smart card and typrs of smart cardAL Rehman
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICSkajal
 
Smart card technology
Smart card technologySmart card technology
Smart card technologyLav Pratap
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemSensePost
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securityOKsystem
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarAnuj Pawar
 

Tendances (20)

Smart card
Smart cardSmart card
Smart card
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologya
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart card
Smart cardSmart card
Smart card
 
Smart cards system
Smart cards systemSmart cards system
Smart cards system
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technology
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
 
smart card and typrs of smart card
smart card and typrs of smart cardsmart card and typrs of smart card
smart card and typrs of smart card
 
Smart card
Smart cardSmart card
Smart card
 
Smart cards
Smart cards Smart cards
Smart cards
 
SMART CARD BASICS
SMART CARD BASICSSMART CARD BASICS
SMART CARD BASICS
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Inside .NET Smart Card Operating System
Inside .NET Smart Card Operating SystemInside .NET Smart Card Operating System
Inside .NET Smart Card Operating System
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Smart Card
Smart CardSmart Card
Smart Card
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant security
 
Case study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj PawarCase study on smart card tech. _Anuj Pawar
Case study on smart card tech. _Anuj Pawar
 
Smart cards
Smart cardsSmart cards
Smart cards
 

Similaire à Smart Cards Evolution

ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1Irsandi Hasan
 
Introduction to Microcontrollers
Introduction to MicrocontrollersIntroduction to Microcontrollers
Introduction to Microcontrollersmike parks
 
IT Essentials version 5.0 Presentation Lectures
IT Essentials version 5.0 Presentation LecturesIT Essentials version 5.0 Presentation Lectures
IT Essentials version 5.0 Presentation Lecturescrestjin03
 
Microprocessor & microcontroller
Microprocessor & microcontroller Microprocessor & microcontroller
Microprocessor & microcontroller Nitesh Kumar
 
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdf
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdfmicroprocessormicrocontrollerbysanat-140107013112-phpapp02.pdf
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdfMECHANICALENGINEERIN19
 
Overview of ST7 8-bit Microcontrollers
Overview of ST7 8-bit MicrocontrollersOverview of ST7 8-bit Microcontrollers
Overview of ST7 8-bit MicrocontrollersPremier Farnell
 
Embedded training report(mcs 51)
Embedded training report(mcs 51)Embedded training report(mcs 51)
Embedded training report(mcs 51)Gurwinder Singh
 
8051 microcontroller
8051 microcontroller8051 microcontroller
8051 microcontrollersnehapvs
 
ITE v5.0 - Chapter 7
ITE v5.0 - Chapter 7ITE v5.0 - Chapter 7
ITE v5.0 - Chapter 7Irsandi Hasan
 
Week2 fundamental of IoT
Week2 fundamental of IoTWeek2 fundamental of IoT
Week2 fundamental of IoTsomphongt
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advancedImran Sheikh
 
Eliminating Silent Data Corruption with Oracle Linux
Eliminating Silent Data Corruption with Oracle Linux Eliminating Silent Data Corruption with Oracle Linux
Eliminating Silent Data Corruption with Oracle Linux Terry Wang
 
Module 5 embedded systems,8051
Module 5 embedded systems,8051Module 5 embedded systems,8051
Module 5 embedded systems,8051Deepak John
 

Similaire à Smart Cards Evolution (20)

Lect 1 Into.pptx
Lect 1 Into.pptxLect 1 Into.pptx
Lect 1 Into.pptx
 
ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1ITE v5.0 - Chapter 1
ITE v5.0 - Chapter 1
 
Introduction to Microcontrollers
Introduction to MicrocontrollersIntroduction to Microcontrollers
Introduction to Microcontrollers
 
Ite v5.0 chapter1
Ite v5.0 chapter1Ite v5.0 chapter1
Ite v5.0 chapter1
 
IT Essentials version 5.0 Presentation Lectures
IT Essentials version 5.0 Presentation LecturesIT Essentials version 5.0 Presentation Lectures
IT Essentials version 5.0 Presentation Lectures
 
Microprocessor & microcontroller
Microprocessor & microcontroller Microprocessor & microcontroller
Microprocessor & microcontroller
 
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdf
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdfmicroprocessormicrocontrollerbysanat-140107013112-phpapp02.pdf
microprocessormicrocontrollerbysanat-140107013112-phpapp02.pdf
 
Smart cards
Smart cards Smart cards
Smart cards
 
Smart id's
Smart id'sSmart id's
Smart id's
 
Overview of ST7 8-bit Microcontrollers
Overview of ST7 8-bit MicrocontrollersOverview of ST7 8-bit Microcontrollers
Overview of ST7 8-bit Microcontrollers
 
8051 slide
8051 slide8051 slide
8051 slide
 
Embedded training report(mcs 51)
Embedded training report(mcs 51)Embedded training report(mcs 51)
Embedded training report(mcs 51)
 
8051 microcontroller
8051 microcontroller8051 microcontroller
8051 microcontroller
 
IoT Intro and Demo
IoT Intro and DemoIoT Intro and Demo
IoT Intro and Demo
 
ITE v5.0 - Chapter 7
ITE v5.0 - Chapter 7ITE v5.0 - Chapter 7
ITE v5.0 - Chapter 7
 
Week2 fundamental of IoT
Week2 fundamental of IoTWeek2 fundamental of IoT
Week2 fundamental of IoT
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Eliminating Silent Data Corruption with Oracle Linux
Eliminating Silent Data Corruption with Oracle Linux Eliminating Silent Data Corruption with Oracle Linux
Eliminating Silent Data Corruption with Oracle Linux
 
Module 5 embedded systems,8051
Module 5 embedded systems,8051Module 5 embedded systems,8051
Module 5 embedded systems,8051
 
ITE7_Chp1.pptx
ITE7_Chp1.pptxITE7_Chp1.pptx
ITE7_Chp1.pptx
 

Smart Cards Evolution

  • 2. Topics Covered  Defining Smart Cards  Smart Card Architecture  Smart Card – Working  Smart Card – Security  Data Storage in Smart Card  Types of Smart Card  Usage and Application  Advantages and Disadvantages  Future Development 12/13/2011 ITECH 7215 Information Security 2
  • 3. DEFINING SMART CARDS • Known by other names like Chip Cards, Integrated Circuit Cards (ICC) and Processor Cards. • Size is same as any other Credit card With or without contact information. • Cards have an operating system. • The OS provides A standard way of interchanging information. An interpretation of the commands and data. • Cards must interface to a computer or terminal through a standard card reader. 12/13/2011 ITECH 7215 Information Security 3
  • 4. Card and Card Reader • Computer based readers: Connect through USB or COM (Serial) ports • Dedicated terminals: Usually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner. 12/13/2011 ITECH 7215 Information Security 4
  • 5. SMART CARD ARCHITECTURE 12/13/2011 ITECH 7215 Information Security 5
  • 6. SMART CARD ARCHITECTURE • 256 bytes to 4KB RAM. • 8KB to 32KB ROM. • 1KB to 32KB EEPROM. • Crypto-coprocessors (implementing 3DES, RSA etc., in hardware) are optional. • 8-bit to 16-bit CPU. 8051 based designs are common. The price of a mid-level chip when produced in bulk is less than US$1. CLK RST Vcc RFU GND Vpp RFU I/O 12/13/2011 ITECH 7215 Information Security 6
  • 7. WORKING STRUCTURE • Central Processing Unit: Heart of the Chip • All the processing of data preforms in here. CPU 12/13/2011 ITECH 7215 Information Security 7
  • 8. WORKING STRUCTURE • security logic: detecting abnormal conditions e.g. low voltage CPU security logic 12/13/2011 ITECH 7215 Information Security 8
  • 9. WORKING STRUCTURE • serial i/o interface: contact to the outside world CPU security logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 9
  • 10. WORKING STRUCTURE • test logic: self-test procedures CPU test logic security logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 10
  • 11. WORKING STRUCTURE ROM: • card operating system • self-test procedures • typically 16 kbytes • future 32/64 kbytes CPU test logic security ROM logic serial i/o interface 12/13/2011 ITECH 7215 Information Security 11
  • 12. WORKING STRUCTURE RAM: • ‘Buffer memory’ of the processor • typically 512 bytes • future 1 kbyte CPU test logic security ROM logic RAM serial i/o interface 12/13/2011 ITECH 7215 Information Security 12
  • 13. WORKING STRUCTURE EEPROM: • cryptographic keys • PIN code CPU test logic • biometric template security ROM logic • balance RAM serial i/o • application code interface EEPROM • typically 8 kbytes • future 32 kbytes 12/13/2011 ITECH 7215 Information Security 13
  • 14. WORKING STRUCTURE databus: • connection between elements of the chip • 8 or 16 bits wide Databus CPU test logic security ROM logic RAM serial i/o interface EEPROM 12/13/2011 ITECH 7215 Information Security 14
  • 15. SMART CARD WORKING 12/13/2011 ITECH 7215 Information Security 15
  • 16. TERMINAL/PC CARD INTERACTION • The terminal/PC sends commands to the card (through the serial line). • The card executes the command and sends back the reply. • The terminal/PC cannot directly access memory of the card o Data in the card is protected from unauthorized access. This is what makes the card smart. 12/13/2011 ITECH 7215 Information Security 16
  • 17. HOW IT WORKS Card is inserted in the terminal Card gets power. OS boots up. Sends ATR (Answer to reset) ATR negotiations take place to set up data transfer speeds, capability negotiations etc. Card responds with an error Terminal sends first command to (because MF selection is only on select MF password presentation) Terminal prompts the user to provide password Card verifies P2. Stores a status “P2 Terminal sends password for Verified”. Responds “OK” verification Terminal sends command to select Card responds “OK” MF again Card supplies personal data and Terminal sends command to read EF1 responds “OK” 12/13/2011 ITECH 7215 Information Security 17
  • 18. COMMUNICATION • Communication between smart card and reader is standardized: ISO 7816 standard • Commands are initiated by the terminal Interpreted by the card OS Card state is updated Response is given by the card. • Commands have the following structure • Response from the card include 1..Le bytes followed by Response Code 12/13/2011 ITECH 7215 Information Security 18
  • 19. SMART CARD SECURITY 12/13/2011 ITECH 7215 Information Security 19
  • 20. SECURITY MECHANISM • Password Card holder’s protection • Cryptographic challenge Response Entity authentication • Biometric information Person’s identification • A combination of one or more 12/13/2011 ITECH 7215 Information Security 20
  • 21. PASSWORD VERIFICATION 1. Terminal asks the user to provide a password. 2. Password is sent to Card for verification. 3. Scheme can be used to permit user authentication. Not a person identification scheme 12/13/2011 ITECH 7215 Information Security 21
  • 22. CRYPTOGRAPHIC VERIFICATION 1. Terminal verify card (INTERNAL AUTH) • Terminal sends a random number to card to be hashed or encrypted using a key. • Card provides the hash or cyphertext. 2. Terminal can know that the card is authentic. 3. Card needs to verify (EXTERNAL AUTH) • Terminal asks for a challenge and sends the response to card to verify • Card thus know that terminal is authentic. 4. Primarily for the “Entity Authentication” 12/13/2011 ITECH 7215 Information Security 22
  • 23. BIOMETRIC MECHANISM • Finger print identification. Features of finger prints can be kept on the card (even verified on the card) • Photograph/IRIS pattern etc. Such information is to be verified by a person. The information can be stored in the card securely. 12/13/2011 ITECH 7215 Information Security 23
  • 24. DATA STORAGE 12/13/2011 ITECH 7215 Information Security 24
  • 25. DATA STORAGE • Data is stored in smart cards in EEPROM • Card OS provides a file structure mechanism • File types: Binary file (unstructured) Fixed size record file Variable size record file MF DF DF EF EF DF EF EF EF 12/13/2011 ITECH 7215 Information Security 25
  • 26. ACCESSING FILES • Applications may specify the access controls • A password (PIN) on the MF selection e.g. SIM password in mobiles • Multiple passwords can be used and levels of security access may be given • Applications may also use cryptographic authentication 12/13/2011 ITECH 7215 Information Security 26
  • 27. SMART CARD TYPES 12/13/2011 ITECH 7215 Information Security 27
  • 28. MAGNETIC STRIPE CARDS Standard technology for bank cards, driver’s licenses, library cards, and so on…… 12/13/2011 ITECH 7215 Information Security 28
  • 29. OPTICAL CARDS • Uses a laser to read and write the card • US Cards Contains: • Photo ID • Fingerprint 12/13/2011 ITECH 7215 Information Security 29
  • 30. MEMORY CARDS • Can store: Financial Info Personal Info Specialized Info • Cannot process Info 12/13/2011 ITECH 7215 Information Security 30
  • 31. MICROPROCESSOR CARDS • Has an integrated circuit chip • Has the ability to: • Store information • Carry out local processing • Perform Complex Calculations 12/13/2011 ITECH 7215 Information Security 31
  • 32. USAGE/APPLICATIONS 12/13/2011 ITECH 7215 Information Security 32
  • 33. SMART CARD USAGE Commercial Applications Banking/payment Identification Parking and toll collection Universities use smart cards for ID purposes and at the library, vending machines, copy machines, and other services on campus. EMV standard Mobile Telecommunications SIM cards used on cell phones All GSM phones with smart cards Contains mobile phone security, subscription information, phone number on the network, billing information, and frequently called numbers 12/13/2011 ITECH 7215 Information Security 33
  • 34. SMART CARD USAGE • Information Technology • Secure logon and authentication of users to PCs and networks • Encryption of sensitive data • Other Applications • Over 4 million small dish TV satellite receivers in the US use a smart card as its removable security element and subscription information. • Pre-paid, reloadable telephone cards • Health Care, stores the history of a patient • Fast ticketing in public transport, parking, and road tolling in many countries • JAVA cards 12/13/2011 ITECH 7215 Information Security 34
  • 35. OTHER SMART CARD APPLICATIONS 12/13/2011 ITECH 7215 Information Security 35
  • 36. SMART CARD APPLICATIONS Retail Sale of goods Communication GSM using Electronic Purses, Payphones Credit / Debit Vending machines Loyalty programs Tags & smart labels Entertainment Transportation – Pay-TV Public Traffic – Public event access Parking control Road Regulation (ERP) Car Protection 12/13/2011 ITECH 7215 Information Security 36
  • 37. SMART CARD APPLICATIONS Healthcare E-commerce Insurance data sale of information sale of products Personal data sale of tickets, reservations Personal file Government Identification E-banking access to accounts Passport to do transactions Driving license shares 12/13/2011 ITECH 7215 Information Security 37
  • 38. SMART CARD APPLICATIONS Educational facilities Office Physical access Physical access Network access Network access Time registration Personal data (results) Secure e-mail & Web Copiers, vending machines, applications restaurants, ... 12/13/2011 ITECH 7215 Information Security 38
  • 39. ADVANTAGES/DISADVANTAGES 12/13/2011 ITECH 7215 Information Security 39
  • 40. ADVANTAGES In comparison to it’s predecessor, the magnetic strip card, smart cards have many advantages including: • Life of a smart card is longer • A single smart card can house multiple applications. Just one card can be used as your license, passport, credit card, ATM card, ID Card, etc. • Smart cards cannot be easily replicated and are, as a general rule much more secure than magnetic stripe cards. it has relatively powerful processing capabilities that allow it to do more than a magnetic stripe card (e.g., data encryption). • Data on a smart card can be protected against unauthorized viewing. As a result of this confidential data, PINs and passwords can be stored on a smart card. This means, merchants do not have to go online every time to authenticate a transaction. 12/13/2011 ITECH 7215 Information Security 40
  • 41. DISADVANTAGES • NOT tamper proof • Can be lost/stolen • Lack of user mobility – only possible if user has smart card reader every he goes • Has to use the same reader technology • Can be expensive • Working from PC – software based token will be better • No benefits to using a token on multiple PCs to using a smart card • Still working on bugs 12/13/2011 ITECH 7215 Information Security 41
  • 42. FUTURE DEVELOPMENT • Microprocessor Cards (Contactless Smart Card) • Microprocessor Cards (Combi / Hybrid Cards) Hybrid Card: Has two chips: contact and contactless interface. The two chips are not connected. Combi Card: Has a single chip with a contact and contactless interface. Can access the same chip via a contact or contactless interface, with a very high level of security. 12/13/2011 ITECH 7215 Information Security 42

Notes de l'éditeur

  1. Various International Standards for Smart Communication are:Mobile Telecom StandardsETSI: GSM 03.48, TS 23.048ETSI & 3G Smart Card Platform (SCP): TS 102.225, 102.226Government StandardsUS Federal Government: GSC-ISUnder review (US): FIPS 201, PIVISO: new part 13 of 7816 seriesNew Work Item from Japan: approved by ISO SC17Work assigned to ISO SC17/WG4, editor: JapanScope: commands for application management in multi application environmentContribution: a subset of Global Platform Card Specification, endorsed by ANSIUS official contribution to ISO
  2. MF: Master File: A Root or Master File (MF) is the peak of the hierarchy. It contains information and locations of files contained within it.DF: Dedicated File: Dedicated Files (DF) contain the actual data files. Dedicated files are like directories on smart cards. They subdivide the cards to hold files called Elementary Files (EF).EF: Elementary File: The elementary file is where the actual data is stored. It can be of four different types. Transparent File Linear, Variable Length Record File Linear, Fixed Length Record File Cyclic, Fixed Length Record File File Naming and Selection in Data Storage:Each files has a 2 byte file ID and an optional 5-bit SFID (both unique within a DF). DFs may optionally have (globally unique) 16 byte name.OS keeps tack of a current DF and a current EF.Target file specified as either:DF nameFile IDSFIDRelative or absolute path (sequence of File IDs).Parent DF