Security in Smart Card

Security in smart cards
lti application smart cards)
Abolhassan Shamsaie
83203505
_shamsaie@yahoo.com
amsaie@mehr.sharif.edu
Smart cards 1
Content
 Smart Cards
 History and Development
 Smart Cards in industry
 Applications of Smart Cards
 Smart Card Security
– Physical Structure and Life Cycle
– Logical Structure and Access Controls
– Procedural Protection
 Attacks on Smart Card
 Multi application smart card
– Features
– Purpose of standard OS
– A java base Multi application smart card's architecture
– Protocol
– Most popular Memory Capacity
– Functionality
– A Secure channel protocol based on public key
2
Smart Cards
 Definition
 Comparison of Security Solutions
 Smart Cards classification
3
History and Development
 The Invention of the Smart Card
 Roland Moreno, in 1974.
 Innovatron company( Bull, Philips and Schlumberger ).
 public telephone payment system(1983)
 French standards(1984)
 Response from the Market
 GEC in the UK( contact less)
 market potential for the application
 security and user friendliness
 Development of the Technology
 highest performance smart card at the lowest cost
 As silicon technology develops so will the power of the smart card
 Laser cards
4
Smart Cards in industry
 Communications
– Pay TV
– Pre-paid Telephone Card
 Banking
– Internet Commerce authentication device
– Stored Value Pre-paid Payment Card
 Retail
– Frequent shopper, frequent flyer, special events, etc
– Loyalty and E purse applications.
 Health
– Patient Identification Card
– Prescription Card with drug dosage information
 Government
– Social Security and ID
– Immigration
 Access control
– Physical access control to buildings
– Logical access to computing systems and networks
 Transport
– Cards for ticketing,
– Driver's license containing biometric data
5
Applications of Smart Cards
– Access Control System – Driving License
– Time and attendance System – Registration Certificate (RC Book)
– Vehicle Identification – Health Cards
– Container tracking – Payment Collection Cards
– Tool or equipment ID – Vending Applications
– Customer or loyalty cards – Service/Maintenance Card
– Fare collection using 'Smart Label' – Royalty Cards
tags – Cash Cards - Stored Value Cards
– Gas cylinder tracking – E-Purse
– Harsh/difficult environment usage – Security Cards
– Hazardous materials handling or id – National ID Cards
– Inventory control( Raw materials or – Railway Monthly Season Tickets
finished goods) – Data Logging Cards
– Manufacturing processes – Memory Cards
– Product identification – Campus cards
– PAY TV Cards – Airline IATA Cards
– Animal Tracking Cards – Employee ID Cards
– Bank Pass Book – Credit Cards
– Debit Cards, ATM Cards
6
Smart Card Security
 Physical Structure and Life Cycle
 Logical Structure and Access Controls
 Procedural Protection
7
Physical Structure and Life Cycle
 Physical Structure
– Standards 7810, 7816/1 and 7816/2.
– three elements
 The plastic card
– 85.60mm x 53.98mm x 0.80mm
 printed circuit
 integrated circuit chip
– made from silicon
– No flexible and particularly easy to
break
– a few millimeters in size
– Contains
 microprocessor
 ROM
 RAM
 EEPROM
8
Physical Structure and Life Cycle
 Life Cycle of a Smart Card

– Fabrication Phase
– Pre-personalization Phase
– Personalization Phase
– Utilization Phase
– End-of-Life Phase
(Invalidation Phase)
9
Logical Structure and Access
Controls
 Logical File Structure
– one master file (MF) which
is like the root
– different files which are
called elementary files
(EFs)
– various subdirectories
called dedicated files (DFs)
– header of the file
 access conditions
 current status
10
Logical Structure and Access
Controls
 Access Control
– Levels of Access Conditions
 Always (ALW)
 Card holder verification 1 (CHV1)
 Card holder verification 2 (CHV2)
 Administrative (ADM)
 Never (NEV)
– PIN Presentations
– PIN Management (three states )
 PIN has been presented
 PIN has not been presented or was presented incorrectly
 PIN is blocked
11
Procedural Protection & Attacks
on Smart Card
 Procedural Protection
– verifications
– mutual authentication
– trusted applications
 Attacks on Smart Card
– Logical Attacks
 unusual voltages
 Temperatures
– Physical Attacks
 Direct attack (nitric acid [>98% HNO3] and acetone )
 erasing the security lock bit by focusing UV light on the EPROM
 probing the operation of the circuit by using micro probing needles
 laser cutter microscopes to explore the chip
12
Multi application smart card
 Features
– “Firewall” between
applications
– Several applications can be
loaded on to the same card
– Sharing between
applications
– ISO-7816/4 compliant
application selection.
13
 Purpose of standard OS
14
 A java base Multi application smart
card's architecture
15
 Protocol
– T=0: Byte transfer. Developed
by the French
– T=1: Block transfer.
Developed by the Germans
– USB: Based on existing USB
v.1.1
16
 Most popular Memory Capacity
– 16 KB
– 32 KB (most popular)
– 64 KB
– 128 KB
 Functionality
– RSA 1024/2048 bit algorithms
– Triple-DES, SHA-1
– On-card key-pair generation
– On-card Biometrics matching engine
17
A Secure channel protocol for multi
application smart card based on public key
 Phases
– Secure Channel Initiation
– Secure Channel Operation
– Secure Channel Termination
 Requirement to fulfill
– Cheap to operate.
– Fast
– Efficient
– Flexible
– Secure
18
 Operational Characteristics
– C represents the smart card
– H is a host defined as an off-card entity
– Each card has a Diffie-Hellman key agreement key pair
– The host (H) has an RSA public encryption key
– The card and the host share a symmetric cryptosystem and
a key generation function (e.g. a one -way function) f1 (Z).
– The card is capable of generating random numbers.
– Each card (e.g. through a security domain) has a trusted
copy of its Owner’s (e.g. certification authority, issuer or
application provider) public certification key
19
 Notation used in the description of the protocol
20
 The Protocol
– H  C: Cert (Host_DH) || Rand_H || {Host_ID ||Request_Cert
(Card_DH) || Request_Cert (Card_PEK) ||Cert (Host_PEK)}
– C H EK (Rand_H || Rand_C) {PKHostPEK ((Cert (Card_DH) || CSN)

|| Rand_H)}
– H  C EK (Rand_C, {SK}, Rand_HB )
– C  H ESK (Rand_HB, {optional parameters})
21
References
 CHAN, Siu-cheung, An Overview of Smart Card Security , Internet WWW page
at URL: http://home.hkstar.com/~alanchan/papers/smartCardSecurity
 Andrew J Clark(1990), SMART CARDS, Principal Consultant Secure Systems

Group Logica Aerospace & Defence Limited
 CyberAds Studio(2003),Smart Cards
 Konstantinos Markantonakis, A SECURE CHANNEL PROTOCOL FOR

MULTIAPPLICATION SMART CARDS BASED ON PUBLIC KEY
CRYPTOGRAPHY,Keith Mayes Information Security Group Smart Card
Centre, Royal Holloway, University of London, Egham, Surrey, TW20 0EX,
United Kingdom
 Won J. Jun (2003),Smart Card Technology Capabilities,Giesecke & Devrient
22
Questions
23

Security in Smart Card

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Security in Smart Card

Загружено:

Авторское право:

Доступные форматы

Security in smart cards

lti application smart cards)

 Life Cycle of a Smart Card

– C H EK (Rand_H || Rand_C) {PKHostPEK ((Cert (Card_DH) || CSN)

– H  C EK (Rand_C, {SK}, Rand_HB )

– C  H ESK (Rand_HB, {optional parameters})

 Andrew J Clark(1990), SMART CARDS, Principal Consultant Secure Systems

 CyberAds Studio(2003),Smart Cards

 Konstantinos Markantonakis, A SECURE CHANNEL PROTOCOL FOR

 Won J. Jun (2003),Smart Card Technology Capabilities,Giesecke & Devrient

Вам также может понравиться