1 / 24

Smart Cards

Security & Cryptography in Distributed Systems, Fall 1998. Smart Cards. By Michael Perlov (perl7849@cs.nyu.edu). Outline of the Presentation. What is a Smart Card? Examples Case Study: IBM MultiFunction Card Smart Card Standards Additional Resources. What is a Smart Card?.

brettp
Télécharger la présentation

Smart Cards

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security & Cryptography in Distributed Systems, Fall 1998 Smart Cards By Michael Perlov (perl7849@cs.nyu.edu)

  2. Outline of the Presentation • What is a Smart Card? Examples • Case Study: IBM MultiFunction Card • Smart Card Standards • Additional Resources Smart Cards

  3. What is a Smart Card? • Technical definition: A card formed of plastic body with an embedded integrated circuit. • The devices come in several varieties, from simple memory cards to those carrying their own microprocessors. • There are four major categories Smart Cards

  4. Unprotected memory cards • Act as a storage medium for tokens • Carry an application code and a simple mechanism to specify the issuer of the card • Can’t perform off-line processing • Used as prepaid phone cards in France, Holland and Germany Smart Cards

  5. Wired logic memory cards • Have built-in EPROM or EEPROM • Can be reloaded with data (like monetary value) • Contain hard-wired data protection • Examples are electronic hotel keys and new-generation phone cards used in the Benelux countries Smart Cards

  6. Microprocessor cards • Typically have • an 8-bit microprocessor with an OS in ROM • 96 to 512 KB of RAM • 3 to 16 KB of ROM • Use EEPROM for non-volatile memory, with capacities ranging from 1 to 16 KB • Some have an additional cryptography coprocessor eith extra RAM to perform private-key (DES) and/or public-key (RSA) cryptography Smart Cards

  7. Many cards of this type are multi-functional, providing the option of hosting several applications from various industry domains on a single card, key domains being: • Banking & Payment Systems • debit/credit • electronic purse • Health Care • health records • health insurance Smart Cards

  8. Travel & Transportation • ticketless air travel • car rental • Electronic commerce • cyber shopping • secure access/payment via the Internet • We will look at an example of this kind of card in the case-study later on in the talk Smart Cards

  9. Contactless cards • Antenna is embedded in the plastic • How it works: • The antenna picks up an electromagnetic signal that emanates from the reader • The signal powers the card and transmits the data • The card updates its internal state and transmits a signal back • Useful when applications require high throughput, for ex. in mass transit Smart Cards

  10. Case Study - IBM Multifunction Card Overview • A sophisticated smart card solution, built on top of the IBM MFC (Multifunction Card) OS • The chip can be fed with data and a variety of application programs that can be updated whenever necessary • Supports private-key (DES) and public-key (RSA) cryptography Smart Cards

  11. Physical layout Smart Cards

  12. File system • Has a tree structure and can be compared with the file structure of a PC’s harddisk • Has the following file hierarchy: • Master Files (MF) - root directory • Dedicated Files (DF) - application directories • Elementary Files (EF) - application data files Smart Cards

  13. Access conditions • Each file contained in the directory tree of a MultiFunction Card contains predefined access conditions assigned for each of the following access methods: • Read: read, seek, etc • Update: update, decrease, etc. • Administer: create/delete, invalidate, restore, etc. Smart Cards

  14. The following access conditions can be specified: • Always (ALW) - access without restriction • Card Holder verification (CHV) - card holder must present his secret CHV • External Authentication (AUT) - external world must authenticate itself • Protected (ENC) - either the command or the response is shielded with a cryptogram • Never (NEV) - the data cannot be accessed under any circumstances Smart Cards

  15. Commands supported by MFC OS • Application data commands • Read - reads data from a selected file • Select - selects a file • Update - updates a record in a data file • Append - appends a record to a file • Security commands • Get challenge - generate an 8-byte random number • Verify CHV • External authentication - authentication of the external world based on a previously generated random number and a secret key • Load key file - loads or updates cryptographic keys Smart Cards

  16. Additional/modified commands available with public-key cryptography cards • Calculate hash • External authenticate - extension to the standard external authentication function using public-key cryptography • Generate signature - generates a digital signature based on a a card’s secret key (using RSA) • Verify signature - verifies a digital signature using a public key • Card management commands • Create file • Delete file Smart Cards

  17. Hardware support for security functions Smart Cards

  18. Standards Standardization plays a key role in the acceptance and growth of the smart card industry. Only the appropriate international standards can assure that a smart card fits into different card readers and terminals at different locations in the world Smart Cards

  19. Smart card standardization is driven from two sides: • The international standards organizations (ISO, ANSI, etc) • ISO began working on standards for chip cards as early as 1983 • The foundation of virtually all existing smart card standards is ISO 7816, which specifies • physical & electrical characteristics • formats and protocols for information exchange • functions provided by smart cards Smart Cards

  20. The industry. Key players include Mastercard, Visa, Europay, IBM, Sun and others • EMV • Specification for the application of smart cards to the payment industry • Created by Europay, Mastercard and Visa • OpenCard Framework • A set of guidelines announced by IBM, Netscape and Sun • Provides an architecture and a set of APIs for building smart card-aware solutions on OpenCard-compliant network computers Smart Cards

  21. Consists of four major components: • CardTerminal - encapsulates all card terminal related classes • CardAgent - provides a common interface for a multitude of card operating sysetms • CardIO - provides access to the file system of a smart card • CardAgentExtension - provides non-file related smart card functionality Smart Cards

  22. JavaCard • Is a standard set of APIs and classes that allows Java applets to run directly on a standard ISO 7816 compliant card • The specifications are announced by Sun and Visa, with the support of leading smart card suppliers • Provides all the benefits of Java - portability, security, etc. • Smart Card SDK • Developed by Microsoft • Provides a set of APIs for developers to write smart card-aware Windows applications to operate with smart card readers that conform to the specification • The first integrated smart card PCs were to begin shipping this year Smart Cards

  23. Additional Resources • Smart Card terminology http://www.gemplus.com/basics/terms.htm • IBM Smart Card solutions http://www.chipcard.ibm.com/overview/ • JavaCard http://java.sun.com/products/javacard/ • Smart Card software develpment - Gemplus http://www.gemplus.com Smart Cards

  24. The End Smart Cards

More Related