1 / 60

Smart Card

Smart Card. 李開振 , 許家碩 Department of Computer Science National Chiao Tung University. Outline 1/2. Introductions History, Application area, Standardization Types of Cards Embossed cards, magnetic-stripe cards, Smart Card, Optical Memory Card Physical and Electrical properties

Télécharger la présentation

Smart Card

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Smart Card 李開振, 許家碩 Department of Computer Science National Chiao Tung University

  2. Outline 1/2 • Introductions • History, Application area, Standardization • Types of Cards • Embossed cards, magnetic-stripe cards, Smart Card, Optical Memory Card • Physical and Electrical properties • Smart Card Operation System • Design, files management, sequential control, Open platform • Smart Card Data Transmission • Data transmission Protocols, message structure (APDU) • Smart Card Commands

  3. Outline 2/2 • Security Techniques • Smart Card Terminals • The Smart Card Life Cycle • The five phases of the Smart Card life Cycle • Smart Card in Payment Systems • Payment transactions, Prepaid Memory Card, Electronic Purses • Smart Card in Telecommunications • GSM, UMTS, Wireless Identification Module, Public Card Phones • Application Design

  4. Introductions

  5. Introductions - History • 1950s - The proliferation of plastic cards started in the USA • 1970s - It possible to integrate data storage and processing logic on a single silicon chip • 1974 - Roland Moreno registered his smart card patents in France • 1984 - The French PTT (postal and telecommunications services agency) successfully carried out a field trial with telephone cards

  6. Application area • Memory Card

  7. Application area • Microprocessor cards

  8. Application area • Contactless cards

  9. Standardization • ISO TC68/SC6 • ISO/IEC JTC1/SC17 • ISO/IEC 7816 • GSM 11.11 European Telecommunications Standards Institute (ETSI)

  10. Types of Cards

  11. Types of Cards • Embossed Card • Magnetic-stripe cards • Smart Card

  12. Types of Cards - Embossed Card

  13. Type of Cards - Magnetic-stripe cards

  14. Type of Cards - Smart Card

  15. Smart Card Microcontrollers • processor • address and data buses • three types of memory (RAM, ROM and EEPROM) • Input/Output

  16. Smart Card - Memory

  17. Smart Card - Microprocessor

  18. Smart Card - Contactless smart card

  19. Types of card - Optical Memory Card • ISO/IEC 11 693 and 11 694

  20. Physical and Electrical properties

  21. Physical properties • Physical properties - ID1: • external rectangle: width: 85.72 mm, height: 54.03 mm • internal rectangle: width: 85.46 mm, height: 53.92 mm

  22. Physical properties • ID000: • external rectangle: width: 25.10 mm, height: 15.10 mm • internal rectangle: width: 24.90 mm, height: 14.90 mm

  23. Physical properties • ID00: • external rectangle: width: 66.10 mm, height: 33.10 mm • internal rectangle: width: 65.90 mm, height: 32.90 mm

  24. Smart Card Operation System

  25. Smart Card Operation System • The primary tasks of a smart card operating system • Transferring data to and from the smart card • Controlling the execution of commands • Managing files • Managing and executing cryptographic algorithms • Managing and executing program code.

  26. Protocol state machine Send block Receive block Send byte Receive byte Send bit Receive bit Hardware Data flow Smart Card OS - I/O • I/O manager

  27. Smart Card OS–Commands processing

  28. Smart Card OS - Filesystem • Master File (MF) • The root directory of the filesystem • Dedicated File (DF) • directory files • Elementary File (EF) • hold the actual user data

  29. MF EF EF DF ... EF ... DF DF ... EF ... Smart Card OS - Filesystem

  30. Byte number 0 1 2 3 4 5 …………………………. n Offset Data Filesystem - EF file structure • Transparent file structure • Transparent file structure is often referred to as a binary structure.

  31. Byte number 0 1 2 3 4 5 n 1 2 3 4 m Record Number Filesystem - EF file structure • Linear Fixed file structure • data structure is based on chaining fixed-length records

  32. Byte number 0 1 2 3 4 5 n 1 2 3 4 m Record Number Filesystem - EF file structure • Linear variable file structure • each record can have an individually defined length

  33. Smart Card Data Transmission

  34. Smart Card Data Transmission • Answer to Reset (ATR)

  35. high 1 2 3 4 5 6 7 8 low t Start bit Parity bit Data transmission • Structure of a character for data transmission

  36. (a) Logic 1 high 1 2 3 4 5 6 7 8 low t Logic 1 (b) Logic 0 high 1 2 3 4 5 6 7 8 low t Logic 1 Data transmission conventions • (a) direct convention, (b) inverse convention

  37. Data transmission Protocols

  38. Message structure (APDU) • Structure of the command APDU

  39. Message structure (APDU) • Structure of the response APDU

  40. Smart Card Commands

  41. Smart Card Commands

  42. Smart Card Commands • File selection Command • Read and Write Command • Search Command • File Manipulation Commands • Identification Commands • Authentication Commands • File management Commands

  43. Security Techniques

  44. Security Techniques • User Identification • Symmetric unilateral Authentication • Asymmetric unilateral Authentication • Symmetric mutual Authentication • Smart Security • Attacks at the social level • Attacks at the physical level • Attacks at the logical level

  45. User Identification 1/3

  46. User Identification 2/3

  47. User Identification 3/3

  48. Attack on smart cards 1/2 • Attacks at the social level • attacks that are primarily directed against people that work with smart cards • can only partially be countered by technical measures • Attacks at the physical level • it is necessary to obtain physical access to the smart card microcontroller hardware • can be static or dynamic

  49. Attack on smart cards 2/2 • Attacks at the logical level • most known successful attacks on smart cards • arise from pure mental reflection or computation • classical cryptanalysis , known faults in smart card operating systems and Trojan horses in the smart card application.

More Related