SMART CARDS

ABSTRACT

A system is an arrangement in which all its units assemble and work together according to the
plan or program.
Traditionally, a system is divided into hardware and software sections that are designed
independently. Hardware implementation is fast and power efficient but costly. Software on
the other hand is cheap but slow and power inefficient. So, there was a need to have a
concurrent design flow which considers both hardware and software solutions to create
efficient designs.
An Embedded System is one that has computer hardware with software embedded in it as one
of its important components. It is designed for special purpose or application to either execute
a single program repeatedly or for single purpose with multiple functions.
Aim of this report, is to discuss about the smart card technology, using embedded systems.
Smart cards have made our life easier and fast with improved security. They provide tamper-
proof storage of user and account identity.
Smart card systems have proven to be more reliable than other machine-readable cards, like
magnetic stripe and barcode.
 Declaration of “No Plagiarism”

I certify that this assignment is based on my personal study and research. I have
acknowledged all the material and sources used in it’s preparation, whether they are books,
articles or any other communication.
I also certify that I have not plagiarized other’s work for this report.

Name : Ravi Yadav Date : 23 April

2020
Student ID : 2019HT80073

Introduction
A smart card is a small plastic card with a built-in microprocessor chip and integrated circuit, that can
store and process a lots of data. It is like an "electronic wallet". It is capable of storing and
processing the data securely in a network of computers.
The microprocessor is under a gold contact pad on one side of the card. Microprocessor
replaces the usual magnetic stripe on a credit card or debit card. The chip looks like as
follows:

The typical card today is made from PVC, Polyester or Polycarbonate.

Smart code has an embossed area on one face and magnetic stripe on the other. The card has
following pins inside :

Smart cards are of 3 types:

Contact Smart Card : The interface is of contact type . The pins of the card
reader’s connector must physically touch the contact
 pad on the Smart-Card Reader during data transfer.
Contact less smart card: The interface is of not having any physical connection. They
only require close proximity to the card reader. Both reader
and card have the antennas through which they communicate.
However, interface is implemented by the capacitive
plates placed inside or on the surface of the card and
the communication occurs via radio frequency signals.

Hybrid smart card: They are dual chip cards. Each chip has its own contact and contactless
interface, not connected to each other inside the card.
The smart card is presented by its hardware, the operating system running on the card and the
applications

Smart Card Chip Specifications

Following is the block diagram for the smart card chip:

  The chip of the smart card consists of a microprocessor, ROM, RAM and EEPROM.

 ISO 7816: It describes the lowest -level interface to a contact smart card. It is at this
level that data bytes are transferred from card to its reader. ISO 7816 defines the size
of card, physical characteristics of the plastic including the temperature and position
of electrical contacts.

Electrical signal descriptions of ISO 7816:

1. VCC : Power Supply input
2. RST : Reset signal either through interface device or in combination with an internal
reset control circuit. It resets the card’s communication.
3. CLK : This pin provides a “CLOCK” signal from which timing for data
communications is derived.
4. GND : Ground (serves as reference voltage).
5. VPP : Programming voltage input (deprecated/optional). Mainly for EEPROM.
6. I/O : Input or Output for serial data(half duplex) to the integrated circuit inside the
card.
7. AUX1(C4) : Auxiliary contact; USB devices : D+
8. AUX2(C8) : Auxiliary contact, USB devices: D-
SMART CARD PRINCIPLE

The aim is to have a hassle-free and secured transaction, between source and the destination.
The secret information is stored inside the card safely even when other hardware or software
are comprised eg. OS and other applications.
First, we need to place all secret component which are only accessible to the smart card such
as: Private key, shared key, username and account details.
Implement hash functions and the encryption/decryption algorithms to support authentication,
digital signature and encryption in the smart card.
We need simple Operating System support (HTTP/TCP/IP stack).
Need to model the necessary communication protocol between the smart card and card
terminal (or reader). For eg RSA (Rivest–Shamir–Adleman), which is one of the
first public-key cryptosystems and is widely used for secure data transmission. The following
is an example of handshaking between card and reader :

Then we need to integrate the entire system which is a classic example of the hardware and
software co-existence.
In next few slides we will see the hardware architecture and the associated software for the
generalized smart card chip.

Smart Card Hardware

Smart cards have microprocessors embedded and often a cryptographically enhanced co-
processor. The standard smart card microcontroller contains a CPU ad blocks of memory
including RAM, ROM and some non-volatile memory (usually EEPROM).
Cryptographically enabled smart cards, such as used by the Netscape, will have a CPU and an
advanced cryptographic co-processor, EE-PROM, RAM ad run at 5MHz. Crypto-smart cards
can be configured to prevent “sequence attacks” in which the card is disabled if a
PIN(personal identification number) is entered beyond a certain number of trials.

Components and their specifications for smart-chip hardware :

Microprocessor : Between 8 bit -32 bit type. E.g. Motorola 6805, Intel 8051.
Mask ROM size: Programmed at the manufacturing time. It’s a permanent store whose
contents cannot be changed by users. It stores the operating system and encryption
algorithms. So, it is mainly used to store the firmware (a software which is closely tied to a
specific hardware). It is unlikely to need frequent updates. Size between 8KB-32KB.
RAM : Data stored in the RAM is transient and is lost as soon as power is lost. It is used
mainly for fast computation and response. Size around 3KB.
Non volatile memory type (e.g. EPROM, EEPROM) : Data stored is persistent and is kept
even when power is lost. It stores business related data like customer name, secret keys and
account numbers. Size around 64KB.

Communications parameters (I/O) : Half duplex channel. Communicates with the reader
in Master/Slave relationship.
USB or PMCIA: To communicate with the host computers through a card reader.
Reset mechanism
Sleep mode (low current standby operation)
Co-processor: It provides a safe place in order to store sensitive data and support different
system level security services.
UART: A serial universal asynchronous receiver/transmitter (UART) is an essential
component of a card, which receives and transmits the messages.

Smart Card Software

C is the main programming language for smart card micro-controllers and therefore C++ was
chosen as implementation language to avoid rewriting code for the target processor. Parallel
processes and system-level modeling constructs are provided by SystemC, which is used as
simulation engine.
Host software:
 Runs on Interface Device (IFD) or Smart Card Reader.
 Usually written in high-level languages like C, C++, Java, Basic, COBOL, PASCAL
& FORTRAN.
 Host software sends command to the card operating system that executes on card
processor and returns the results.
 As many kinds of the smart cards can be presented to the reader, the host software
responds to particular cards that are included in the host software system.
Card software:
 Runs on the smart card itself.
 Classified as operating system, utility and operation software.
 Written in Assembly language.
 Written for customizing or extending the existing software for particular application
or creating a new and unique custom-built smart card.
 It is time consuming and very expensive.
Functionality of the System C is divided into two different types of:
(i) Application Program Interface (API) modules, and (ii) user-defined modules.
API modules provide basic smart card functionality with a programming interface at
operating-system level. API modules are implemented in C++ and their programming
interfaces are defined by C++ interfaces. The main API modules are:
• Different memory technologies (RAM, EEPROM, Flash)
• Serial interface to send and receive messages
• Timer with different modes of operation
• Cryptographic algorithms
User defined modules implement the business logic and access API modules using SystemC
ports. They also communicate among each other over SystemC interfaces.
The system boundary is the communication interface (UART) between the smart card and the
reader, which can be realized by standard C++ communication channels.

Smart Card Operation:

A Smart card system with smart card, smart card reader, terminal and background system.
The smart-card reader is connected to the terminal via a standard interface which is ISO
7816. It can be a serial RS-232 connection or may be a USB interface. The terminal contains
the interface hardware, the smart card reader driver and terminal applications(software).
Depending on the driver, a terminal can manage one or more smart card reader independent
of the smart card I/O interface. The terminal application can communicate with a background
system. During normal mode of operation, a smart card only reacts on commands sent to the
card by the host.
A message is received by the I/O interface and forwarded to the communication protocol
analyzer which forwards the relevant parts of the message, to the decryption unit and the
control unit processes the message and stores relevant data. The terminal can also request
some data items which have to be forwarded from the control unit to the encryption unit and
further to the protocol and I/O unit. Such a model focuses only on the functionality and thus
is only useful in a system simulation comprising the background system, terminal and smart
card.
UML can be used to model the behavior at this level of abstraction and Java,
Matlab/Simulink, C++, or any other appropriate language can be used to implement it.
In smart card development object-oriented design was chosen for modelling because
optimized code is required due to the strictly limited resources, which is written by
specialists.

A transfer board was designed to extract the power consumption of contact cards.
We can design the overall architecture of software platform by top-down methods. The
important modules are :
Power Module controls the process of power trace collection while cards working. It
provides some interfaces like initializing the card reader and the oscilloscope, sending APDU
command, controlling the command cycles, saving the power traces, and so on.
Electromagnetic module could control the probe to scan the surface of smart cards step-by-
step, and find the best position with largest electromagnetic energy SNR.
Fault module can inject fault information into the contact smart card, such as the clock
frequency or power supply voltage. Once fault information has been successfully injected, the
smart card will return the wrong message. By analyzing the wrong information, we can
extract the sensitive data of the smart card.

Hardware-Software Co-Design:
Software hardware co-design is the design of co-operating software and hardware
components in a single design effort. The software and hardware are no longer designed and
implemented independently. So, weakness of traditional design, and brings up the idea of
concurrent one, which means software and hardware development always support each other
during the development phase.
A common characteristic of co-design is that creating the ‘software’ requires intimate
familiarity with the ‘hardware’. In addition, hardware covers much more than RTL models,
which also includes specialized processor data path, the FPGA fabric, multi-core
architectures, and more.
Software platform can exchange data with the hardware. For example, software sends
command to and receive response from the card reader. This is represented in the block
diagram below:

The figure above shows the co-works of software and hardware, with the following work
flow:
1)software configuration and initialization;
2)software activates hardware;
3)software sends command to the hardware;
4)hardware works;
5) software sends trigger signal;
6)hardware begins to collect information;
7) software receives the information;
8) information analysis
User’s Perspective
Smart card are plastic pocket cards around the size, of a credit card (portable) with an
embedded microchip (ICC), that can be loaded with data, used for many applications and
then periodically refreshed for additional use.
The most important part of the smart card is the microprocessor. There are 2 kinds of chips :
 Memory chip
 Microprocessor chip
Following are the differences between the two:
Memory Chip Microprocessor chip
They are just like a small floppy disk They can add, delete, and manipulate its
with optional security. memory.
They are very expensive as secondary They are like a mini-computer which includes
storage. an operating system, hard-disk and input-output
ports.
They offer little security features. They provide more security and memory. They
can even download more applications.

Advantages of Smart Card:

 Security: Smart cards are more secure as they are programmed with encryption and
the user’s personal information and the transactions are safe.
 Portable : Smart cards are small in size and hence convenient to carry.
 Economy friendly: Smart cards help in our economy by reducing transaction costs by
eliminating paper.
  Multifunctional: smart cards can be used for multi functions like paying bills,
booking tickets, paying for food etc.
 Reliable: Smart cards are more reliable than magnetic stripe cards.

Disadvantages of Smart Card:

 It is prone to damage easily due to abrasions.
 Expensive: Smart cards are expensive to manufacture. Availability of Smart-Card
reader is necessary.
 Limited Code Size: Executable code size is limited, hence OS, security algorithms
and protocols should be simplified.
 Cyber Hacks: Sometimes there is a fear of secured key getting hacked.
 Robust protocol required: We need a robust necessary communication protocol
between the card reader and the smart card.

Conclusion
In this report we discussed the software hardware co-design for smart card using embedded
processor.
The scope of smart cards is increasing day by day in diverse applications like banking,
telephone services, and medical records systems, the main reason being that the information
on it cannot be copied and are secured.
Multi-application cards make one card to be able to do everything. For eg. Student id, driving
license, credit card, ATM card, medical aid card etc.
It has potential in market profits. The following are some market trends:

Reference Links:

http://www.smartcardbasics.com/smart-card-reader.html

http://www.smartcardbasics.com/smart-card-types.html#microprocessor-cards
https://docplayer.net/21014209-Lesson-3-case-study-of-an-embedded-system-for-smart-
card.html
https://home.cc.umanitoba.ca/~kinsner/whatsnew/tutorials/tu1999/smcards.html