You are on page 1of 41

Introduction to Smart Cards

JEAN-LUC Giraud MacCrypto01

Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

What is a Smart Card?

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

A Closer Look (1)

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

A Closer Look (2)

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Cutting

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Gluing

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Bonding

29/01/2001 Bull Patents

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Encapsulation

29/01/2001 Bull Patents

10

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Finished Modules

29/01/2001 Bull Patents

11

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Module on Body

Electrical Initialisation
29/01/2001 Bull Patents 12

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Manufacturing: Personalisation

Electrical and Physical Personalisation


29/01/2001 Bull Patents 13

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?

29/01/2001 Bull Patents

14

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Card Families
Memory

Microprocessor
29/01/2001 Bull Patents 15

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Memory Cards
I Bitmap, synchronous access
N R/W

10110101 00111011 10110111 1

N R/Erase only

00000000 00000000 00001111 0

29/01/2001 Bull Patents

16

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Enhanced Memory Cards


I Onboard hardwired crypto engine
N Card Authentication N MAC on balance

29/01/2001 Bull Patents

17

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Memory Card Application


I Loyalty I Payphones

29/01/2001 Bull Patents

18

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Smarter Smart Cards


I I I I Microprocessor based Onboard Memory (RAM, ROM and EEPROM/Flash) Programmable Onboard processing

I Security features
N Crypto coprocessor (PK, DES,) N Physical sensors (V, freq,) N Physical protections (shielding,)

29/01/2001 Bull Patents

19

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Chip Structure (0.25mm2)

RAM

FLASH / EEPROM CPU ROM

29/01/2001 Bull Patents

20

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Smart Card Module


Data Bus

Microprocessor Vcc Reset Clock Ground Vpp I/O CPU EEPROM / ROM FLASH RAM

Address Bus

Microcontact

Microchip

Micromodule
29/01/2001 Bull Patents 21

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Communications
I One communication channel: serial line I Layered transmission protocol
N Application: Application Protocol Data Unit N Transport: T=0, T=1, T=14

29/01/2001 Bull Patents

22

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

The Application Protocol Data Unit


I An APDU contains: N a command message, N a response message.

IFD

command APDU ICC response APDU

29/01/2001 Bull Patents

23

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

ADPU Syntax
I APDU Command
CLA INS P1 P2 Lc Data Le

Class

Parameters

Command Data Response Length

Instruction

Data Length

I APDU Response
Data SW

Response Data
29/01/2001 Bull Patents 24

Status Word

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Example

READ BINARY (P1,P2,Le) Data, SW

CLA A0

INS B0

P1 xx

P2 xx

Lc 0

Data Le Le

P1, P2 : specify the data to be retrieved Le : length of data to retrieve

29/01/2001 Bull Patents

25

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Required Infrastructure
I Personalisation Center I Issuing Center I Reader I Middleware (CDSA) I Back-end System

http://www.gemplus.com/usb
29/01/2001 Bull Patents 26

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Middleware (Windows platform)

Software

PKCS #11
Token X Token Y Token Z CSP A

CAPI
CSP B CSP C

PC/SC

Hardware

PCI IBM card

RS232 Reader

USB GemSAFE

PCMCIA

29/01/2001 Bull Patents

27

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?

29/01/2001 Bull Patents

28

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Mask your Own Code


I Pros:
N Small code footprint N Complete control

I Cons:
N N N N Development in C and target assembly language Use emulators Mask lead time (~2 month) Bug fixes

29/01/2001 Bull Patents

29

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Use Proprietary Cards


I What you (usually) get:
N File System N Fixed set of APDU Commands Read/Write files Cryptographic computations

I Pros:
N Off the shelf products N Cheaper

I Cons:
N Not extensible N Bug fixes

29/01/2001 Bull Patents

30

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Use Open Cards


I Choice
N Java

N Microsoft

I Standard API
N Crypto N GSM (SMS, Pro active commands)

29/01/2001 Bull Patents

31

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Applet Life Cycle


I I I I I Write code in Java Compile it Debug it (simulator) Verify and Convert it (specific byte code) Load it
N Personalisation center N Point of sale N Over the Internet

29/01/2001 Bull Patents

32

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Outline
IWhat are Smart Cards? IHow do we make them? IHow do they work? IHow can you program them? IWhat can you do with them?

29/01/2001 Bull Patents

33

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Why use a Smart Card?


Crypto Theoretical Practical

29/01/2001 Bull Patents

34

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Advantages of a Smart Card


I Tamper resistance N Storage I Tamper resistance N Processing

[Blah Blah]

[@^#~r&]
I Portability I Ease of use I Onboard key generation

29/01/2001 Bull Patents

35

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Main applications
I Public phone cards (pre-paid), I Cellular phone GSM cards, I Banking cards, I Health cards.

29/01/2001 Bull Patents

36

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

New applications
I Electronic purse, I Transport, I Security of information system, I Identity , I Loyalty , Loyalty I Games, I Physical access control.

29/01/2001 Bull Patents

37

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Attacking Smart Cards


I Timing Attacks I Power Analysis
N Simple Power Analysis N Differential Power Analysis

I Invasive Attacks
N Probe Stations N Focused Ion Beam

29/01/2001 Bull Patents

38

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Standards : ISO/IEC 7816 Integrated circuits cards with contacts


I ISO/IEC 7816-1 : Physical characteristics. I ISO/IEC 7816-2 : Dimension & location of contacts. I ISO/IEC 7816-3 : Electronic signals & transmission protocols. I ISO/IEC 7816-4 : Inter-industry commands. I ISO/IEC 7816-5 : Registration system for applications in IC card. I ISO/IEC 7816-6 : Inter-industry data elements. I ISO/IEC 7816-7 : Inter-industry commands for Structured Card Query Language (SCQL). I ISO/IEC 7816-8 : Security architecture and related inter-industry commands.

29/01/2001 Bull Patents

39

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Resources
I On Card development: N Java card : http://www.javacard.org Java Card Technology for Smart Cards, Zhiqun Chen, Sun Java Series, ISBN: 0-201-70329-7 N Windows for SC : http://www.microsoft.com/smartcard/ N Gemplus Developer web site: http://www.gemplus.fr/developers/index.htm Developer conference: http://www.key3studios.com/gemplusworld/
June 20, 21, Paris.

I Middleware: N PCSC-Lite : http://www.linuxnet.com/ N OCF (java) : http://ww.opencard.org/ N CDSA : http://www.opengroup.org/security/l2-cdsa.htm N PKCS : http://www.rsasecurity.com/rsalabs/pkcs/index.html I Questions: N Jean-Luc.Giraud@gemplus.com
29/01/2001 Bull Patents 40

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto

Conclusion

Smart Personal Portable Secure

29/01/2001 Bull Patents

41

Introduction to Smart Cards - Jean-Luc Giraud - MacCrypto