Chương 7: Stored-Value Cards

ThS Phạm Mạnh Cường

Outline

 Smart card types

 Operating systems
 Wireless cards
 Card manufacture and issuance
 Security
 Octopus
 Smart Card Applications

E-Government
Banking Mass Transit Public
Telephony

Mobile Retail
Telecommunications W-LAN

Digital Rights
Enterprise Management
Security
Access control SOURCE: JEAN-JACQUES VANDEWALLE
ePayment by Smart Card
 Objective: replace cash
 Cash is expensive to make and use
 Printing, replacement
 Anti-counterfeiting measures
 Transportation
 Security
 Cash is inconvenient
 not machine-readable
 humans carry limited amount
 risk of loss, theft
 Additional smart card benefits
 Smart Cards
 Magnetic stripe
 3 tracks, ~140 bytes, cost $0.20-0.75
 Memory cards
 1-4 KB memory, no processor, cost $1.00-2.50
 Optical memory cards
 4 megabytes read-only (CD-like), $7-12
 Microprocessor cards
 Imbedded microprocessor

 (OLD) 8-bit processor,

16 KB ROM, 512 bytes RAM
 Equivalent power to IBM XT PC
 32-bit processors now available
Magnetic Stripe Cards
 Three tracks: 1 & 3 at 210 bits/inch; 2 at 75 bpi
 Start sentinel (1 char): %
 Format code (1 char): B for bank/financial
 Primary Account Number (PAN) (19 char)
 Major industry identifier (1 or 2 char): 4, 5 for credit cards

 Issuer (up to 5 char)

 Individual account number (up to 12 char)

 Field separator (1 char): ^

 Name
 Field separator
 Expiration date (4 char): YYMM
 Proprietary fields, including Pin Verification Value (P V V)
Other Smart Card Types

SIM card

Crypto card
USB token

Memory card Java card

SOURCE: ANDREAS STEFFEN
Laser Optical Memory Card
Capacity: 1MB - 1GB
Hong Kong Smart ID
 Microprocessor Card Adoption
2,000
1,800
1,600
1,400 Asia Pacific
MILLIONS
OF CARDS 1,200 Japan
WORLDWIDE
1,000 Europe
800 Americas
600 North America
400
200
0
2000 2001 2002 2003 2004

1999: 500 M microprocessor cards

2004: 1750 M microprocessor cards
SOURCE: DATAQUEST (10/2000)
 Smart Card Structure

Microprocessor

Contacts
Contacts
Card
(Upside-down) Epoxy

Contacts (8)
SOURCE: SMART CARD FORUM
Old (8-bit) Smart Card Architecture

EEPROM:
Electrically
Erasable
Programmable
Read-Only
Memory

SOURCE: SMART CARD FORUM

Smart Card Components
Processors
 8-bit, typical clock speed: 5 MHz (8-bit)

 Optional cryptographic processor

 32-bit, clock speed 300 MHz

 64-bit, 600 MHz

SOURCE: SUMIT DHAR

Smart Card Components
ROM: Read Only Memory
 Used for storing fixed programs. Holds the operating

system
 Typically varies from 2KB to around 16 KB

 Once written, cannot be changed

 Occupies the least area

PROM: Programmable Read Only Memory

 Used for loading card serial number

 Very small, typically just 32 bytes

SOURCE: SUMIT DHAR

Smart Card Components

EEPROM: Electrically Erasable Read Only Memory

 Stores variable data

 Holds various applications and their data.

 Can be read or written to subject to permissions.

 Typically 2 - 32 KB

RAM: Random Access Memory

 Used as temporary storage.

 Erased on power off.

 Typically 128-512 bytes

SOURCE: SUMIT DHAR

Cyberflex™ Java Smart Card
 Complete 32-bit Java run-time environment on a
card
 Utilities for compiling and loading cardlets onto
the card from a PC
CARDLETS

1 2 3

JAVA VIRTUAL MACHINE

OPERATING SYSTEM
MICROPROCESSOR
Smart Card Architecture
 File structure (ISO 7816-4)
 Cyclic files

 Database management on a card

 SCQL (Structured Card Query Language)
 Provides standardized interface
 No need to know file formatting details
Cyclic File
byte number
1 2 3 4 5 6 7 8 9 m
record 1
number
2
3
4

n
n+1st record

 READ gives the most recently written record

 Maximum number of records: 254
 When maximum is reached, first record is overwritten
 Record length: 1 .. 254 bytes

SOURCE: ANDREAS STEFFEN

ATM and Debit Card Cryptography

 PIN cannot be stored anywhere in plaintext

 PIN cannot be reverse-engineered from the card or
any database
 Generate a random 4-digit number (the PIN)
 Combine PIN with other data (account number) to
form a data block
 Encrypt the data block using 3DES and secret
bank keys
 Select several digits from the encrypted data to
use as the Pin Verification Value (P V V)
Forming the Pin Verification Value

ACCOUNT 4-DIGIT
NUMBER PIN

SECRET ENCRYPTED
BANK KEYS
3DES DATA BLOCK
SELECT 4-6 DIGITS
FROM ENCRYPTED DATA
BLOCK TO FORM P V V

PIN VERIFICATION
VALUE (P V V)

CARD HAS
ACCOUNT NUMBER
AND P V V
Using the Card
CARD HAS
ACCOUNT NUMBER
AND PVV
P V Vs MATCH?
ATM MACHINE READS ACCOUNT USER IS AUTHENTIC
NUMBER AND P V V
P V Vs DIFFERENT?
USER TYPES PIN
USER IS REJECTED
MACHINE NOW HAS:

ACCOUNT 4-DIGIT
PVV COMPARE CARD P V V
NUMBER PIN
WITH COMPUTED P V V
MACHINE HAS BANK
KEYS IN HARDWARE:

SECRET ENCRYPTED
BANK KEYS
3DES DATA BLOCK PVV

COMPUTE P V V
 OpenCard Framework (OCF)

CardService
Layer
(TALKS TO CARD)

CardTerminal
Layer
(TALKS TO READER)

SOURCE: OPENCARD.ORG

SOURCE: OPENCARD.ORG
 Card Security Threats

Group 5
ATTACKS ON THE RUN-TIME
ENVIRONMENT THROUGH THE
Group 6
CARD ACCEPTANCE DEVICE (CAD)
THREATS FROM CARD APPS AND
NEED TO SHARE RESOURCES
Clone
Future
Past Group 7
Group 3 Current
ATTACKS USING CARDS THREATS BASED ON RTE
NOT YET ISSUED, OLD
CARDS, CLONES
CAD IMPLEMENTATION

Group 4
Group 1 ATTACKS ON CARD’S
INTERFACE TO THE OUTSIDE, Group 2
DIRECT ATTACKS ON E.G. PREMATURE REMOVAL INDIRECT ATTACKS
CHIP CIRCUITRY
ON CHIP CIRCUITRY

SOURCE: GAMMA
Power and Timing Analysis

NOP MUL JMP

(no operation) (multiplication) (jump)

power
consumption

time
Source: Rankl and Effing, "Handbuch der Chipkarten", 2002
 Differential Power Analysis
 Send different inputs to the Smart Card to learn details of its
encryption key
 When a correct key value is tried, the algorithm responds
 Incorrect keys have zero average response

16 DES
INITIAL SMART CARD POWER CONSUMPTION
ROUNDS
PERMUTATION DURING DES ENCRYPTION
FINAL PERMUTATION

EXPANDED VIEW
OF ROUNDS 2 & 3

SOURCE: cryptography.com
Reverse engineering
Probing with Needles
Contactless Card
 Communicates by radio
 Power supplied by reader
 Data rate 106 Kb/sec
 Read 2.5 ms, write 9 ms
 8 Kb EEPROM, unlimited read, 100,000 writes
 Effective range: 10 cm, signals encrypted
 Lifetime: 2 years (data retention 10 years)
 Two-way authentication, nonces, secret keys
 Anticollision mechanism for multiple cards
 Unique card serial number
SOURCE: GEMPLUS
RFID Tags
IC Chip

32mm and 23mm

capsule transponder

Antenna
 How RFID Works
 Tag enters RF field Antenna
 RF signal powers tag
 Tag transmits ID, plus data
 Reader captures data
 Reader sends data to computer
 Computer determines action
 Computer instructs reader
 Reader transmits data to tag
Tag

Computer
RFID
Reader
SOURCE: PHILIPS
Euro Banknotes
 European Central Bank has announced plans to
implant RFID tags in banknotes by 2005

• Uses
– Anti-counterfeiting

– Tracking money flows

PAYMENT ON A KEYCHAIN

SMALL AND CHEAP

Automated Toll Collection
Hong Kong Smart Cards

 Octopus
 12 million cards, 15,000 readers
 7 million transactions/day
 $48M HKD per day
 Visacash
 ComPass Visa (VME)
 Mondex
 GSM SIM, ePark
Octopus Card Features
 Hong Kong RFID payment card
 Operating distance: 15 cm
 Bandwidth: 211 Kb/sec
 Triple DES in 70 sec
 EEPROM 1536 bytes
 128-byte data backup area
 16-byte manufacturer ID; 16-byte issue ID
 Processing time: 50 msec on card, 300 msec overall
 Random access and cyclic files
 Anti-collision protocol
SOURCE: MITSUBISHI
Octopus Card Security

SOURCE: MITSUBISHI
Octopus

SONY RC-S833
CONTACTLESS SMART CARD
SONY READER/WRITER

                
       
I/O SPEED: 211 Kbps

SOURCE: SONY
Octopus Expansion

• Identity card
• Access control
• Hotel room key
• Credit card
• McDonalds
• Mobile phone
• Home readers

SOURCE: CREATIVE STAR

Octopus Clearing

CENTRAL CLEARING
HOUSE SYSTEM

SERVICE
PROVIDER
CENTRAL
COMPUTER

LOCAL
DATA
PROCESSOR

SOURCE:

SOURCE: SAMMY KAM

 Octopus Settlement
SERVICE PROVIDER
• CONSOLIDATE DATA CENTRAL COMPUTERS
• PRINT REPORTS (SPCC)
• ROUTE DATA TO CCHS MTR CENTRAL
COMPUTER LOAD AGENT
CENTRAL
COMPUTER

• DISTRIBUTE SOFTWARE
CENTRAL
• COLLECT TRANSACTIONS
STATION CLEARING
• PRINT REPORTS
COMPUTER HOUSE
• SEND DATA TO SPCC SYSTEM
CCHS
• VALIDATE DATA
• NET ACCOUNTING
SETTLE MENT
• MUTUAL HSBC HEXAGON OCTOPUS
AUTHENTICATION BANK
• CHECK BLACKLIST

UPDATE CARD LOAD REGULAR ACCT

•
MTR’S
• STORE TRANSACTIONS AGENT’S BUFFER ACCT
BANK
FARE PROCESSORS BANK RESERVE ACCT
Major Ideas
 Smart cards replace cash
 Potential of cards is unexplored; new uses every day
 Powerful microprocessors allow
 cryptography
 certificates, authentication
 secure purses
 Wireless (contactless) cards enable new business
models
 Smart card security is not perfect
Q&A
Thank you