copyofsmartcard-tanu-091108111933-phpapp02
Post on 05-Apr-2018
215 Views
Preview:
TRANSCRIPT
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
1/24
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
2/24
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
3/24
DEFINITION
A Smart card is a portable devices thatcontains some non-volatile memory and amicroprocessor.
This card contains some kind of anencrypted key that is compared to a secretkey contained on the users processor.
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
4/24
Standard credit card-sizedwith microchip embedded
on itTwo types
Memory-only chipsMicroprocessor chips
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
5/24
Why Smart Cards
Improve the convenience and securityof any transaction.
Provide tamper-proof storage of userand account identity.
Provide vital components of systemsecurity.
Protect against a full range of securitythreats
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
6/24
Types of Smart Cards
Relationship based smart credit cards
Electronic purses (replace money; knownas debit cards and electronic money)
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
7/24
OBJECTIVE
Machine readable plastic cards
Security mechanisms
Applications
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
8/24
Construction of Smart Cards
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
9/24
Construction of Smart Cards
I/ORST
RFU RFU
GND
Vpp
Vcc
CLK
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
10/24
Plastic Cards
Visual identity application
Plain plastic card is enough
Magnetic strip (e.g. credit cards)
Visual data also available in machinereadable form
No security of data
Electronic memory cards
Machine readable data
Some security (vendor specific)
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
11/24
Smart Cards
Processor cards (and thereforememory too)
Credit card size
With or without contacts.
Cards have an operating system too.
The OS provides
A standard way of interchanginginformation
An interpretation of the commands anddata.
Cards must interface to a computer or
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
12/24
Smart Cards devices
VCC
Reset
ClockReserved
I/O
VPP
GND
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
13/24
Whats in a Card?
VccRSTCLK
RFU
Vpp
I/O
GND
RFU
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
14/24
Typical Configurations
256 bytes to 4KB RAM.8KB to 32KB ROM.1KB to 32KB EEPROM.
Crypto-coprocessors (implementing3DES, RSA etc., in hardware) areoptional.8-bit to 16-bit CPU. 8051 baseddesigns are common.
The price of a mid-level chip when
produced in bulk is less than US$1.
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
15/24
Smart Card Readers
Computer based readers
Connect through USB orCOM (Serial) ports
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
16/24
Communication mechanisms
Communication between smart card andreader is standardized
ISO 7816 standard
Commands are initiated by the terminal
Interpreted by the card OSCard state is updatedResponse is given by the card.
Response from the card include 1..Le bytes
followed by Response Code
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
17/24
Security Mechanisms
Password
Card holders protection
Cryptographic challenge Response
Entity authentication
Biometric information
Persons identification
A combination of one or more
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
18/24
Password Verification
Terminal asks the user to provide apassword.
Password is sent to Card forverification.
Scheme can be used to permit userauthentication.
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
19/24
Cryptographic verification
Terminal verify card (INTERNAL AUTH)
Terminal sends a random number to card to behashed or encrypted using a key.
Card provides the hash or hypertext.Terminal can know that the card is authentic.
Card needs to verify (EXTERNAL AUTH)
Terminal asks for a challenge and sends the
response to card to verifyCard thus know that terminal is authentic.
Primarily for the Entity Authentication
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
20/24
Biometric techniques
Finger print identification.
Features of finger prints can be kept onthe card (even verified on the card)
Photograph pattern .
Such information is to be verified by a
person. The information can be stored inthe card securely.
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
21/24
Access control on the files
Applications may specify the accesscontrols
A password (PIN) on the MF selection
For example SIM password in mobiles
Multiple passwords can be used andlevels of security access may be given
Applications may also usecryptographic authentication
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
22/24
How does it all work?
Card is inserted in the terminalCard gets power. OS boots up.Sends ATR (Answer to reset)
ATR negotiations take place toset up data transfer speeds,capability negotiations etc.
Terminal sends first command toselect MF
Card responds with an error(because MF selection is only onpassword presentation)
Terminal prompts the user toprovide password
Terminal sends password forverification
Card verifies P2. Stores a statusP2 Verified. Responds OK
Terminal sends command toselect MF again
Terminal sends command to read EF1
Card supplies personal data andresponds OK
Card responds OK
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
23/24
Current Applications
Payphones
Mobile Communications
Banking & RetailElectronic Purse
Health Care
ID Verification and Access Control
-
7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02
24/24
Thank You
top related