copyofsmartcard-tanu-091108111933-phpapp02

7/31/2019 copyofsmartcard-tanu-091108111933-phpapp02

1/24


2/24


3/24

DEFINITION

A Smart card is a portable devices thatcontains some non-volatile memory and amicroprocessor.

This card contains some kind of anencrypted key that is compared to a secretkey contained on the users processor.


4/24

Standard credit card-sizedwith microchip embedded

on itTwo types

Memory-only chipsMicroprocessor chips


5/24

Why Smart Cards

Improve the convenience and securityof any transaction.

Provide tamper-proof storage of userand account identity.

Provide vital components of systemsecurity.

Protect against a full range of securitythreats


6/24

Types of Smart Cards

Relationship based smart credit cards

Electronic purses (replace money; knownas debit cards and electronic money)


7/24

OBJECTIVE

Machine readable plastic cards

Security mechanisms

Applications


8/24

Construction of Smart Cards


9/24

Construction of Smart Cards

I/ORST

RFU RFU

GND

Vpp

Vcc

CLK


10/24

Plastic Cards

Visual identity application

Plain plastic card is enough

Magnetic strip (e.g. credit cards)

Visual data also available in machinereadable form

No security of data

Electronic memory cards

Machine readable data

Some security (vendor specific)


11/24

Smart Cards

Processor cards (and thereforememory too)

Credit card size

With or without contacts.

Cards have an operating system too.

The OS provides

A standard way of interchanginginformation

An interpretation of the commands anddata.

Cards must interface to a computer or


12/24

Smart Cards devices

VCC

Reset

ClockReserved

I/O

VPP

GND


13/24

Whats in a Card?

VccRSTCLK

RFU

Vpp

I/O

GND

RFU


14/24

Typical Configurations

256 bytes to 4KB RAM.8KB to 32KB ROM.1KB to 32KB EEPROM.

Crypto-coprocessors (implementing3DES, RSA etc., in hardware) areoptional.8-bit to 16-bit CPU. 8051 baseddesigns are common.

The price of a mid-level chip when

produced in bulk is less than US$1.


15/24

Smart Card Readers

Computer based readers

Connect through USB orCOM (Serial) ports


16/24

Communication mechanisms

Communication between smart card andreader is standardized

ISO 7816 standard

Commands are initiated by the terminal

Interpreted by the card OSCard state is updatedResponse is given by the card.

Response from the card include 1..Le bytes

followed by Response Code


17/24

Security Mechanisms

Password

Card holders protection

Cryptographic challenge Response

Entity authentication

Biometric information

Persons identification

A combination of one or more


18/24

Password Verification

Terminal asks the user to provide apassword.

Password is sent to Card forverification.

Scheme can be used to permit userauthentication.


19/24

Cryptographic verification

Terminal verify card (INTERNAL AUTH)

Terminal sends a random number to card to behashed or encrypted using a key.

Card provides the hash or hypertext.Terminal can know that the card is authentic.

Card needs to verify (EXTERNAL AUTH)

Terminal asks for a challenge and sends the

response to card to verifyCard thus know that terminal is authentic.

Primarily for the Entity Authentication


20/24

Biometric techniques

Finger print identification.

Features of finger prints can be kept onthe card (even verified on the card)

Photograph pattern .

Such information is to be verified by a

person. The information can be stored inthe card securely.


21/24

Access control on the files

Applications may specify the accesscontrols

A password (PIN) on the MF selection

For example SIM password in mobiles

Multiple passwords can be used andlevels of security access may be given

Applications may also usecryptographic authentication


22/24

How does it all work?

Card is inserted in the terminalCard gets power. OS boots up.Sends ATR (Answer to reset)

ATR negotiations take place toset up data transfer speeds,capability negotiations etc.

Terminal sends first command toselect MF

Card responds with an error(because MF selection is only onpassword presentation)

Terminal prompts the user toprovide password

Terminal sends password forverification

Card verifies P2. Stores a statusP2 Verified. Responds OK

Terminal sends command toselect MF again

Terminal sends command to read EF1

Card supplies personal data andresponds OK

Card responds OK


23/24

Current Applications

Payphones

Mobile Communications

Banking & RetailElectronic Purse

Health Care

ID Verification and Access Control


24/24

Thank You

copyofsmartcard-tanu-091108111933-phpapp02

Documents