la carte à puce - nicolas courtois · 25 nicolas t. courtois 2006-2009 vocabulary magnetic stripe...
TRANSCRIPT
![Page 1: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/1.jpg)
La Carte à Puce
Nicolas T. Courtois 1, ex. 2
1 - University College of London, UK2 = [Axalto+Gemplus]
![Page 2: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/2.jpg)
Smart Cards
2 Nicolas T. Courtois 2006-2009
Scope and References
![Page 3: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/3.jpg)
Smart Cards
3 Nicolas T. Courtois 2006-2009
What are Smart Cards ?The eternal tension in the industry:
competition � cooperation.
1. huge set of standards:• public bodies: ISO/IEC, ETSI, etc.• 10s of intra-industry standard bodies such as
GlobalPlatform, TCG
2. many industrial/commercial/trade/security secrets
![Page 4: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/4.jpg)
Smart Cards
4 Nicolas T. Courtois 2006-2009
Books About Smart Cards
1) Security Engineering [Cambridge]• by Ross Anderson• MUCH larger scope, may selectively read
Chapters 3-5,10,11,16, 22,26 etc.
2) Smart Card Handbook [Germany, 2002]• by Wolfgang Rankl and Wolfgang Effing
3) Smart Card Applications [Germany, 2007]• by Wolfgang Rankl
4) LATEST BOOK [RHUL, 2008]Smart Cards, Tokens, Security and Applications
• by Keith Mayes and Konstantinos Markantonakis (Editors)
![Page 5: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/5.jpg)
Smart Cards
5 Nicolas T. Courtois 2006-2009
RemarkWhat do we learn from these books:• A lot of things [1000s of pages].But still many things are missing:• Full specs of products?• Full specs of chips?• Details of advanced security countermeasures?• Secret crypto algorithms + padding• Details of authentication protocols• Some little tricks that make big difference…The industry cultivates a lot of secrecy(!).
But at the same they publish 100s of papers they have 1000s of patents, and runs 10s of standard bodies… Many things are not that secret. Just obscure.
![Page 6: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/6.jpg)
Smart Cards
6 Nicolas T. Courtois 2006-2009
Motivation in a Nutshell
![Page 7: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/7.jpg)
Smart Cards
7 Nicolas T. Courtois 2006-2009
Key RemarkSoftware CANNOT be protected by software.
![Page 8: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/8.jpg)
Smart Cards
8 Nicolas T. Courtois 2006-2009
Main Function of a Smart Card = = to be “a secure hardware device”.
1. ”intelligent” (Smart): the card – handles computations (e.g. crypto)– manages data (OS, file system, access rights)– takes informed security decisions (…block itself !)
2. Hopefully ”unbreakable”: nobody can know/modify what is inside.
USB interface ISO, [USB], [RF]
ISO, [USB,RFRFRF]
USB Token form factorSIM card form factor
credit card form factor
![Page 9: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/9.jpg)
Smart Cards
9 Nicolas T. Courtois 2006-2009
“The Loophole”
![Page 10: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/10.jpg)
Smart Cards
10 Nicolas T. Courtois 2006-2009
Magnetic Stripe Cards [since 60s]
Which one is counterfeit ?
Chip cards: much harder to read, much harder to counterfeit.
![Page 11: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/11.jpg)
Smart Cards
11 Nicolas T. Courtois 2006-2009
Recall:Two sorts of technologies:A) Those that are effective if deployed at 20%:
Examples: 1. virus detection (as opposed to removal / fighting the viruses), 99 %2.2.2. email / hard disk encryption, 20 %email / hard disk encryption, 20 %email / hard disk encryption, 20 %3.3.3. making the entry/authentication harder, as an option for the usemaking the entry/authentication harder, as an option for the usemaking the entry/authentication harder, as an option for the user, 20%r, 20%r, 20%
B) Those that are totally ineffective even at 99%:Examples:Examples:Examples:
1.1.1. virus removal,virus removal,virus removal,2.2.2. buggy antibuggy antibuggy anti---virus: virus: virus: “““your antiyour antiyour anti---virus has just restarted due to an internal virus has just restarted due to an internal virus has just restarted due to an internal
errorerrorerror”…”…”…3.3.3. we click YES for 1 % of the security alerts out of fatiguewe click YES for 1 % of the security alerts out of fatiguewe click YES for 1 % of the security alerts out of fatigue………
••• certificates are frequently invalidcertificates are frequently invalidcertificates are frequently invalid………••• it invalidates the 99 % of the time we did prevent the intrusionit invalidates the 99 % of the time we did prevent the intrusionit invalidates the 99 % of the time we did prevent the intrusion………
we lost our timewe lost our timewe lost our time4.4.4. if some ATMs still accept a blankif some ATMs still accept a blankif some ATMs still accept a blank magmagmag---stripe only cards, the whole stripe only cards, the whole stripe only cards, the whole
purpose of chips on bank cards is nearly defeatedpurpose of chips on bank cards is nearly defeatedpurpose of chips on bank cards is nearly defeated………
![Page 12: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/12.jpg)
Smart Cards
12 Nicolas T. Courtois 2006-2009
Magnetic Stripe Bank Cards - Loophole:
As long as some merchants accept them, they will be fraud…
In France:Since the introduction of smart cards: Fraud decreased 10 times
in 10 years.
![Page 13: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/13.jpg)
Smart Cards
13 Nicolas T. Courtois 2006-2009
Philosophy / Model for Security of Smart Cards
![Page 14: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/14.jpg)
Smart Cards
14 Nicolas T. Courtois 2006-2009
Why Smart Cards Are Good
Or are they?
The classical model for smart card security[Schneier and Schostack 1999]
is about • Splitting the security perimeter:
• One entity cannot breach the other people’s security?
• Hardware barriers that cannot be breached by software,• Motto: Software cannot protect software.
• Physical control of the card, • By the user, if it is in my pocket, it is not being hacked…
• And trusting the entities involved…• Companies/people involved in this business can compromise it’s security (backdoors etc!)
slightproblem..
![Page 15: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/15.jpg)
Smart Cards
15 Nicolas T. Courtois 2006-2009
“Slight Problem” - Example:
The secrecy of the product spec can be:• An extra security layer,
– if hackers need 3 months more to get it, this can be worth millions of dollars in revenue…
• A source of unexpected and critical security vulnerabilities – that by the fact of being hidden
gives an utterly false sense of security.
![Page 16: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/16.jpg)
Smart Cards
16 Nicolas T. Courtois 2006-2009
History
![Page 17: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/17.jpg)
Smart Cards
17 Nicolas T. Courtois 2006-2009
Short Plastic Card History1878 US fiction writer Bellamy: In 2000 everybody will be paying
by a credit card (!). Cf. Edward Bellamy “Looking Backward, 2000 to 1887”.
1914-1940 Metal credit cards in the US, forbidden during WW2forbidden during WW2forbidden during WW21950 Invention of plastic money (PVC): Frank McNamara@Diners Club
[NY, USA] issues first universal plastic [charge] credit cards .
1967 First cash machines [DeLaRue] with punch cards.
1967 France: first magnetic stripe card for access control.
1972 [UK] First on-line ATM with magnetic stripe cards.
![Page 18: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/18.jpg)
Smart Cards
18 Nicolas T. Courtois 2006-2009
History - Chip Cards1960s1. French science-fiction book “La nuit de temps” by
René Barjavel: A portable object/jewel that opens doors.
2. Plastic credit cards were standardized and used since the 50s [plastic money].
1970s: 1+2 = Embedding electronic components in credit cards: Many patents in USA, Germany, Japan and then France.
![Page 19: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/19.jpg)
Smart Cards
19 Nicolas T. Courtois 2006-2009
Historical Patents
![Page 20: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/20.jpg)
Smart Cards
20 Nicolas T. Courtois 2006-2009
Smart Card Odyssey
Two Key Patents:• Roland Moreno [France]:
– chip card [1974]– security limitations [1975]
• Michel Ugon, Bull CP8: – microprocessor card [1977]
10 years ago, half of chip cards in the world were French. Wider adoption around 2000.
![Page 21: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/21.jpg)
Smart Cards
21 Nicolas T. Courtois 2006-2009
First Smart Card - Bull CP8
Around 1980, 2 chips, CPU+RAM, not very secure!
CP8 = Circuit Programmable 8 bits, CP8 = Circuit Programmable 8 bits, CP8 = Circuit Programmable 8 bits, Carte Carte Carte ààà Puce 8 bitsPuce 8 bitsPuce 8 bits
![Page 22: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/22.jpg)
Smart Cards
22 Nicolas T. Courtois 2006-2009
SPOM, October 1981 - Bull CP8
Patented• NMOS 3,5 µ, • 42 K Transistors,• RAM: 36 bytes (!), • ROM: 1,6 Kbytes, • EPROM: 1 Kbyte
![Page 23: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/23.jpg)
Smart Cards
23 Nicolas T. Courtois 2006-2009
History of Electronic Bank Cards - in 1984:Schlumberger pilot in Lyon, France: • a simple wired logic card
Bull CP8 pilot in Blois, France: • a microprocessor card
The banks adopted the Bull CP8 solution, the fore-father of current smart bank cards (EMV).
100% in France in 1992. 100% in the world around 2010 ?
=> Close the loophole.
Gemplus
![Page 24: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/24.jpg)
Smart Cards
24 Nicolas T. Courtois 2006-2009
Vocabulary, Typology, Features
![Page 25: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/25.jpg)
Smart Cards
25 Nicolas T. Courtois 2006-2009
Vocabulary
magnetic stripe card
IC= Integrated CircuitICC, chip card :• memory card
• wired logic card• smart card
carte à piste magnétique
puce, circuit intégrécarte à puce :• carte à mémoire• c. à logique câblée• carte à microprocesseur[+crypto co-processeur]
![Page 26: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/26.jpg)
Smart Cards
26 Nicolas T. Courtois 2006-2009
More Vocabulary
card reader, CAD (Card Acceptance Device)
BO’ card [1985-2004]EMV card [1996-2020?]
lecteur carte
carte bancaire françaisenouveau standard
![Page 27: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/27.jpg)
Smart Cards
27 Nicolas T. Courtois 2006-2009
Types of cards
memory/wired logic microprocessor
micropr.+crypto contactless
Source: Gartner, 2005
0 CPU
2 CPU
1 CPU
1-2 CPU
![Page 28: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/28.jpg)
Smart Cards
28 Nicolas T. Courtois 2006-2009
Memory/Wired Logic CardMemory/Wired Logic Card
• Primitive• NVM – non-
volatile memory(E2PROM, Flash
memory)• simple function• e.g. prepay card
![Page 29: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/29.jpg)
Smart Cards
29 Nicolas T. Courtois 2006-2009
Smart CardSmart Card
• Microcontroller = CPU+memory
• Universal, Turing machine, software driven
• flexibility• security features• [Hardware DES]
![Page 30: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/30.jpg)
Smart Cards
30 Nicolas T. Courtois 2006-2009
CryptoCrypto--processor IC Cardsprocessor IC Cards
• Additional crypto-processor for RSA or elliptic curves
• Hardware security counter-measures
![Page 31: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/31.jpg)
Smart Cards
31 Nicolas T. Courtois 2006-2009
ContactContact--less Smart Cardless Smart Card
• with RF transceiver• 0.1 s transaction
– much less energy– even less computing
power
![Page 32: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/32.jpg)
Smart Cards
32 Nicolas T. Courtois 2006-2009
Memory on Smart Cards• ROM (‘hard mask’: C/Assembly, contains OS,
secure file access, I/O, libraries[crypto!], JVM) = 100 - 300 Kbytes now
• RAM = 4-16 K now(expensive, first Bull CP8 card had 36 bytes)
• NVM: (‘soft mask’, compiled C, more libraries…)– EPROM: 1980s, high voltage needed to erase it– E2PROM: 8-64 Kbytes,
recently 128-256 K GSM SIM.– New trend: Flash memory:
• Much cheaper, dense and shrinkable process.• Random read, harder to manage,
hard to re-write and very slow to erase.• Spansion 2006: 1 Giga in a SIM card!
≈≈≈≈≈≈≈≈10001000 times slower times slower to writeto write than RAMthan RAM
![Page 33: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/33.jpg)
Smart Cards
33 Nicolas T. Courtois 2006-2009
Memory – R/Erase Memory
• Exists in Certain Memory Cards• In E2PROM,the transition from 0->1 is VERY
VERY slow. – But this is a security feature!– Read-Erase Memory (cannot 0->1):
≈≈≈≈≈≈≈≈10001000 times slowertimes slower
![Page 34: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/34.jpg)
Smart Cards
34 Nicolas T. Courtois 2006-2009
Life Cycle of a Smart Card [ISO 10202-1]• Manufacturing: [e.g. Infineon, Gemalto]
– ROM <= ‘hard mask’, remove test functionality
• Initialize: [e.g. Gemalto, Card Issuer]– E2PROM <= ‘soft mask’, completing O.S. install
• Personalize: [Card Issuer]– Init apps– E2PROM <= data, keys etc. for an individual user!
• Use it: [e.g. ATM]– issue commands (APDUs)
• Death: [e.g. local bank]– invalidate the chip / destroy the card.
![Page 35: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/35.jpg)
Smart Cards
35 Nicolas T. Courtois 2006-2009
****Perso Process
![Page 36: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/36.jpg)
Smart Cards
36 Nicolas T. Courtois 2006-2009
Functionalities of Chip/Smart Cards
![Page 37: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/37.jpg)
Smart Cards
37 Nicolas T. Courtois 2006-2009
Advantages of Smart Card
• storage capacity• security functionalities• multiple functions• user acceptability, effective packaging• successful business model
![Page 38: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/38.jpg)
Smart Cards
38 Nicolas T. Courtois 2006-2009
Crypto Functionalities of a Smart Card (1)
• Cardholder verification by the card. – Check PIN or biometric data.– Not always done with crypto, but otherwise
necessary to activate the crypto capabilities of the card.
• Key generation, its secure storage, safe “usage” and (why not) erasure.
• Encrypt data (public and secret key)– emails, files, etc… e.g. PGP PKI badge– secure messaging
![Page 39: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/39.jpg)
Smart Cards
39 Nicolas T. Courtois 2006-2009
Crypto Functionalities of a Smart Card (2)Authentication – from weaker to stronger:• Integrity checks (CRC, or better: cryptographic hash).• Origin checks (storing a static signature)• Dynamic Challenge-Replay card authentication (proof of
identity, should be a Zero-knowledge mechanism).• Dynamic authentication of any data with a 3-DES
cryptogram or a MAC (symmetric-key signatures).• Dynamic authentication of any data with a “real” (=public-
key) digital signature. – Provides authenticity and non-repudiation of every individual action
taken in a complex protocol !
• Also verification: the authenticity of a terminal / external word.
![Page 40: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/40.jpg)
Smart Cards
40 Nicolas T. Courtois 2006-2009
Smart Card Applications
![Page 41: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/41.jpg)
Smart Cards
41 Nicolas T. Courtois 2006-2009
Some Applications of a Smart Card
• PayTV - Broadcast Encryption and Traitor Tracing.– First PayTV Card: Philips+Bull, 1980-81
• Storing private data (emails, passwords etc…)• First phone cards with a chip: [1983 Schlumberger
Télécarte, France], [1984 G&D Telekarte, Germany], Remark: wired logic, contact placement later changed
• GSM / 3G phones – First SIM card: Gemplus 1989, MANY billions sold since
• Electronic passport, ID– PKI, Belgium by Axalto.– Biometric passports: required since October 2005.
![Page 42: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/42.jpg)
Smart Cards
42 Nicolas T. Courtois 2006-2009
More Applications of a Smart Card
• Bank Cards [since 1984, Bull CP8]• Home Banking, Internet Shopping• PC access, corporate badge, secure email
PGP• Electronic purse, parking: [1996-] Proton[Be],
Geldkarte, later integrated with bank cards• First student card [restaurant, library, etc.]
– First in 1988, Italy, Bull CP8
![Page 43: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/43.jpg)
Smart Cards
43 Nicolas T. Courtois 2006-2009
Smart Cards Market
![Page 44: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/44.jpg)
Smart Cards
44 Nicolas T. Courtois 2006-2009
**Actors and Value Chain
![Page 45: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/45.jpg)
Smart Cards
45 Nicolas T. Courtois 2006-2009
2004 Market Shares [before merger]
Source: Gartner, 2005
Microprocessor cards Market
1,566 million units
Axalto
Gemplus
G&D
OCSOrga
Incard
Others
23%
13%
5%
26%
20%
9%
4%
![Page 46: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/46.jpg)
Smart Cards
46 Nicolas T. Courtois 2006-2009
***2007 Market Segments
Source: Gartner, 2005
[source: eurosmart.com]
![Page 47: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/47.jpg)
Smart Cards
47 Nicolas T. Courtois 2006-2009
Market GrowthIn Volume: in M units shipped
In Value: in M €
![Page 48: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/48.jpg)
Smart Cards
48 Nicolas T. Courtois 2006-2009
Industrial Standards [1]:=> Cards
![Page 49: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/49.jpg)
Smart Cards
49 Nicolas T. Courtois 2006-2009
What is a Smart Card ?Set of standards ISO.• cards with contacts:
– ISO 7816-1..3
• contact-less:– ISO 14443 (proximity <10 cm)
– ISO 15693 (vicinity <1 m)– more…
• with and without contact:– ISO 7816-4..16
![Page 50: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/50.jpg)
Smart Cards
50 Nicolas T. Courtois 2006-2009
ISO 7816-1
Size matters! Like a credit card.
![Page 51: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/51.jpg)
Smart Cards
51 Nicolas T. Courtois 2006-2009
ISO 7816-1
Physical Characteristics:• operating temperature, humidity, etc…
» below are very severe requirements:
• bending properties (the chip can break• torsion properties or take-off)
» Consequences for the chip:
• silicon surface ≤ 25 mm2, ≤ 0.3 mm depth• small computing power, not Pentium 4…
![Page 52: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/52.jpg)
Smart Cards
52 Nicolas T. Courtois 2006-2009
Manufacturing
![Page 53: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/53.jpg)
Smart Cards
53 Nicolas T. Courtois 2006-2009
Bare Connectors
• The chip will be glued to the contact.
![Page 54: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/54.jpg)
Smart Cards
54 Nicolas T. Courtois 2006-2009
Die Bonding
• Connections with gold wire (20 µm)
![Page 55: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/55.jpg)
Smart Cards
55 Nicolas T. Courtois 2006-2009
Encartage
• Embed in a ¾ mm card.
![Page 56: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/56.jpg)
Smart Cards
56 Nicolas T. Courtois 2006-2009
Encapsulation
• Embed in a ¾ mm card.(Encartage (Encartage (Encartage FrFrFr)))
![Page 57: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/57.jpg)
Smart Cards
57 Nicolas T. Courtois 2006-2009
Plastic Matters
![Page 58: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/58.jpg)
Smart Cards
58 Nicolas T. Courtois 2006-2009
ISO 7816-2
Contacts1.7 x 2 mm
[changed in 1990]
old AFNOR standard
![Page 59: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/59.jpg)
Smart Cards
59 Nicolas T. Courtois 2006-2009
ISO 7816-2=> Freedom
![Page 60: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/60.jpg)
Smart Cards
60 Nicolas T. Courtois 2006-2009
Contact Quality
• “Friction force” readers scratch the cards [contacts frottants]
• Landing contacts – much better [contacts atterrissants]
![Page 61: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/61.jpg)
Smart Cards
61 Nicolas T. Courtois 2006-2009
ISO 7816-2 - Historical
C1 – VCC (+) C5 – GND (-)C2 – Reset C6 – VPP for EPROMC3 – CLK C7 – I/O (serial port a.k.a. ISO)C4 – ??? C8 - ???
![Page 62: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/62.jpg)
Smart Cards
62 Nicolas T. Courtois 2006-2009
ISO 7816-2 – Evolution@2005-2009
C1 – VCC C5 – GNDC2 – RST C6 – [SWP -> antenna]C3 – CLK C7 – I/OC4 – [USB] C8 - [USB]
USB USB Samsung S-SIMsupports both+NAND+InterChip USB
![Page 63: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/63.jpg)
Smart Cards
63 Nicolas T. Courtois 2006-2009
ISO 7816-3 and EMV/GSMVoltage and current supplied [I~clock freq.]:
• Class A: 5 V ±10% / 60 mA @5 MHz [ex. 200 mA]
• Class B: 3 V ±10% / 50 mA @ 4 MHz• Class C: 1.8 V ±10% / 30 mA @ 4 MHz
• EMV bank cards: always 5V, 50 mA• GSM cards: class A-C max current respectively:
10 / 6 / 4 mA ONLY! (heat, phone battery life).
![Page 64: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/64.jpg)
Smart Cards
64 Nicolas T. Courtois 2006-2009
Power MattersSummary: • …• Bank card: 5 V, 50 mA• GSM SIM class C card (the latest): 4 mA• …• Even much less for contact-less cards !!!
(power supplied by an alternative magnetic field)
=>Very Low computing power !!! In contrast: modern PC CPU – up to 50 000 mA !
![Page 65: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/65.jpg)
Smart Cards
65 Nicolas T. Courtois 2006-2009
Power MattersSummary: • Several 1000 x less power than an Intel CPU…
• Low surface (≤ 25 mm2)• Lower density (0.09 µm
vs. 0.065 µ SOI process for recent CPUs)
• 8 and 16-bit CPUs for very long time• 32 bits CPU only since 2003-4
![Page 66: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/66.jpg)
Smart Cards
66 Nicolas T. Courtois 2006-2009
****Electrical behavior of contactsI/O: • Z=high- A=low, remains Z unless in transmissionCLK: • in/out capacity < 30 pF,
To switch on (no electricity until all are connected): • RST low, VCC high, no VPP, I/O = Z, CLK = 1…5 MHzTo switch off: • RST low, CLK low, VPP inactive, I/O = A, VCC low
![Page 67: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/67.jpg)
Smart Cards
67 Nicolas T. Courtois 2006-2009
ISO 7816-3
CLK: • transition time < Max( 0,5 µs, 9% x period T)• at 1 during 40 % - 60 % of time.
– The card security should block if short impulses !
Clock speed:• First cards [1996]: 3.579545 MHz
(still@begin)
![Page 68: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/68.jpg)
Smart Cards
68 Nicolas T. Courtois 2006-2009
Clock and Maximum Computing Power Avail.
Clock speed, NO co-processor:• 1990: 3.5 MHz, RSA-512, 2 minutes
Clock speed with co-processor:• 1996: 3.5 MHz, RSA-1024 in 500 ms• 2000: 7 MHz, RSA-2048 in 500 ms• 2004: 60-100 MHz, RSA-2048 in 50 ms • 200-400 MHz today, RSA-2048 in 10 ms
![Page 69: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/69.jpg)
Smart Cards
69 Nicolas T. Courtois 2006-2009
I/O - ISO 7816-3Known as “ISO interface” of a card: simplified UART (serial port)Transmission of bytes:
Time duration of 1 bit = 1 Elementary Time Unit [etu]
N specified by TC1 in ATR
![Page 70: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/70.jpg)
Smart Cards
70 Nicolas T. Courtois 2006-2009
ETU
etu = duration of 1 bit, by default 1 etu = 372 / Clock frequency Examples:• 3.5712 MHz/372=9600 bit/s• 3.5712 MHz/186=19200 bit/s• 3.5712 MHz/93=38400 bit/s• 3.5712 MHz/32=111600 bit/s
![Page 71: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/71.jpg)
Smart Cards
71 Nicolas T. Courtois 2006-2009
ISO 7816-3Defines the ATR: answer to reset. Up to 33 bytes.
Must happen at 400 … 40,000 clocks after RST. ATR = a series of bytes transmitted in order b8..b1:• TS • T0 [presence of TA1-TD1 and 0..15 historical bytes]
– TA1– TB1 – TC1– TD1: like T0, specifies the presence of extra objects…
• TA2• etc…
![Page 72: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/72.jpg)
Smart Cards
72 Nicolas T. Courtois 2006-2009
ATR Structure
XOR checksum
![Page 73: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/73.jpg)
Smart Cards
73 Nicolas T. Courtois 2006-2009
TS specifies:TS [A+8+Z bits]: specifies the relationship between A/Z and 0/1 Z=high voltage, A=low voltage• Direct convention [Germany], where A=0, Z=1:
TS = ‘3B’; b1:b8= A(ZZAZZZAA)Z• Inverse convention [France], with A=1, Z=0:
TS = ‘3F’; b8:b1= A(ZZAAZZZZ)Z
![Page 74: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/74.jpg)
Smart Cards
74 Nicolas T. Courtois 2006-2009
ISO 7816-3 - Highlights
In particular ATR specifies the comm. capacities: • T=0 or T=1• half[/full] duplex• clock speed• baud rate
![Page 75: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/75.jpg)
Smart Cards
75 Nicolas T. Courtois 2006-2009
ISO 7816-3Communication Protocols Main two: synchronous, half/duplex
– T=0 (byte-oriented, e.g. GSM SIM), – T=1 (block-oriented, e.g. bank cards)
––– T=14 (proprietary for German phone cards)T=14 (proprietary for German phone cards)T=14 (proprietary for German phone cards)Recent developments: • T=2 (block-oriented, full duplex, cf. ISO 10536-4).
••• T=4, expansion of T=0T=4, expansion of T=0T=4, expansion of T=0
••• T=USBT=USBT=USB
![Page 76: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/76.jpg)
Smart Cards
76 Nicolas T. Courtois 2006-2009
T=CL
• T=CL is used for talking to ISO 14443A/B cards with APDUs translated by the reader (totally hides the RF interface from the programmer, the card seems to be a card with contact!)
![Page 77: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/77.jpg)
Smart Cards
77 Nicolas T. Courtois 2006-2009
T=0 or T=1?
Remark: – T=0 (byte-oriented)
• parity bits only
– T=1 (block-oriented) is ‘more modern’. • More error detection too: parity +
each block also has a CRC.
![Page 78: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/78.jpg)
Smart Cards
78 Nicolas T. Courtois 2006-2009
ISO 7816-3
Baud rate:• 1996: 9.6 K bit/sec default, @beginning.• Then: 115 K bits/sec
• Outdated by Axalto patent: USB smart card: – First Axalto USB: 700 K bits/sec– Full-speed USB – up to 12 Mbit/s [since 2005].
• Not USB 2.0., it is just USB 1.0. full-speed.
![Page 79: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/79.jpg)
Smart Cards
79 Nicolas T. Courtois 2006-2009
Example of GSM SIM ATR‘3B894014474732344D35323830’
Decoded:TS= ‘3B’ => direct encodingT0= ’89’= ‘1000’ll’1001’ => TD1 + 9 historical bytes
TD1= ’40’= ‘0010’ll’0000’ => TC2 present and protocol is T=0TC2= ’14’= ‘0001’ll’1110’ => waiting time 14 * 100 msT1…T9: ’47’ll’47’ll’32’ll’34’ll’4D’ll’35’ll’32’ll’38’ll’30’ =>
“GG24M5520” (these are the 9 historical bytes, sort of unique ID of this SIM card)
![Page 80: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/80.jpg)
Smart Cards
80 Nicolas T. Courtois 2006-2009
ATR - More Examples"3B8F8001804F0CA000000306030001000000006A"
=> "Philips MIFARE Standard 1 K and London Oyster card””3B6500009C02020702"
=> “US Department of Defense Common Access Card,Axalto Cyberflex Access 32K V2, Sun Microsystems employee card”
"3B898001006404150102009000EE" => "German e-Passport April 2007",
"3B6D00000031C071D66438D00300849000" => HSBC MasterCard
"3F6525082204689000"
=> "France Telecom card“"3F65250052096A9000"
=> "French carte Vitale", "3BEF00FF8131FE4565631104010280000F274000030100E1"
=> “German Postbank Geldkarte","3FFF9500FF918171A04700444E415350303131205265764230423A"
=> "NagraVision card for StarHub Digital Cable DVB-C Singapore",
![Page 81: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/81.jpg)
Smart Cards
81 Nicolas T. Courtois 2006-2009
Industrial Standards [1B]:=> Other Form Factors
![Page 82: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/82.jpg)
Smart Cards
82 Nicolas T. Courtois 2006-2009
Form Factors and InterfacesUSB interface ISO, [USB], [RF]
ISO, [USB,RFRFRF]
USB Token form factorSIM card form factor
a.k.a. ID-000 credit card form factor, a.k.a. ID-1
3FF - [telecom, not widely used]
ISO, [USB,RFRFRF]
VISA-mini a.k.a. ID-00
ISO, [USB,RFRFRF]
![Page 83: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/83.jpg)
Smart Cards
83 Nicolas T. Courtois 2006-2009
Dimensions
![Page 84: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/84.jpg)
Smart Cards
84 Nicolas T. Courtois 2006-2009
Industrial Standards [1C]:=> Contact-less
![Page 85: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/85.jpg)
Smart Cards
85 Nicolas T. Courtois 2006-2009
Contactless Smart Cards
••• cards with contacts:cards with contacts:cards with contacts:––– ISO 7816ISO 7816ISO 7816---1..31..31..3
• contact-less:– ISO 14443 A-..C [Oyster, e-Passport]– ISO 15693 [NFC]– ISO 18000 [tiny RFIDs]– other…
![Page 86: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/86.jpg)
Smart Cards
86 Nicolas T. Courtois 2006-2009
Two Types of Contactless Communication
• Capacity (electrical field)– Standardized, not widely used
• Needs the reader and the card to close and geometrically aligned.
• RF = electromagnetic waves– Much better:– it is not true that an Oyster card would not be able
to communicate if >5 cm from the reader, but it will typically not have enough power
(drawn from the magnetic field).
![Page 87: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/87.jpg)
Smart Cards
87 Nicolas T. Courtois 2006-2009
Form Factors
key fob
![Page 88: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/88.jpg)
Smart Cards
88 Nicolas T. Courtois 2006-2009
AntennaAntenna
large loop antenna
![Page 89: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/89.jpg)
Smart Cards
89 Nicolas T. Courtois 2006-2009
Embedding the AntennaEmbedding the Antenna• Must be a LARGE coil
• SIM card: must be external (“NFC enabled mobile phone”)
![Page 90: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/90.jpg)
Smart Cards
90 Nicolas T. Courtois 2006-2009
Double/Triple Interface Cards
E.g. corporate badge– Functionalities:
• Enter doors, • PC log-in, • PGP decrypt and sign
– Adopted worldwide, e.g. U.S. Army
ISO, USB, RF
ISO, RF
![Page 91: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/91.jpg)
Smart Cards
91 Nicolas T. Courtois 2006-2009
Contactless InterfaceContactless Interface
• ISO 14443 (Oyster, e-Passport)• ISO 15693 (NFC)• ISO 18000 (tiny RFIDs)
![Page 92: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/92.jpg)
Smart Cards
92 Nicolas T. Courtois 2006-2009
ComparisonComparison
![Page 93: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/93.jpg)
Smart Cards
93 Nicolas T. Courtois 2006-2009
• UHF 860 - 915 -… MHz (EPC)– Pros: large range, simple antenna
design, cheap, – Cons: bad penetration of water and
organic fabric
• 100-135 kHz, ISO 11784/85– Pros: penetrates water and organic
fabric, relatively insensitive to metallic objects
– Cons: low transmission speed, wire coil antenna, cannot be printed
• 13.56 MHz, ISO 15693, ISO 14443A,B– Pros: faster communication (26 kBit/s), – Cons: high absorption by metallic
environment, few cm range, or a large antenna needed
****Pros and Cons of Different RFID Technologies****Pros and Cons of Different RFID Technologies
![Page 94: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/94.jpg)
Smart Cards
94 Nicolas T. Courtois 2006-2009
• UHF 860 - 915 MHz (EPC)– UCode HSL/EPC, – EM 4222/4223, – EM 4442/4444
• 100-135 kHz, ISO 11784/85– HITAG,– HID Prox,– EM 4102/01,...
• 13.56 MHz, ISO 15693, ISO 14443A,B– MIFARE,– LEGIC,– iCode,– HID iClass,...
****Some Products on the Market****Some Products on the Market
![Page 95: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/95.jpg)
Smart Cards
95 Nicolas T. Courtois 2006-2009
*Visual Security
![Page 96: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/96.jpg)
Smart Cards
96 Nicolas T. Courtois 2006-2009
Secure Printing [Source: Oberthur]
![Page 97: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/97.jpg)
Smart Cards
97 Nicolas T. Courtois 2006-2009
***more details…
![Page 98: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/98.jpg)
Smart Cards
98 Nicolas T. Courtois 2006-2009
***more details…
Different on each card:
![Page 99: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/99.jpg)
Smart Cards
99 Nicolas T. Courtois 2006-2009
Low-Level and Physical Security
![Page 100: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/100.jpg)
Smart Cards
100 Nicolas T. Courtois 2006-2009
Main Function of a Main Function of a Main Function of a Smart Cards ==== to be = to be = to be “““a a a secure hardware devicehardware devicehardware device”””...
1.1.1. ”””intelligentintelligentintelligent””” (Smart): the card (Smart): the card (Smart): the card ––– handles computations (e.g. crypto)handles computations (e.g. crypto)handles computations (e.g. crypto)––– manages data (OS, file system, access rights)manages data (OS, file system, access rights)manages data (OS, file system, access rights)––– takes informed security decisions (takes informed security decisions (takes informed security decisions (………block itself !)block itself !)block itself !)
2. Hopefully ”unbreakable” : nobody can know/modify what is inside.
USB interface ISO, [USB], [RF]
ISO, [USB]
USB Token form factorSIM card form factor
credit card form factor
![Page 101: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/101.jpg)
Smart Cards
101 Nicolas T. Courtois 2006-2009
Remark:
There is no defense against an adversary that has several millions of €…
![Page 102: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/102.jpg)
Smart Cards
102 Nicolas T. Courtois 2006-2009
Removing the Chip
![Page 103: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/103.jpg)
Smart Cards
103 Nicolas T. Courtois 2006-2009
Making the Chip Harder to Extract:
Oberthur Potting™ claims:• improves durability [harder to break] • any attempt to remove the module from the card would
result in totally destroying it
![Page 104: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/104.jpg)
Smart Cards
104 Nicolas T. Courtois 2006-2009
Reverse Engineering
![Page 105: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/105.jpg)
Smart Cards
105 Nicolas T. Courtois 2006-2009
Open-source � Closed-source
Industry: competition � cooperation
Standards
�
Industrial/commercial/trade/security secrets
![Page 106: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/106.jpg)
Smart Cards
106 Nicolas T. Courtois 2006-2009
*Open Source vs. Closed Source
![Page 107: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/107.jpg)
Smart Cards
107 Nicolas T. Courtois 2006-2009
Kerckhoffs Principle
Dutch cryptologist, wrote his book in French.
In June 2006 Dutch researchers De Gans et all, have published several cloning attacks on MiFare Classic chips [London Oyster card + 200 M other].
[first cloning attack: Courtois, Nohl and O’Neil, April 2008].
![Page 108: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/108.jpg)
Smart Cards
108 Nicolas T. Courtois 2006-2009
Kerckhoffs principle: [1883]
“The system must remain secure should it fall in enemy hands …”
![Page 109: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/109.jpg)
Smart Cards
109 Nicolas T. Courtois 2006-2009
*Remark:
Smart Cards:
They are already in ‘enemy’ hands
- even more for RFID…
![Page 110: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/110.jpg)
Smart Cards
110 Nicolas T. Courtois 2006-2009
Kerckhoffs’ principle: [1883]
Most of the time: incorrectly understood. Utopia. Who can force companies to publish their specs???Who can force companies to publish their specs???Who can force companies to publish their specs???
No obligation to disclose.
• Security when disclosed.• Better security when not disclosed???
![Page 111: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/111.jpg)
Smart Cards
111 Nicolas T. Courtois 2006-2009
Yes (1,2,3):
1. Military: layer the defences.
![Page 112: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/112.jpg)
Smart Cards
112 Nicolas T. Courtois 2006-2009
Yes (2):
2) Basic economics:
these 3 extra months(and not more �)
are simply worth a a lot of money.
![Page 113: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/113.jpg)
Smart Cards
113 Nicolas T. Courtois 2006-2009
Yes (3):
3) Prevent the erosion of profitability
/ barriers for entry for competitors / “inimitability”
![Page 114: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/114.jpg)
Smart Cards
114 Nicolas T. Courtois 2006-2009
Kerckhoffs principle is kind of WRONG in the world of smart cards
Reasons: • side channel attacks are HARD and COSTLY to
prevent when the algo is known• in some applications, for example Pay TV the
system is broken immediately when the cryptographic algorithms are public.
![Page 115: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/115.jpg)
Smart Cards
115 Nicolas T. Courtois 2006-2009
*Silicon Hacking
![Page 116: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/116.jpg)
Smart Cards
116 Nicolas T. Courtois 2006-2009
Tarnovsky Lab
Only few thousands of dollars of equipment
![Page 117: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/117.jpg)
Smart Cards
117 Nicolas T. Courtois 2006-2009
Tarnovsky (and Other Professional Chip Hackers)
Few thousands of dollars of equipment• Surface polishing• HydroBromic acid to eat away the passivation layers• A microscope for pictures:
– the successive layers of silicon are revealed with acids and lasers
• Doping guns to cut/add traces to a working IC• Stinger: bypassing the protections with long microscopic needles.
![Page 118: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/118.jpg)
Smart Cards
118 Nicolas T. Courtois 2006-2009
More Expensive:
• Atomic Force Microscope(20 K€ - 1 M€)
• FIB device (Focused Ion Beam, 0.5 M€)Canal+ Technologies Lab
![Page 119: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/119.jpg)
Smart Cards
119 Nicolas T. Courtois 2006-2009
FIB:Example resolution: 10 nm Classical applications: failure analysis of ICC
But also: circuit modification:• Local material removal:
– cutting metal lines, milling, gas enhanced etching
• Local rebuilding/rewiring of the device– new metal interconnects
– new insulating layers
• Fine tuning of analog components: decrease/increase R or C…
• Reading (electron image)• Art: writing on the nm scale:
![Page 120: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/120.jpg)
Smart Cards
120 Nicolas T. Courtois 2006-2009
Can Do Anything?
In theory a FIB does anything. Including read/write memory?
But only in theory.
Not so easy: • The IC has many layers (!)• Security is hidden in inner layers(!)• Can you do many operations reliably enough
to achieve your goal?
![Page 121: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/121.jpg)
Smart Cards
121 Nicolas T. Courtois 2006-2009
Reverse Engineering
![Page 122: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/122.jpg)
Smart Cards
122 Nicolas T. Courtois 2006-2009
Clear and Present Danger:
Reverse engineering is NOT that hard.No no need for a FIB device
(Focused Ion Beam, 0.5 M€).
A few thousand dollars microscope will suffice.
![Page 123: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/123.jpg)
Smart Cards
123 Nicolas T. Courtois 2006-2009
Reverse Engineering MiFare [Nohl, Plotz, 2007]
![Page 124: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/124.jpg)
Smart Cards
124 Nicolas T. Courtois 2006-2009
Hardware Defences
![Page 125: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/125.jpg)
Smart Cards
125 Nicolas T. Courtois 2006-2009
Hardware Countermeasures:
Make the life of the hacker much harder.
Financial sector requirements:• attacks should cost more than
say 25 K$ per card…
![Page 126: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/126.jpg)
Smart Cards
126 Nicolas T. Courtois 2006-2009
Functionality + Security
![Page 127: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/127.jpg)
Smart Cards
127 Nicolas T. Courtois 2006-2009
Hardware Countermeasures
Detection:• Detect under/over-clocking (stop the clock, read the (stop the clock, read the (stop the clock, read the
RAM)RAM)RAM)
• Random instructions, and Random Wait States [e.g. Infineon SLE66].
• Detect low/high voltage [<2.3 V or >6.3 V].• Glitch/spike detect• Detect UVs, light, alpha particles, high/low
temp etc.
![Page 128: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/128.jpg)
Smart Cards
128 Nicolas T. Courtois 2006-2009
Intrusion Detection
![Page 129: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/129.jpg)
Smart Cards
129 Nicolas T. Courtois 2006-2009
More Hardware Countermeasures1. Shield/coating.
– Detect if “passivation layer” was removed. • R/C measurements.
2. Metallic layer: screens for charges/radiation.
– Needed and monitored:• R/C measurements.
3. Active shields=detect tampering with.– Mesh of wires: prevents probing, attacks with a laser
cutter, etc.
4. Detection + Destruction???
![Page 130: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/130.jpg)
Smart Cards
130 Nicolas T. Courtois 2006-2009
Active Shield
Source:Infineon. Problem: back side attacks.Problem: back side attacks.Problem: back side attacks.
![Page 131: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/131.jpg)
Smart Cards
131 Nicolas T. Courtois 2006-2009
**Intrusion Detection on PEDs (Pin Entry Device)
Anderson et al. UCAM-CL-TR-711
2/2008this way
not this way…
works!
![Page 132: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/132.jpg)
Smart Cards
132 Nicolas T. Courtois 2006-2009
More Hardware Countermeasures
4. Detection + Destruction??? – Chemical traps: SiShell [Axalto patent].
![Page 133: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/133.jpg)
Smart Cards
133 Nicolas T. Courtois 2006-2009
**** Related Example• UK Military Laptop LT-450 (Termite)• A laptop + hardware crypto module
– secret algo!– secret key
• Has tamper switches: – the key and the algo will be deleted
• Manual destruction: • press two buttons at the same time• mechanism works also
when PC is switched off and does not need the battery
![Page 134: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/134.jpg)
Smart Cards
134 Nicolas T. Courtois 2006-2009
***Example Closer to Smart Cards2006
![Page 135: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/135.jpg)
Smart Cards
135 Nicolas T. Courtois 2006-2009
Design Obfuscation• Restricted circulation of specs.• Non-standard instruction set. • Custom crypto algorithms.• ROM and busses in lower layers of silicon.
– Only “ion-implanted ROM” is used, not visible with UV light.
• Scrambling the data busses.– in each chip different lines, on certain chips the busses location changes during the execution of the code.
• Dummy structures in silicon.• Duplication• Symmetry -> same power consumption.• Memory Obfuscation:
– Encrypt the memory addresses.– Encrypt the memory data.
![Page 136: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/136.jpg)
Smart Cards
136 Nicolas T. Courtois 2006-2009
Robustness and RedundancyGoals:• Avoid perturbation at logical level:
– Control bits, error correcting– Dual logic, also protects against power attacks.
• Detect perturbation at the OS and software level and block the card…– Data checksums, – Redo DES twice, – Etc..
Security of file system and OS: later.
![Page 137: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/137.jpg)
Smart Cards
137 Nicolas T. Courtois 2006-2009
More and Higher-Level Security Countermeasures
![Page 138: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/138.jpg)
Smart Cards
138 Nicolas T. Courtois 2006-2009
Motivation:
Most Bank Cards have a PIN verification function.
PIN
Y/Nnot authenticated except in EMV DDA cards
not encrypted except in some EMV DDA cards
![Page 139: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/139.jpg)
Smart Cards
139 Nicolas T. Courtois 2006-2009
Critical Bits and Pieces
• Example: PIN verification.• Can be implemented in asynchronous logic
[dedicated transistors/gates]– much lower power consumption, – in a lower layer and much harder to localize– requires a dedicated hardware attack
• as apposed to a generic attack on CPU registers, busses, loading to memory, etc..
![Page 140: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/140.jpg)
Smart Cards
140 Nicolas T. Courtois 2006-2009
PIN code – Simple Hacker Attack [1992]
• Enter the PIN with a home terminal.• “Listen to” card radiation/power consumption to
detect early in time that it was wrong.• Switch the voltage off very quickly.
Solution?
![Page 141: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/141.jpg)
Smart Cards
141 Nicolas T. Courtois 2006-2009
PIN code – Simple Hacker Attack [1992]
••• Enter the PIN with a home terminal.Enter the PIN with a home terminal.Enter the PIN with a home terminal.
••• “““Listen toListen toListen to””” card radiation/power consumption to card radiation/power consumption to card radiation/power consumption to detect early in time that it was wrong.detect early in time that it was wrong.detect early in time that it was wrong.
••• Switch the voltage off very quickly.Switch the voltage off very quickly.Switch the voltage off very quickly.
Countermeasure [used in all bank cards]:• Increment the ratification counter first• Check the PIN• The decrement it(!).
![Page 142: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/142.jpg)
Smart Cards
142 Nicolas T. Courtois 2006-2009
Increment First? Slight Problem
• this could not be done, the first French bank card B0 had no NVM!
• They used an array of 480 bits, – where at each PIN verification attempt, a bit
would be irreversibly changed (EEEPROM).– after 480 (right or wrong) attempts, the card
would stop working
––– also they had a limited history 768 bytes, 4 bytes also they had a limited history 768 bytes, 4 bytes also they had a limited history 768 bytes, 4 bytes per transaction, 2 transactions/week.per transaction, 2 transactions/week.per transaction, 2 transactions/week.
![Page 143: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/143.jpg)
Smart Cards
143 Nicolas T. Courtois 2006-2009
Timing Attack on PINs
[old, worked before c. 1990]• Bad programming: compare PIN digits one
after one, if first is incorrect, abort! • Good programming: write a program such
that the execution time is constant.
![Page 144: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/144.jpg)
Smart Cards
144 Nicolas T. Courtois 2006-2009
PINs and Keys – Storage in RAM
• E2PROM of the smart card: assume addresses and data are encrypted.
Attack 1: read it (assume it’s possible)• Solution 1: store h(PIN)?
– Attack 2: dictionary attack.
• Solution 2A: store R, h(PIN,UID,R)• Solution 2B: store R, E_K(PIN,R)
where K is a key specific to this card only
![Page 145: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/145.jpg)
Smart Cards
145 Nicolas T. Courtois 2006-2009
Protocol/Software Countermeasures
• Typically, the chaining of commands is strictly controlled. Each command can be issued only once, and in a certain order. – Assured by a finite state machine.– Example: don’t accept commands in clear-text
once secure messaging is established.
• The spec should not allow buffer overflows.
![Page 146: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/146.jpg)
Smart Cards
146 Nicolas T. Courtois 2006-2009
***Example: Conformity Test
The test verifies the enforcement of Secure Messaging:
Afterwards the chip denies to send data in an unencrypted way and answers with 6X XX (error).
Not enough: make sure that the same error code is sent in the same situation!
![Page 147: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/147.jpg)
Smart Cards
147 Nicolas T. Courtois 2006-2009
Example:
Eric Poll [Nijmegen] Attacks on e-passports.Send various ISO commands, observe the error messages:
![Page 148: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/148.jpg)
Smart Cards
148 Nicolas T. Courtois 2006-2009
Clone Attacks
![Page 149: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/149.jpg)
Smart Cards
149 Nicolas T. Courtois 2006-2009
More Hardware Countermeasures
• Unique serial number– Written in WORM (Write Once Read Many)
a.k.a. OTP (One Time Programmable). – Example: Oyster card UID=32 bits Benefits are:⇒ clones harder to make⇒ and can blacklist clones⇒ tracing of each card⇒ card-dependent memory encryption, hashing and RNG
![Page 150: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/150.jpg)
Smart Cards
150 Nicolas T. Courtois 2006-2009
Threats (1.)Assume that we have all the data. Clone the card? 1. Card Emulation on a card – defenses:
• unique ID, cards that can be personalized not available => • requires a special re-programmable card,
• or a pirate emulator
-speed, +size, +cost, etc.
![Page 151: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/151.jpg)
Smart Cards
151 Nicolas T. Courtois 2006-2009
Threats (2.):Assume that we have all the data. Clone the card? 1. Card Emulation on a card ???2. Card Emulation on a PC!
![Page 152: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/152.jpg)
Smart Cards
152 Nicolas T. Courtois 2006-2009
Threat 3. Relay AttackLow-tech, always works!
No Need to Break Anything !!!
![Page 153: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/153.jpg)
Smart Cards
153 Nicolas T. Courtois 2006-2009
Has Been Done…
![Page 154: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/154.jpg)
Smart Cards
154 Nicolas T. Courtois 2006-2009
Economics Aspects
![Page 155: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/155.jpg)
Smart Cards
155 Nicolas T. Courtois 2006-2009
*Cost of Some Attacks [source: RFI Global]
![Page 156: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/156.jpg)
Smart Cards
156 Nicolas T. Courtois 2006-2009
*Cost of Fault Attacks [source: ST]
![Page 157: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/157.jpg)
Smart Cards
157 Nicolas T. Courtois 2006-2009
Security Management -the Development Process
![Page 158: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/158.jpg)
Smart Cards
158 Nicolas T. Courtois 2006-2009
Secure Hardware Dev. Management[In smart cards] one design criterion differs from the criteria used
for standard chips but is nonetheless very important is that absolutely no undocumented mechanisms or functions must be present in the chip ('that's not a bug, that's a feature').
Since they are not documented, they can be unintentionally overlooked during the hardware evaluation and possibly be used later for attacks.
The use of such undocumented features is thus strictly prohibited[...]
[pages 518-519 in the Smart Card handbook by Wolfgang Rankl and Wolfgang Effing, 1088 pages, Wiley, absolute reference in the industry]
![Page 159: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/159.jpg)
Smart Cards
159 Nicolas T. Courtois 2006-2009
Testing• White-box tests are prohibited, no debugging commands
must be left in the hard-mask and soft-mask. • Tests must be black-box tests and test suites include
scanning for hidden [debugging] commands.
![Page 160: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/160.jpg)
Smart Cards
160 Nicolas T. Courtois 2006-2009
Application Development ManagementGoals:• Avoid backdoors, Trojans, covert channels, bugs
etc.• Kleptography: techniques to leak keys to the
attacker, • form of perfect crime.
Means:• Segregation of duties [Lipner 1982].• Monitoring.
![Page 161: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/161.jpg)
Smart Cards
161 Nicolas T. Courtois 2006-2009
Segregation of Duties
• Never one developer works alone on an application.
• he knows only some parts of the spec (partial secrecy, “need to know”).
• Some critical security mechanisms can be distributed: part in hard mask(ROM), part in soft mask, harder to know both…– the chip manufacturer does NOT have the full
spec either.
![Page 162: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/162.jpg)
Smart Cards
162 Nicolas T. Courtois 2006-2009
Monitoring / Checks and Balances• Internal quality and security audits within each company.• The entire source code is frequently inspected by an
independent company: – government agency [such as GCHQ] or – an evaluation (or hacker) lab [such as CEA-LETI]
• mandated and paid by the customer [to avoid conflicts of interests].
• Some countries have a process to evaluate these labs (they have to prove that they can break smart cards as well as other people do).
• External security audits (mandated by a customer: for example a large bank).
![Page 163: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/163.jpg)
Smart Cards
163 Nicolas T. Courtois 2006-2009
File System
![Page 164: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/164.jpg)
Smart Cards
164 Nicolas T. Courtois 2006-2009
Data in smart cardsThink about sequences of bytes.BER-TLV conventions [ISO 8825]
T – Tag, for example “90” in hex.L – 1 or 3 bytes. Let L[0] be the first byte
MSB(L[0])=0, L[0] = length 0-127,MSB(L[0])=1, L[1-2] = length 0..65535
V – value, a string bytes.
TLV objects can be nested !
![Page 165: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/165.jpg)
Smart Cards
165 Nicolas T. Courtois 2006-2009
ISO 7816-6
Specifies how to encode different data elements as BER-TLV objects,
For example:• Name of the credit card holder• Expiration date• Etc.
![Page 166: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/166.jpg)
Smart Cards
166 Nicolas T. Courtois 2006-2009
ISO 7816-4
File names FID: • 2 bytes• example: ‘3F 00’
Short file names (SFID): – 5 bits, 1..30, used as
a parameter in certain commands
![Page 167: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/167.jpg)
Smart Cards
167 Nicolas T. Courtois 2006-2009
ISO 7816-4
• MF: Master File(root directory “3F00”)
• DF: Dedicated Files(directories+some data)
• EF: Elementary Files(data files)
![Page 168: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/168.jpg)
Smart Cards
168 Nicolas T. Courtois 2006-2009
Elementary Files
EF: Elementary FilesNot all files are visible for applications(!)
– Internal EF: card private files, card O.S. only can see them
– Working EF: data accessible to applications that communicate with the external world.
![Page 169: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/169.jpg)
Smart Cards
169 Nicolas T. Courtois 2006-2009
Example: GSM Card [incomplete picture](cf. 3GPP TS 51.011
standard)
![Page 170: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/170.jpg)
Smart Cards
170 Nicolas T. Courtois 2006-2009
Some Directories in a GSM CardImportant directories:
• root directory : 3F 00
• DFGSM = 7F 20
• DFTELECOM = 7F 10.
First byte: • '3F': Master File;
• '7F': 1st level Dedicated File
• '5F': 2nd level Dedicated File
• '2F': Elementary File under the Master File
• '6F': Elementary File under a 1st level Dedicated File
• '4F': Elementary File under 2nd level Dedicated File
![Page 171: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/171.jpg)
Smart Cards
171 Nicolas T. Courtois 2006-2009
ISO 7816-4 – Files (EFs)
4 types
like RAM, or a string of bytes
“records”, with specific instructions and applications…
![Page 172: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/172.jpg)
Smart Cards
172 Nicolas T. Courtois 2006-2009
2 Types of Fixed-Size Entry Records
2 types of records:
• Linear Fixed file– Like a list
• Cyclic Fixed file: – Motivation:
• fixed E2PROM size, scarcity
– Applications: • Bank card history
– e.g.150 last transactions
• all SMS sent/received• etc..
Record 1
Record n
Record 2
.
.Body
Structure of a linear fixed file
Header
Record n-1
Record n-2
Record n
Record 1
Record 2..
Body
Last updated record
Structure of a cyclic file EN726-3
Oldest record
Header
![Page 173: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/173.jpg)
Smart Cards
173 Nicolas T. Courtois 2006-2009
GSM Card: Some Files Inside DFGSM• EFIMSI (6F07)• Le fichier EFLOCI (6F7E) contains TMSI, LAI etc.• EFLP(Language preference)• EFKc = Ciphering key Kc + sequence number• EFSST (6F38) = SIM service table = 1byte = [s1present, s1active, …]
= ‘services’ present/not active/not in this card, these are:– Service n°1 : disable user’s PIN == CHV1
– Service n°2 : Abbreviated Dialing Numbers (ADN)– Service n°3 : Fixed Dialing Numbers (FDN)– Service n°4 : Short Message Storage (SMS)
• EFACM = Accumulated Call Meter, in units• EFMSISDN = the subscriber’s MSISDN.• etc..
present inDFTELECOM
![Page 174: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/174.jpg)
Smart Cards
174 Nicolas T. Courtois 2006-2009
Some Files Inside DFTELECOMThis directory is protected by PIN(!)
• EFADN(6F3A) your short phone directory (10 entries),• EFFDN(6F3B) your phone directory• EFSMS(6F3C) all the SMS received and sent, cyclic file
Record n-1
Record n-2
Record n
Record 1
Record 2..
Body
Last updated record
Structure of a cyclic file EN726-3
Oldest record
Header
![Page 175: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/175.jpg)
Smart Cards
175 Nicolas T. Courtois 2006-2009
File Access and Access Conditions
![Page 176: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/176.jpg)
Smart Cards
176 Nicolas T. Courtois 2006-2009
Accessing Files: SELECT FILE – FCI/90 00General philosophy: Almost always one must select a file before any operation on it… (MF is
selected at the start)• SELECT FILE + params• Response: either:
– 90 00
– FCI = File Control Info = status of the file selected, • exact spec [attributes and their encoding]: depends on the smart card, e.g. GSM.
• STATUS command (C0 F2) - GSM specific: – allows to know (to avoid confusion) what file was selected with the last
SELECT command.
![Page 177: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/177.jpg)
Smart Cards
177 Nicolas T. Courtois 2006-2009
VariantsThere are MANY methods to address a file with SELECT FILE:• by 2 bytes FID (for MF, DF and EF)
– 0_ A4 00 …• By DF name or AID (for DF only or an application)
– 0_ A4 04 …– 0_ A4 02 …
• by absolute path from MF– 0_ A4 08 …
• by a relative path from current DF– 0_ A4 09 …
••• Switch to higher level DF? (equiv to ../ in PC OS)Switch to higher level DF? (equiv to ../ in PC OS)Switch to higher level DF? (equiv to ../ in PC OS)
••• ……… another DF when partial AID is transferred?another DF when partial AID is transferred?another DF when partial AID is transferred?
![Page 178: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/178.jpg)
Smart Cards
178 Nicolas T. Courtois 2006-2009
Examples: SELECT FILE1. Example of a SELECT FILE with FID and FCI, for a GSM card:
• Command: C0 A4 00 00 02 6F 07
• Response: This command returns the FCI.
2. Example of a SELECT FILE with AID and no FCI (widely used for accessing files AND applications by their unique identifier):
• Command: 00 A4 02 00 05 [AID]
empty params.SELECT FILE
GSM cardlength + FID == file identifier on 2 bytes‘6F 07’ = IMSI file of this SIM card
specific params.SELECT FILEISO command
length + AID, if no ambiguity, a prefix of a valid AID can also be accepted
![Page 179: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/179.jpg)
Smart Cards
179 Nicolas T. Courtois 2006-2009
FCI and Access Conditions for EF files
![Page 180: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/180.jpg)
Smart Cards
180 Nicolas T. Courtois 2006-2009
Status of EF Files
SELECT FILE command for an EF file =>returns:
1. an error command:• 62 83 – file deactivated• 64 00 – execution error
• 6A 81 – function not supported• 6A 82 – file not found• etc..
OR2. an FCI (File Control Information) + 90 00(each EF file in a card has specified access conditions):
![Page 181: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/181.jpg)
Smart Cards
181 Nicolas T. Courtois 2006-2009
FCI (File Control Information) for EF files
May contain (examples, mostly optional)• “80”+2 bytes: size of the file• “82” + 2 bytes: file descriptors, e.g.
– shareable/not – type of file: DF/working EF/internal EF– EF structure
• “83” + 2: file identifier.• “84” + 1-16: DF name.• “86” + security attributes (proprietary coding).• etc..
![Page 182: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/182.jpg)
Smart Cards
182 Nicolas T. Courtois 2006-2009
*FCI Attributes [contd.]• “86” + security attributes (proprietary coding).Files can be:• WORM (Write Once, Read Many times)
– implemented in hardware or software
• EDC (Error Detection Code)• atomic write access
– Security: must written entirely or not at all (!!!)
• multiple storage attribute– for frequently used files in the card, ‘wear-level’ usage of E2PROM
• data transfer selection attribute– on dual-contact cards, to make file accessible only via contact or
contact-less interface
![Page 183: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/183.jpg)
Smart Cards
183 Nicolas T. Courtois 2006-2009
Examples of FCINot 100% compatible, depends on products…• 6F 07 80 02 00 58 82 01 01 90 00
– EF with transparent structure, file size: 88 (0x0058)
Example of GSM FCI (22 bytes = 0x16):• 00 00 00 01 7F 20 02 00 00 00 00 00 09 91 00 11 08 00 83 8A 83 8A
Can be decoded according to GSM spec: Can be decoded according to GSM spec: Can be decoded according to GSM spec: ••• ………••• Byte 14: The most significant bits of is 0 if an only if PIN1 isByte 14: The most significant bits of is 0 if an only if PIN1 isByte 14: The most significant bits of is 0 if an only if PIN1 is disabled.disabled.disabled.••• ………••• Byte 19 = is the "CHV1 statusByte 19 = is the "CHV1 statusByte 19 = is the "CHV1 status“““. . .
––– Typically the value of this byte is '83' where 8 means that the Typically the value of this byte is '83' where 8 means that the Typically the value of this byte is '83' where 8 means that the PIN1 has been PIN1 has been PIN1 has been initialized, and that there are 3 cardholder verification attempinitialized, and that there are 3 cardholder verification attempinitialized, and that there are 3 cardholder verification attempts left for this ts left for this ts left for this PIN.PIN.PIN.
![Page 184: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/184.jpg)
Smart Cards
184 Nicolas T. Courtois 2006-2009
Files Security Status
![Page 185: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/185.jpg)
Smart Cards
185 Nicolas T. Courtois 2006-2009
Security of Files in Directories“Security status” of a file results from the sequence of commands
performed (e.g. authentication of entities) and their results. It can be:• Global: may be modified after a completion of a certain authentication
command (or other secure functionality), • Examples (studied later):
» VERIFY + PIN, » GET CHALLENGE + EXTERNAL AUTHENTICATE)» only if the commands are embedded inside SECURE MESSAGING channel (normal APDUs
with encryption AND authentication with a MAC)
• a secret key/value stored in the MF is used to perform this cryptographic command.
• Directory-specific, • then the key/PIN used is stored in the same DF.
• File-specific (EF).• Command-specific and ephemeral.
Example:
![Page 186: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/186.jpg)
Smart Cards
186 Nicolas T. Courtois 2006-2009
Security of Files in DirectoriesExample: Access conditions for a given file or directory
+ given access mode (e.g. WRITE):
• PRO: An external command can write a file if the MAC of this command is valid. • AUT: File accessible R/W if the terminal authentication have been done before.• CHV: This file can be read if the user have entered the Pin and if it was correct.
••• CHV2: The same with the second PIN (exists in GSM).CHV2: The same with the second PIN (exists in GSM).CHV2: The same with the second PIN (exists in GSM).
••• ADM: requires the admin code number (up to 14 exist in GSM, TelcADM: requires the admin code number (up to 14 exist in GSM, TelcADM: requires the admin code number (up to 14 exist in GSM, Telcooo’’’s access)s access)s access)• NEV (access to some files can be disabled forever)
• ALW (always), public access (at least in this mode, e.g. READ).• Other conditions may exist in a specific card…
![Page 187: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/187.jpg)
Smart Cards
187 Nicolas T. Courtois 2006-2009
Security and Access to Files:
Example [root directory]:
![Page 188: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/188.jpg)
Smart Cards
188 Nicolas T. Courtois 2006-2009
MACs = “Secret-Key Signatures”
MAC algorithm
m
sk(secret key)
MAC algorithm
sk(secret key)
σ
(m,σ)
yes/no
forgery
![Page 189: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/189.jpg)
Smart Cards
189 Nicolas T. Courtois 2006-2009
MAC = secret key “signature”Several methods: CBC-MAC, C-MAC, Retail-MAC, etc.
Based on symmetric encryption algorithms such as DES, AES.
ICV
C-MACwith chaining ICV=last MAC
this MAC guarantees the
order of commands too!
(cannot add, cannot remove except at the end)
![Page 190: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/190.jpg)
Smart Cards
190 Nicolas T. Courtois 2006-2009
MAC and IVImportant:• Never use a random IV in a MAC.
– IV = 0 is a safe choice. – Or another constant.– Do use random IVs in encryption.
• Exception to this rule: – In many smart card products MACS are chained: – ICV = last MAC computed by the card/reader, prevents changing the
order of commands or dropping commands etc.••• together with random numbers (nonces) also prevents full reply otogether with random numbers (nonces) also prevents full reply otogether with random numbers (nonces) also prevents full reply of a full f a full f a full
transaction flow.transaction flow.transaction flow.
![Page 191: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/191.jpg)
Smart Cards
191 Nicolas T. Courtois 2006-2009
*Example – how a card will enter mode PRO:Terminal Card
ASK RANDOMcommand
Challengegeneration
(T)DEScalculation
Challenge
PRO key
Cryptogram
PRO command
OK?
Compare thecryptograms
Delete flag randompresent
Data + cryptogram
EF key
PRO Key
Challenge
PRO mode OK
Bad Authentication
N
Y
(T)DEScalculation
Data tosent
Data
Receivedbytes
Data
ReceivedCryptogram
Decreaseratification counter
Reset ratificationcounter if needed
![Page 192: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/192.jpg)
Smart Cards
192 Nicolas T. Courtois 2006-2009
*Example – entering mode AUT:
Terminal Card
ASK RANDOMcommand
Challengegeneration
(T)DEScalculationAUT mode
Challenge
TerminalKey
(T)DEScalculationAUT mode
Certificate
EXTERNALAUTHENTICATE
command
Compare thecryptograms
Delete flag randompresent
Cryptogram
EF keyKey number
+Cryptogram
Card Key
Receivedbytes
Keynumber
OK?
Authenticationsuccessful
Bad Authentication
N
Y
Decreaseratification counter
Reset ratificationcounter if needed
![Page 193: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/193.jpg)
Smart Cards
193 Nicolas T. Courtois 2006-2009
Commands (APDUs)
![Page 194: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/194.jpg)
Smart Cards
194 Nicolas T. Courtois 2006-2009
Commands - ISO 7816-4APDU = Application Protocol Data Unit
Master-slave principle. Half-duplex. • The card never starts anything.
![Page 195: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/195.jpg)
Smart Cards
195 Nicolas T. Courtois 2006-2009
ISO 7816-4APDU = Application Protocol Data Unit
CLA = 1 byte, identifies the applicationINS = 1 byte, instruction codeLc = size of data, 1 or 3 bytes
Le = size of the expected answer, 1 or 3 bytes.
![Page 196: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/196.jpg)
Smart Cards
196 Nicolas T. Courtois 2006-2009
CLA byte and ‘Logical Channels’
CLA is 1 byte that:
• identifies the application – so remains constant (though 1 application can have several ‘channels’),
• is an indication to what extent the command and the response complies with ISO 7816-4– Examples: ‘0X’ standard ISO, ‘A0’ in GSM,
‘80’ e-purse EN1546-3, ‘BC’ old EMV bank cards, ‘80’ and ‘84’: EMV bank cards ‘8X’: proprietary commands
CLA=‘0X’, 48X’ and ‘9X’, ‘AX’ use so called ‘logical channels’: • Let X=b4b3b2b1
– b4 b3 indicate if Secure Messaging is used and if the command header is also authenticated
– b1 b2 indicate the number of logical channel 0..3• Application: concurrent communication with multiple applications (or concurrent
execution of multiple tasks). Example: mobile phone talking to phone book another application [can be Java] stored on the SIM card.
![Page 197: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/197.jpg)
Smart Cards
197 Nicolas T. Courtois 2006-2009
Command APDUs
Lc = size of data, 1 or 3 bytes
Le = size of the expected answer, 1-3 bytes.
4 cases
![Page 198: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/198.jpg)
Smart Cards
198 Nicolas T. Courtois 2006-2009
C-APDU INS ExamplesWhen CLA=0X0E2070828488A4B0B2C0C2CAD0D2D6DADCE2
Erase Binary Verify Manage Channel External AuthenticateGet Challenge Internal AuthenticateSelect File Read Binary Read Record(s) Get Response Envelope Get Data Write Binary Write Record Update Binary Put Data Update Record Append Record
![Page 199: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/199.jpg)
Smart Cards
199 Nicolas T. Courtois 2006-2009
Response = R-APDUResponse structure:
• SW1: 90=completed/OK with warning/error during exec/checking error;?NVM changed[63,65]
• SW2: error number
90 00 = All OK
![Page 200: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/200.jpg)
Smart Cards
200 Nicolas T. Courtois 2006-2009
IMPORTANT:In many cases, and in all cases where the size
of the answer is not known in advance,The response is NOT given,
the terminal must ask for it (another C-APDU).
Example (for a bank card):
![Page 201: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/201.jpg)
Smart Cards
201 Nicolas T. Courtois 2006-2009
5 Possible Cases:Case 1: No input data/no output data
Case 2: No input data/Output size known in advance:
Case 3: No input data/Output size not known:
![Page 202: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/202.jpg)
Smart Cards
202 Nicolas T. Courtois 2006-2009
Case 3: 2 x C-APDU, 2 x R-APDU:Card
ACK = 9000
2 status bytes
ACK = 9000
Data
2 status bytes
TerminalCommand APDU
Data
Request the Answer APDU
wait for completion
wait for completion
![Page 203: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/203.jpg)
Smart Cards
203 Nicolas T. Courtois 2006-2009
[…] 5 Possible Cases
Case 4: Input data/no output:
Case 5: Input data/Output size known or unknown:
![Page 204: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/204.jpg)
Smart Cards
204 Nicolas T. Courtois 2006-2009
Standard Cross-IndustryCommands
![Page 205: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/205.jpg)
Smart Cards
205 Nicolas T. Courtois 2006-2009
ISO 7816-4 Inter-industry Commands
For transparent linear files: • READ BINARY• WRITE BINARY* • UPDATE BINARY = real WRITE• ERASE BINARY• SEARCH BINARY
**VERY SPECIAL:VERY SPECIAL:as Eas E22PROM isPROM is10001000times times slowerslowerto writeto write than RAM, than RAM, and it is the change from and it is the change from
00→→1 that is slow (requires 1 that is slow (requires erasing)erasing)
Thus the command WRITE Thus the command WRITE performs a logical AND performs a logical AND
with the current file with the current file content!!!!content!!!!
![Page 206: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/206.jpg)
Smart Cards
206 Nicolas T. Courtois 2006-2009
Syntax: Read/Write
• READ BINARY
• UPDATE BINARY (overwrite=real write)
![Page 207: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/207.jpg)
Smart Cards
207 Nicolas T. Courtois 2006-2009
ISO 7816-4 Inter-industry CommandsFor records (2 types): • READ RECORD• WRITE RECORD• APPEND RECORD• UPDATE RECORD• SEEK• SEARCH RECORD
![Page 208: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/208.jpg)
Smart Cards
208 Nicolas T. Courtois 2006-2009
ISO 7816-4 standard commands
For application-specific data objects.• GET DATA• PUT DATA
![Page 209: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/209.jpg)
Smart Cards
209 Nicolas T. Courtois 2006-2009
Security Commands
![Page 210: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/210.jpg)
Smart Cards
210 Nicolas T. Courtois 2006-2009
Authentication
R: deny
W: deny
R: allow
W: allow
![Page 211: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/211.jpg)
Smart Cards
211 Nicolas T. Courtois 2006-2009
Cardholder Authentication
On-card PIN/Password verification.
PIN
not encrypted except in some EMV DDA cardsnot encrypted except in some EMV DDA cardsnot encrypted except in some EMV DDA cards
Y/Nnot authenticated except in EMV DDA cardsnot authenticated except in EMV DDA cardsnot authenticated except in EMV DDA cards
![Page 212: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/212.jpg)
Smart Cards
212 Nicolas T. Courtois 2006-2009
ISO 7816-4 Security Commands
Authentication Card Holder => Card
• VERIFY + password/CHV/PINBTW. CHV == Card Holder Verification == PIN
• Example: 00 20 00 00 04 70 61 70 61
4 bytes password = ‘papa’)
no L_e, no data in reply expected, result will be visible in two status bytes SW1SW2
must be 0INS
CLA authenticates the whole MF if b7=0, PIN stored in MF
![Page 213: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/213.jpg)
Smart Cards
213 Nicolas T. Courtois 2006-2009
Challenge-Response a.k.a. Dynamic Authentication Card=>External World
randomB
A B
A, MACK(randomB)KK
![Page 214: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/214.jpg)
Smart Cards
214 Nicolas T. Courtois 2006-2009
****Exists in GSM, but a non-standard dedicated command
A3 A3Ki Ki
challenge RANDSIM card
Signed RESponse (SRES)
are = ?
• RUN GSM ALGORITHMExample: A0 88 00 00 10 XX …………….XX
16 bytes random nonce
no L_e, no data in reply expected, result will be visible in the status bytes = 0x9F Le
both 0INSCLA
![Page 215: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/215.jpg)
Smart Cards
215 Nicolas T. Courtois 2006-2009
ISO 7816-4 Security Commands
Authentication Card => Terminal
• INTERNAL AUTHENTICATE + random challenge algo nb. + key nb.– Produces a cryptogram/MAC, proves the identity of the
card.• Example: 00 88 00 00 04 A3 02 AF D1 04
crypto algo nb.
authenticates the whole MF if b7=0, key stored in MF
INS
CLA
random challenge on 4 digits
the reply should be 4 digits/bytes too
![Page 216: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/216.jpg)
Smart Cards
216 Nicolas T. Courtois 2006-2009
ISO 7816-4 Security Commands
Challenge-Response Authentication:Terminal => Card
• GET CHALLENGE
• EXTERNAL AUTHENTICATE+ algo nb. + key nb. + cryptogram
![Page 217: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/217.jpg)
Smart Cards
217 Nicolas T. Courtois 2006-2009
Example:
• GET CHALLENGE• Example: 00 84 00 00 10
• EXTERNAL AUTHENTICATE• Example: 00 82 00 00 04 01 02 03 04
crypto algo nb.
authenticates the whole MF if b7=0, key stored in MF
INSCLA
our cryptogram on 4 bytes
no data to recover in reply, OK/not OK seen as 2 status bytes.
LE = it expects 16 digits randomboth are 0INS
CLA
![Page 218: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/218.jpg)
Smart Cards
218 Nicolas T. Courtois 2006-2009
Unilateral AuthenticationHistorically very popular.Examples:• password -> login
––– OK if we trust the browser + the DNS, OK if we trust the browser + the DNS, OK if we trust the browser + the DNS, ••• or a PK certificateor a PK certificateor a PK certificate---based secure tunnel is needed.based secure tunnel is needed.based secure tunnel is needed.
• SIM card -> GSM base station (fixed in 3G)• offline bank card transactions -> Point of Sale terminal
Problems: • login page spoofing etc.• false GSM base stations, • false ATMs,
![Page 219: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/219.jpg)
Smart Cards
219 Nicolas T. Courtois 2006-2009
Uni-directional vs. Mutual Authentication
statement1,
[interactive] proof1
statement2,
[interactive] proof2
K
K
![Page 220: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/220.jpg)
Smart Cards
220 Nicolas T. Courtois 2006-2009
Mutual Authentication in One Piece
Mutual Authentication
![Page 221: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/221.jpg)
Smart Cards
221 Nicolas T. Courtois 2006-2009
ISO 7816-4 Security Commands
Mutual Authentication:Terminal <=> Card
The sequence:• GET CHIP NUMBER• GET CHALLENGE• MUTUAL AUTHENTICATE + params
![Page 222: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/222.jpg)
Smart Cards
222 Nicolas T. Courtois 2006-2009
Read/Write => Secure Read/Write, CLA=04
![Page 223: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/223.jpg)
Smart Cards
223 Nicolas T. Courtois 2006-2009
Secure Messaging
=> starting from now, all read/write commands & data are encrypted…
encrypted
[Mutual Authentication]+
Shared Key Derivation
![Page 224: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/224.jpg)
Smart Cards
224 Nicolas T. Courtois 2006-2009
Encapsulation of ISO 7816-4 Commands
Commands and answers contain another embedded APDU command (or part of it):
• GET RESPONSE for an embedded command
• ENVELOPE – sent an encrypted APDU• Example: 00 C2 00 00 10 ……………
some data, length = 16both are 0INS
CLA
no data to recover in reply, only 2 status bytes.
![Page 225: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/225.jpg)
Smart Cards
225 Nicolas T. Courtois 2006-2009
***Case Studies:GSM
![Page 226: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/226.jpg)
Smart Cards
226 Nicolas T. Courtois 2006-2009
Some More GSM Commands (CLA=‘A0’)
CHV1=user PINCHV2=second PIN
![Page 227: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/227.jpg)
Smart Cards
227 Nicolas T. Courtois 2006-2009
GSM Security
A3
Mobile Equipment
GSM OperatorAuthentication Center
A8
A5
A3
A8
A5
Ki Ki
challenge RAND
KcKc
mi Encrypted Data mi
SIM card
Signed RESponse (SRES)
SRESSRES
Fn Fnare = ?
precomputed triples:(RAND,SRES,Kc)
Base Station
![Page 228: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/228.jpg)
Smart Cards
228 Nicolas T. Courtois 2006-2009
SIM Card Side
secret key
Triples RAND, SRES, Ki are stored in BS
Data with redundancy: terrible mistake…
data block of 114 bits.
![Page 229: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/229.jpg)
Smart Cards
229 Nicolas T. Courtois 2006-2009
Running the Secret Algorithm (with secret key)
Both (key+algo)remain secret at all times.
Custom-made!
![Page 230: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/230.jpg)
Smart Cards
230 Nicolas T. Courtois 2006-2009
Authentication Algorithms
Some operators used COMP128 v1, the default algorithm.• Very bad, there are several attacks
[Briceno,Goldberg,Wagner].• Some never published attacks existed only in a form of an
exe file, better than any published attack – less queries to the card!– I’ve developed such attacks myself, they were never published
(sorry…).– Gemplus patented and commercialized a strong key solution
Encryption AlgorithmsIn the phone.
![Page 231: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/231.jpg)
Smart Cards
231 Nicolas T. Courtois 2006-2009
Embarrassing Discovery
What was discovered before [SDA-Berkeley 04/98].• Keys generated were not 64 bits.
– 10 bits fixed to 0 => 54 effective bits.
• The limitation was implemented in both AuC (authentication Centers) and in SIM cards.
• Later most operators have, by now, increased the size of their keys to 64 bits (also changing the algorithms or not). – It appears that the key is 64 bits starting from COMP 128 v3 and also
in most recent proprietary algorithms. – But one should check if they did!
Let’s do it.
![Page 232: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/232.jpg)
Smart Cards
232 Nicolas T. Courtois 2006-2009
Embarrassing Discovery
• Keys generated by typical UK and French cards (I’ve checked many): 64 bits.
• Key in Polish Orange card: 64 bits.• All Chinese cards checked: 64 bits.
But many keys are still 54 bits: Examples I’ve seen myself:
• SIM I bought in Russia in 2007 (operator = “MTC”): • Estonian card, operator=“simpel”, 2009• Greek Vodafone SIM, 54 bits as well...
![Page 233: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/233.jpg)
Smart Cards
233 Nicolas T. Courtois 2006-2009
Contactless Commands
![Page 234: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/234.jpg)
Smart Cards
234 Nicolas T. Courtois 2006-2009
High-Level APDUNo difference, the reader “translates” the commands.Example: MiFare Classic access:
![Page 235: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/235.jpg)
Smart Cards
235 Nicolas T. Courtois 2006-2009
Low-Level CommandsSent over the air.Example:nfclib+ACR122
+MiFare Classic
> 26< 0400> 9320< CA1C46D141> 9370CA1C46D141 (CRC)< 08 (CRC)> 6000(CRC)< 24D2783A> CF80E99F1AA2A1F1> …
UID
![Page 236: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/236.jpg)
Smart Cards
236 Nicolas T. Courtois 2006-2009
**Case Studies:Oyster Card
![Page 237: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/237.jpg)
Smart Cards
237 Nicolas T. Courtois 2006-2009
**Contact**Contact--less Authentication less Authentication -- HistoryHistory
IFF: Identify Friend or Foe (1942)
Challenge--Response
problem: relay attacksproblem: relay attacksproblem: relay attacks
![Page 238: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/238.jpg)
Smart Cards
238 Nicolas T. Courtois 2006-2009
**Mutual Authentication + Secure Messaging
=> starting from now, all read/write commands data is sent encrypted…
tag random 32 bits
tag resp. 32 bits
encr. rdr random + rdr resp. 2x32 bits
card ID 32 bits
![Page 239: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/239.jpg)
Smart Cards
239 Nicolas T. Courtois 2006-2009
**FactsBest Attack:
– Multiple Differential Attack by Courtois, in SECRYPT 2009.
• card-only attack, • 300 queries to the card,
– very fast!!!» but precise timing needed.
– Can be combine with Nested Authentication attack by the Dutch Nijmegen group.
Then the whole card can be cloned in 10 seconds.
![Page 240: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/240.jpg)
Smart Cards
240 Nicolas T. Courtois 2006-2009
Smart Card O.S.
![Page 241: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/241.jpg)
Smart Cards
241 Nicolas T. Courtois 2006-2009
Modern Multi-Application O.S.• MULTOS
– originally developed for e-purse Mondex [UK]– High level of security, EAL6 for some chips
• Open Platform – promoted by Visa et al.
• JavaCard• popular in GSM• banks never wanted 3rd party applications on their
cards… problems: branding, ownership, risks…
• Windows for Smartcards– commercial fiasco, abandoned
![Page 242: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/242.jpg)
Smart Cards
242 Nicolas T. Courtois 2006-2009
Further Smart Card Standards
![Page 243: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/243.jpg)
Smart Cards
243 Nicolas T. Courtois 2006-2009
ISO 7816-5Specifies AIDs (Application IDentifier)• 16 bytes (128 bits)
– [RID(5)+PIX(0..11)]– RID: Registered Application Provider– PIX: Proprietary Identifier Extension
• Can uniquely identify one smart card application. • Also used to identify files in the smart card.• Simultaneous selection of an application and of a
directory of a card.
![Page 244: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/244.jpg)
Smart Cards
244 Nicolas T. Courtois 2006-2009
*Accessing Files and Applications by AID: SELECT FILE
As for files, applications are selected by the same method with an APDU ‘XX A4 …’ to select a file by its AID: Example:
• 00 A4 02 00 0E 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31
• Response: 90 00 if all OK…
specific params.
SELECT FILE
ISO command
length + AID, "1PAY.SYS.DDF01"
![Page 245: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/245.jpg)
Smart Cards
245 Nicolas T. Courtois 2006-2009
RID: Registered Application Provider“Administrative” method to get a RID is described in ISO 7816-
5. Not all application provider RIDs are public. Examples:• A0 00 00 00 87
– 3GPP (3G USIM application)
• A0 00 00 00 09– ETSI (e.g. GSM SIM with Java)
• RID = D2 76 00 01 24 – In OpenPGP cards.
• A0 00 00 00 03– VISA EMV international cards
• A0 00 00 00 04– MasterCard EMV cards
• Etc..
![Page 246: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/246.jpg)
Smart Cards
246 Nicolas T. Courtois 2006-2009
Examples of a Complete AID• 31 50 41 59 2E 53 59 53 2E 44 44 46 30 31
– which is "1PAY.SYS.DDF01" en ASCII, it contains a list of AIDs of an EMV bank card
• A0 00 00 00 42 10 10– Visa Credit EMV application, France
• A0 00 00 00 03 10 10– Visa Credit EMV application, international
• A0 00 00 00 04 10 10– MasterCard EMV application, international
• A0 00 00 00 69 00 – is the French Monéo e-purse application.
printed on the ticket
![Page 247: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/247.jpg)
Smart Cards
247 Nicolas T. Courtois 2006-2009
ISO 7816-7
• APDU for accessing a database stored on a smart card(!).
• Defines SCQL = Smart Card Query Language
![Page 248: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/248.jpg)
Smart Cards
248 Nicolas T. Courtois 2006-2009
IS0 7816-8..10
• More inter-industry commands to manage the security environment of the card, for example during the personalization phase (before the card is issued to the user!!!)
![Page 249: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/249.jpg)
Smart Cards
249 Nicolas T. Courtois 2006-2009
ISO 7816-12 – 12/2005
USB on smart cards!• Two versions, still evolving• Bridge the connectivity gap between PCs
and smart cards!
![Page 250: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/250.jpg)
Smart Cards
250 Nicolas T. Courtois 2006-2009
Industrial Standards [2]:=> Crypto Standards
![Page 251: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/251.jpg)
Smart Cards
251 Nicolas T. Courtois 2006-2009
Standards• RSA Security PKCS #11: Application Programming
Interface (API), called Cryptoki, to access devices which hold cryptographic information and perform cryptographic functions.– used e.g. in Netscape / Mozilla / cryptlib etc.
![Page 252: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/252.jpg)
Smart Cards
252 Nicolas T. Courtois 2006-2009
Standards
• RSA Security PKCS #15: storage and management of crypto/security objects, keys and their attributes in smart cards
![Page 253: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/253.jpg)
Smart Cards
253 Nicolas T. Courtois 2006-2009
RSA Security PKCS #15 - Examples
![Page 254: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/254.jpg)
Smart Cards
254 Nicolas T. Courtois 2006-2009
Industrial Standards [3]:=> Applications, Protocols
![Page 255: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/255.jpg)
Smart Cards
255 Nicolas T. Courtois 2006-2009
Standards
• PC/SC: communication between Ms Windows and smart card readers [developed in 1997]
• Microsoft Cryptographic API (CryptoAPI).– enables application developers to add cryptography and certificate management functionality to
their Win32 applications without knowing anything about the hardware configuration
![Page 256: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/256.jpg)
Smart Cards
256 Nicolas T. Courtois 2006-2009
Smart Cards under Linux?
PC/SC works and has drivers under Linux too.
Libraries? check out • M.U.S.C.L.E. at www.linuxnet.com• OpenSC library• Etc…
![Page 257: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/257.jpg)
Smart Cards
257 Nicolas T. Courtois 2006-2009
Standards• JavaCard [later].
– OCF [OpenCard Framework]: a Java-based set of APIs for smart cards
– JavaCard 2.2
• ISO 15408: product evaluation derived from the ‘common criteria’
![Page 258: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/258.jpg)
Smart Cards
258 Nicolas T. Courtois 2006-2009
Banking Standards
• EMV: international bank card specs• Visa Open Platform: security management of
multi-application cards
• CEPS: Common Electronic Purse Specification
• EN 1546: Pan-European e-Purse specification (very similar)
![Page 259: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/259.jpg)
Smart Cards
259 Nicolas T. Courtois 2006-2009
Mobile Phone Card Standards
![Page 260: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/260.jpg)
Smart Cards
260 Nicolas T. Courtois 2006-2009
***GSM Phones Card Standards• GSM 11-11: specifies the standard SIM-ME interface• GSM 11-14: more: « SIM Application Toolkit »• GSM 03.19: API JavaCardTM for programming SIM cards• GSM 03.40: how to implement Short Message Service
(SMS) in Point to Point (PP) mode• GSM 03.48: security mechanisms for the SIM card
application toolkit
![Page 261: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/261.jpg)
Smart Cards
261 Nicolas T. Courtois 2006-2009
***3G Phone Card Standards• TS 51.011: specifies the 3G SIM-ME interface• ETSI TS 102 221: terminal-card physical and logical
characteristics• 3GPP: 31.101 V4.0.0, 31.102 V4.0.0 (Release 99)- 3G
cards (W-CDMA)• 3GPP2-C00-1999-1206-1208: specification of RUIM
modules for CDMA 2000
![Page 262: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/262.jpg)
Smart Cards
262 Nicolas T. Courtois 2006-2009
3G Phone Security StandardsPrinciples, objectives and requirements• TS 33.120 Security principles and objectives• TS 21.133 Security threats and requirementsArchitecture, mechanisms and crypto algorithms• TS 33.102 Security architecture• TS 33.103 Integration guidelines• TS 22.022 Personalization of mobile equipment• TS 33.105 Cryptographic algorithm requirements• TR 33.900 A guide to 3G security• TR 33.901 Criteria for cryptographic algorithm design process• TR 33.902 Formal analysis of the 3G authentication protocol• TR 33.908 General report on the design, specification and evaluation of3GPP standard confidentiality and integrity algorithms• Document 1: f8 & f9• Document 2: KASUMI• Document 3,4: test dataLawful interception• TS 33.106 Lawful interception requirements• TS 33.107 Lawful interception architecture and functions
![Page 263: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/263.jpg)
Smart Cards
263 Nicolas T. Courtois 2006-2009
PKI / Digital Signatures – Related to EU directive
• ETSI TS 101 333: digital signature formats• ETSI TS 101 808: CA management specification• CEN/ISSS: European Directive for Digital signatures
• CWA/prEN 14890: Interface for smart cards for D.S.
![Page 264: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/264.jpg)
Smart Cards
264 Nicolas T. Courtois 2006-2009
Transport Card StandardsTransport Card Standards
Main Standards:• Calypso
[France, Belgium]• MiFare
[UK, Holland, Poland]
• Felica [Hong Kong, Japan, India]
![Page 265: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/265.jpg)
Smart Cards
265 Nicolas T. Courtois 2006-2009
ITSO: used MiFare .. and withdraws [2009]ITSO: used MiFare .. and withdraws [2009]UK system and specs.
Compatible with both MiFare and Calypso.
MiFare Cards in ITSO system: 9.1 million [2008].Now slowly withdrawing it:1. ITSO licensed Members shall cease to issue MiFare
Classic cards after 31st December 2009. 2. ITSO shall not support any ITSO shell issued on a Mifare
Classic card after 31st December 2016.
![Page 266: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/266.jpg)
Smart Cards
266 Nicolas T. Courtois 2006-2009
JavaCardWrite Once, Run Anywhere™
![Page 267: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/267.jpg)
Smart Cards
267 Nicolas T. Courtois 2006-2009
Recent History
• Oct 25, 2010 - Gemalto has filed a patent infringement lawsuit in the US against Google, HTC, Motorola, and Samsung for mechanisms implemented in the Android OS
• From press release:– “Gemalto’s patented technologies are
fundamental to running software, developed in a high level programming language such as Java®, on a resource constrained device,”
![Page 268: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/268.jpg)
Smart Cards
268 Nicolas T. Courtois 2006-2009
Motivation• Portable code, hardware-independent• Time to market: add new applications
to the card at any moment! • Easier to develop• Open platform,
=> specs of smart card chip are usually confidential(!!)
• Third party applications => much more security needed!!!– Hide the smart card OS and resources from the developer [not
trusted]– Java language has inherently better security…
• Much of current application insecurity comes from C language [exceptions, printf, goto, buffer overflow etc..]
• Provide “built-in security” for developers• Cons: slow + expensive…
![Page 269: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/269.jpg)
Smart Cards
269 Nicolas T. Courtois 2006-2009
History
• Java Card 1.0: Schlumberger. APIs only. • Later, Bull+Gemplus+Schlumberger formed
the Java Card Forum. • + Sun Microsystems => develop Java Card
2.0.Still a SMALL subset of JavaTM
Some 2 billion Java cards to date(mainly in GSM…)
![Page 270: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/270.jpg)
Smart Cards
270 Nicolas T. Courtois 2006-2009
Working Principle [source: Sun website]
![Page 271: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/271.jpg)
Smart Cards
271 Nicolas T. Courtois 2006-2009
The Java Card VM Specs
The Java Card Virtual Machine (JCVM): defines
• a subset of the Java programming language
• a Java-compatible VM for smart cards,
• binary data representations and file formats,
• the JCVM instruction set.
![Page 272: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/272.jpg)
Smart Cards
272 Nicolas T. Courtois 2006-2009
JavaCard - Types
Types
![Page 273: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/273.jpg)
Smart Cards
273 Nicolas T. Courtois 2006-2009
JavaCard - Limitations
Dynamic class loading, security manager (java.lang.SecurityManager), threads, object cloning, and certain aspects of package access control are not supported.
native, synchronized, transient, volatile, strictfp are not supported.
There is no support for char, double, float, and long, or for multidimensional arrays. Support for int is optional.
The Java core API classes and interfaces (java.io, java.lang, java.util) are unsupported except for Object and Throwable, and most methods of Object and Throwable are not available.
Some Exception and Error subclasses are omitted because the exceptions and errors they encapsulate cannot arise in the Java Card platform.
Language Features
Keywords
Types
Classes and Interfaces
Exceptions
![Page 274: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/274.jpg)
Smart Cards
274 Nicolas T. Courtois 2006-2009
Card Java – Resource Constraints
A package can refer to up to 128 other packages
A fully qualified package name is limited to 255 bytes. Note that the character size depends on the character encoding.
A package can have up to 255 classes.
A class can directly or indirectly implement up to 15 interfaces.An interface can inherit from up to 14 interfaces.
A package can have up to 256 static methods if it contains applets (an applet package), or 255 if it doesn't (a library package).
A class can implement up to 128 public or protected instance methods, and up to 128 with package visibility.
Packages
Classes
![Page 275: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/275.jpg)
Smart Cards
275 Nicolas T. Courtois 2006-2009
Java Card - Standard Libs
• JavaCard.lang• JavaCard.framework• JavaCard.security• JavaCardx.crypto
![Page 276: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/276.jpg)
Smart Cards
276 Nicolas T. Courtois 2006-2009
Added [Java Card 2.2] = javacard.frameworkISO7816 defines constants related to ISO 7816-3 and ISO 7816-4.MultiSelectable identifies applets that can support concurrent selections. PIN represents a personal identification number used for security (authentication) purposes. Shareable identifies a shared object. Objects that must be available through the applet firewall
must implement this interface.
AID defines an ISO7816-5-conforming Application sIdentifier associated with an application provider; a mandatory attribute of an applet.
APDU defines an ISO7816-4-conforming Application Protocol Data Unit, which is the communication format used between the applet (on-card) and the host application (off-card).
Applet defines a Java Card application. All applets must extend this abstract class. JCSystem provides methods to control the applet life-cycle, resource and transaction
management, and inter-applet object sharing and object deletion.OwnerPIN is an implementation of the PIN interface.Util provides utility methods for manipulation of arrays and shorts, including arrayCompare(),
arrayCopy(), arrayCopyNonAtomic(), arrayFillNonAtomic(), getShort(), makeShort(), setShort().
Various Java Card VM exception classes are defined: APDUException, CardException, CardRuntimeException, ISOException, PINException, SystemException, TransactionException, UserException.
Interfaces
Classes
Exceptions
![Page 277: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/277.jpg)
Smart Cards
277 Nicolas T. Courtois 2006-2009
javacard.securityGeneric base interfaces:
Key, PrivateKey, PublicKey, and SecretKey, and subinterfaces that represent various types of security keys and algorithms: AESKey, DESKey, DSAKey, DSAPrivateKey, DSAPublicKey, ECKey, ECPrivateKey, ECPublicKey, RSAPrivateCrtKey, RSAPrivateKey, RSAPublicKey
Checksum: abstract base class for CRC algorithms
KeyAgreement: base class for key-agreement algorithmsKeyBuilder: key-object factory
KeyPair: a container to hold a pair of keys, one private, one publicMessageDigest: base class for hashing algorithms RandomData: base class for random-number generatorss
Signature: base abstract class for signature algorithms
CryptoException: encryption-related exceptions such as unsupported algorithm or uninitialized key.
Interfaces
Classes
Exceptions
![Page 278: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/278.jpg)
Smart Cards
278 Nicolas T. Courtois 2006-2009
**Crypto Algorithms in Javacard 2.2• AES: Advanced Encryption Standard (NIST FIPS-197)• SEED Algorithm Specification : KISA - Korea Information Security Agency• SHA-1 (NIST FIPS 180-1), SHA-256,SHA-384,SHA-512 (NIST FIPS 180-2)
• MD5 defined by RSA DSI in RFC 1321• RIPEMD-160 defined in ISO/IEC 10118-3:1998• DSA (NIST FIPS 186)
• DES (NIST in FIPS 46-1 and 46-2)• RSA: The Rivest, Shamir and Adleman Asymmetric Cipher algorithm• ECDSA: Elliptic Curve Digital Signature Algorithm
• ECDH: Elliptic Curve Diffie-Hellman algorithm• HMAC: Keyed-Hashing for Message Authentication (RFC-2104)
![Page 279: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/279.jpg)
Smart Cards
279 Nicolas T. Courtois 2006-2009
javacardx.cryptoNon-standard and proprietary crypto OR crypto subject to export controls!
KeyEncryption, Cipher
Interfaces
Classes
Exceptions
![Page 280: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/280.jpg)
Smart Cards
280 Nicolas T. Courtois 2006-2009
Java Card Runtime Environment (JCRE)The JCRE consists of the Java Card VM, the Java Card Framework and APIs, and some
extension APIs.
![Page 281: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/281.jpg)
Smart Cards
281 Nicolas T. Courtois 2006-2009
CommunicationSpecial subset of APDUs [ISO 7816-3..4] are used.
![Page 282: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/282.jpg)
Smart Cards
282 Nicolas T. Courtois 2006-2009
Applet IsolationJCRE can act as a firewall
![Page 283: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/283.jpg)
Smart Cards
283 Nicolas T. Courtois 2006-2009
Applet Structure and Execution
![Page 284: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/284.jpg)
Smart Cards
284 Nicolas T. Courtois 2006-2009
Applet Execution
• The applet is identified by a unique identifier AIM.
• The terminal selects/deselects the applet at any moment.
• The APDUs are redirected to the applet currently selected.
![Page 285: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/285.jpg)
Smart Cards
285 Nicolas T. Courtois 2006-2009
Applet SecurityApplets [bytecode] are
• CHECKED [if they don’t spy on other applets!!]
Should be signed with a digital signature [white-list principle(Nokia), as opposed to black list (Microsoft)]
![Page 286: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/286.jpg)
Smart Cards
286 Nicolas T. Courtois 2006-2009
Java Card 3.0.
March 2008• Multi-threading• Garbage Collector• Multi-dimensional Arrays• TCP/IP• Servlets
![Page 287: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/287.jpg)
Smart Cards
287 Nicolas T. Courtois 2006-2009
Terminals
![Page 288: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/288.jpg)
Smart Cards
288 Nicolas T. Courtois 2006-2009
USB
Before were on serial port…Now all USB.Since about 2000 they use the [Microsoft
compatible] standard API/interface called PC/SC.
![Page 289: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/289.jpg)
Smart Cards
289 Nicolas T. Courtois 2006-2009
PC Card
![Page 290: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/290.jpg)
Smart Cards
290 Nicolas T. Courtois 2006-2009
Keyboards
Cherry etc.
![Page 291: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/291.jpg)
Smart Cards
291 Nicolas T. Courtois 2006-2009
Contact-less
Open source: Open-PCD[Germany]
![Page 292: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/292.jpg)
Smart Cards
292 Nicolas T. Courtois 2006-2009
Banking Terminals
![Page 293: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/293.jpg)
Smart Cards
293 Nicolas T. Courtois 2006-2009
Home Banking
![Page 294: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/294.jpg)
Smart Cards
294 Nicolas T. Courtois 2006-2009
Contact-less Bank Cards
Very recent
![Page 295: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/295.jpg)
Smart Cards
295 Nicolas T. Courtois 2006-2009
Biometric
![Page 296: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/296.jpg)
Smart Cards
296 Nicolas T. Courtois 2006-2009
Futuristic
UK pilot 2008
![Page 297: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/297.jpg)
Smart Cards
297 Nicolas T. Courtois 2006-2009
Conclusion
![Page 298: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/298.jpg)
Smart Cards
298 Nicolas T. Courtois 2006-2009
Future:
• Cannot live without Smart Cards or some other secure portable hardware device.– Bill Gates recognized it publicly in 2005…
• PKI enabler: – fair security: e.g. everyone can verify the
authenticity of a bank transaction.– 99.9 % unused potential.
![Page 299: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/299.jpg)
Smart Cards
299 Nicolas T. Courtois 2006-2009
Some Difficulties Worldwide
• Major concern - COST EFFECTIVENESS• Security is of public interest, conflict of
interest - some market players think about their security, not of their customers and like fraud – make profit selling insurance…
• Bad press: – Unbreakable ? Not.– But there is no better technology on this planet.
![Page 300: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/300.jpg)
Smart Cards
300 Nicolas T. Courtois 2006-2009
**How Secure Are Smart Cards?
A necessity: there is no better technology on earth !
…Succeeding requires tamper-proof hardware. But
• no security professional will speak of tamper-proof devices, as opposed to tamper-resistant ones.
• Security is a matter of economics, and not just technology.– How much will your attacker spend to defeat your security? – Are you protecting something valuable enough that your enemy will resort to the three
B's: burglary, bribery or blackmail?
• Protecting against determined adversaries is very hard; it's rarely wise to bet your business on it.”…
[Steve Bellovin blog, 24/08/07]
![Page 301: La Carte à Puce - Nicolas Courtois · 25 Nicolas T. Courtois 2006-2009 Vocabulary magnetic stripe card IC= Integrated Circuit ICC, chip card : • memory card • wired logic card](https://reader033.vdocuments.us/reader033/viewer/2022042806/5f6a148370461f11fc1a060f/html5/thumbnails/301.jpg)
Smart Cards
301 Nicolas T. Courtois 2006-2009
Future of Smart Cards• New silicon technologies – 0.065 µm SOI for more
storage and security, lower power consumption• Multithread, DMA, MMU.• New memory technologies:
– In 2005: NOR-flash – 1 Megabyte…– 1 Gigabyte in a SIM ! – with NAND-Flash. Spansion.
• On-die support for RF, TCP/IP, WiFi, Bluetooth, etc. USB full speed – Axalto product + patents– 12 Mbits/sec ! The future standard in GSM handsets?
• Enhanced security with biometrics (3 factors).• More crypto: AES, Elliptic Curves etc...