Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to Microprocessor Cards 하남수 2000.5.30

Published byOpal Haynes Modified over 8 years ago

Similar presentations

Presentation on theme: "Introduction to Microprocessor Cards 하남수 2000.5.30"— Presentation transcript:

1 Introduction to Microprocessor Cards 하남수 2000.5.30 ha@cse.sch.ac.kr

2 2000-05-31 순천향대학교 하남수 2 Summary 1. What is a smart cards ? 2. Standards in the smart card industry 3. Card life cycle 4. Security feature

3 2000-05-31 순천향대학교 하남수 3 1 - What is a smart card ?

4 2000-05-31 순천향대학교 하남수 4 Characteristics of Microprocessor Cards Memory and processor on the same chip Unique and permanent serial number Secret code protection in the card Cryptographic capability

5 2000-05-31 순천향대학교 하남수 5 What Information needs to be in the card? Everything that relates to the intrinsic operation of the application  Identification of the card holder  Rights of the card holder Everything that relates to the security of the card and the application  Card Serial Number  Secret code  Keys for cryptographic algorithms

6 2000-05-31 순천향대학교 하남수 6 Inside the Chip of a Microprocessor Card ROMRAMRAM CPUEEPRMEEPRM Security COS

7 2000-05-31 순천향대학교 하남수 7 Role of the Operating System The Operating system transforms a physical device into a logical tool by providing these feature:  Memory Management  Security Management  Cryptographic Functions  Customization

8 2000-05-31 순천향대학교 하남수 8 Types of Objects Managed by the Operating System Data 는 files 형태로 조직화  data, code, key, … Security 는 OS 에의해 운영  Secret code 는 파일 억세스를 컨트롤  Keys 들은 암호학적 함수를 위해 사용 All data and security features are managed by the OS

9 2000-05-31 순천향대학교 하남수 9 Types of Commands Performed by the Operating System Administrative commands  File and Directory management: creat, read, write, update, … Security related commands  Operations on secret codes and keys Loyalty commands  Award, Redeem, … Payment commands  Credit, Debit, Read Balance, …

10 2000-05-31 순천향대학교 하남수 10 2 – Standards in the Smart Card Industry

11 2000-05-31 순천향대학교 하남수 11 ISO 7816 -Identificatin Cards- ICC With Contacts IS 7816-1: Physical charactristics IS 7816-2: Dimension & location of contacts IS 7816-3: Electronic signal & transmission protocol IS 7816-4: Interindustry commands IS 7816-5: Resistration system for application in IC card IS 7816-6: Interindustry data elements IS 7816-7: Interindustry commands for Structured Card Query Language(SCQL) IS 7816-8: Security architecture and related commands

12 2000-05-31 순천향대학교 하남수 12 ISO 7816-1 Thickness 0.76 mm 85 mm 54 mm Phycal characteristic

13 2000-05-31 순천향대학교 하남수 13 ISO 7816-2 1-VCC Gnd-5 2-Rst Vpp-6 3-CLK I/O-7 4-RFU RFU-8 Dimension & Location

14 2000-05-31 순천향대학교 하남수 14 ISO 7816-3 Electrical Characteristics  Clock frequency: [1 MHz, 5 MHz]  Communication speed Transmission Protocols  T=0 and T=1 defined  T=14 는 소유자를 위해 예약 Protocol Type Selection  If several protocols supported Answer-to-Reset Electronic signals & transmission protocols

15 2000-05-31 순천향대학교 하남수 15 Communication Protocols T=0: asynchronous half duplex character transmission protocol  One way communication-any command expecting a response must send a second command to receive the response T=1: asynchronous half duplex block transmission protocol  Two way communication-a single command may send and/or receive data T=2 to T=13: Reserved for future use T=14: reserved for protocols not standardized by ISO Almost all currently available cards follow T=0

16 2000-05-31 순천향대학교 하남수 16 Scope of ISO 7816-4 Contents of messages  commands  responses Structure of files and data Access methods to files and data Security architecture defining access rights to files and data Methods for secure messaging Ensures Interoperability

17 2000-05-31 순천향대학교 하남수 17 The Application Protocol Data Unit(APDU) An APDU contains  A command message  A response message Response APDU Command APDU

18 2000-05-31 순천향대학교 하남수 18 APDU Command Command Format(ex:Read) without Body Header  CLA: indicates ISO or Gemplus proprietary command Secure messanging or not  INS: Instruction code(what type of command ex.Read)  P1, P2: parameters(ex.Read, where in the memory)  Le: Expected length of data to be returend Header CLA INS P1 P2 Le

19 2000-05-31 순천향대학교 하남수 19 APDU Command Command Format(ex: Write) with Body Header  CLA: indicates ISO or Gemplus propritary commands  INS: Instruction code(what type of command. Ex.Write data to the card)  P1, P2: Parameters, ex: Write where in the memory  Lc: Length of data sent to the card Body  Data for card Header Body(if data for card) CLA INS P1 P2 Lc Data

20 2000-05-31 순천향대학교 하남수 20 APDU Response Response Format Body  Optional  Holds the data returned by the card(ex: after Read) Trailer  Status returned by the card Body(if data for terminal) Trailer Data SW1,SW2

21 2000-05-31 순천향대학교 하남수 21 File Organization Card organized into files  MF-Master File Root of the file structure Contains other files  DF-Dedicated File Contains other files Can be seen as a directory  EF-Elementary File Contains data MF DF EF

22 2000-05-31 순천향대학교 하남수 22 Implementation for Files Organization Each file is made of  File descriptor containing information for File management Security management  File body DF o Optional o Contains the DF name EF o Mandatory o Contains data stored in the EF

23 2000-05-31 순천향대학교 하남수 23 ISO 7816-5 Specifies  Numbering system for application identifiers To identify if a given card contains an application  Resistration procedure for application provider identifiers AID is used to address an application in the card Do you contain the XYZ application? Yes! Here it is

24 2000-05-31 순천향대학교 하남수 24 Global Scheme ISO 7816-5 Application ID ISO 7816-4 Command ISO 7816-3 Protocol Layer ISO 7816-4 APDU Layer ISO 7816-1 ISO 7816-2 T=0 T=1 APDU

25 2000-05-31 순천향대학교 하남수 25 3 - Card Life Cycle

26 2000-05-31 순천향대학교 하남수 26 Card Life Cycle Initialization  Card associated with issuer  Security features loaded Personalization  Application profile loaded(card belong to one given application)  Cardholder profile loaded Initalization Personalization

27 2000-05-31 순천향대학교 하남수 27 Card Personalization Electronic personalization:  Downloading of data(application & cardholder) Graphical personalization:  Printing text or artwork on the card body My name Making each card unique ! My name

28 2000-05-31 순천향대학교 하남수 28 End-User Stage The memory can be accessed according to rules defined at personalization stage

29 2000-05-31 순천향대학교 하남수 29 4 - Security Features

30 2000-05-31 순천향대학교 하남수 30 Security Scheme The Smart card is not the only element involved in the security of an application Security must be managed for the entire application HOST READERSCARDS

31 2000-05-31 순천향대학교 하남수 31 Secret Code Secret codes are used to protect  Access to files(read, erite, update, … )  Financial functions(read balance, debit, … )  Administrative commands(creat file, … ) A secret code is presented to the card and then checked by the card SC #1 SC #1 = SC #1 SC #1

32 2000-05-31 순천향대학교 하남수 32 Keys Keys are used by cryptographic algorithms Cryptosystems use two types of algorithms:  Secret key(e.g.,DES, 3DES)  Public key(e.g.,RSA, DSA) Keys are used for:  Secure messaging  Computing and verifying certificates/signature

33 2000-05-31 순천향대학교 하남수 33 DES:Data Encryption Standard Same key  Symmetric algorithm Key must be secret! Key is 8 bytes long Originally developed at IBM Widely used algorithm in the world DES DES -1 A A B K K B=DES(A,K) A=DES -1 (B,K)

34 2000-05-31 순천향대학교 하남수 34 Switching to 3DES Improvement in computational performance and crytanalysis techniques De facto standards is now Triple DES Triple DES is now endosed by NIST, replacing DES DES dose not offer sufficient long-term security

35 2000-05-31 순천향대학교 하남수 35 Triple DES DES DES -1 A B A K K (16bytes) DES KlKl KrKr KlKl 3DES=DES If K l = K r B=3DES(A,K) K=K l K r A=3DES -1 (B,K) K=K l K r A B (8bytes)

36 2000-05-31 순천향대학교 하남수 36 Triple DES implementation (16-byte result) Used when a result on 16 bytes is required B=3DES_16(A, K) =Bl Br DES KlKl KrKr KlKl Br Input data(8bytes) Right data(8bytes) 3DES_16DES KlKl KrKr KlKl Bl Input data(8bytes) Left data(8bytes) A(8bytes) B(16bytes) K (16 Bytes) DES

37 2000-05-31 순천향대학교 하남수 37 Diversfication Process Diversfication Using 3DES_16 Card serial Number (8 bytes) In the Terminal Daughter Key (16 bytes) Mother Key (16 bytes) In the Card

38 2000-05-31 순천향대학교 하남수 38 참고 www.gemplus.com www.mondexinternational.com

Download ppt "Introduction to Microprocessor Cards 하남수 2000.5.30"

Similar presentations

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.
Smart Card Syed Jabbar Computer Science Course:

Smart Card Syed Jabbar Computer Science Course:
Smart Card Reader. Quick Start Training Agenda Smart Card Introduction ISO 7816 Standard Smart Card Operation CoolRunner-II Smart Card Reader CoolRunner-II.

Smart Card Reader. Quick Start Training Agenda Smart Card Introduction ISO 7816 Standard Smart Card Operation CoolRunner-II Smart Card Reader CoolRunner-II.
Serial I/O - Programmable Communication Interface

Serial I/O - Programmable Communication Interface
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 3. Smart Identification 3.1 Smart Cards 3.1.1 What Is a Smart Card?  Smart cards evolved from plastic identification and magnetic stripe cards through.

1 3. Smart Identification 3.1 Smart Cards What Is a Smart Card?  Smart cards evolved from plastic identification and magnetic stripe cards through.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Muhammad Wasim Raad1 Smart Cards Operating Systems أنظمة التشغيل للبطاقات الذكية By: Dr Muhammad Wasim Raad Computer Engineering Department.

Muhammad Wasim Raad1 Smart Cards Operating Systems أنظمة التشغيل للبطاقات الذكية By: Dr Muhammad Wasim Raad Computer Engineering Department.
LMS/RFID (Dis)integration Why Standards Matter Mick Fortune.

LMS/RFID (Dis)integration Why Standards Matter Mick Fortune.
Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.

Encryption is a way to transform a message so that only the sender and recipient can read, see or understand it. The mechanism is based on the use of.
Java Card Technology Ch02: Smart card Basics Instructors: Fu-Chiung Cheng ( 鄭福炯 ) Associate Professor Computer Science & Engineering Computer Science &

Java Card Technology Ch02: Smart card Basics Instructors: Fu-Chiung Cheng ( 鄭福炯 ) Associate Professor Computer Science & Engineering Computer Science &
The Microcomputer System In this presentation you will: Investigate the microprocessor Title Page.

The Microcomputer System In this presentation you will: Investigate the microprocessor Title Page.
Java Card Open Platform Combines tomorrow's technology and platforms C:\Presentations - JavaCard_OpenPlatform.ppt - bsc - 26.02.02 - page 1 Programming.

Java Card Open Platform Combines tomorrow's technology and platforms C:\Presentations - JavaCard_OpenPlatform.ppt - bsc page 1 Programming.
Application Suite. ¿What is HiperCenter? HiperCenter provides a rapid and reliable way to implement on line transaction processing (OLTP) solutions. HiperCenter.

Application Suite. ¿What is HiperCenter? HiperCenter provides a rapid and reliable way to implement on line transaction processing (OLTP) solutions. HiperCenter.
Epayment System using Java April, 11. 2001 Computer Security and Electronic Payment System Cho won chul Kim Hee Dae Lee Jung Hwan Yoon Won Jung.

Epayment System using Java April, Computer Security and Electronic Payment System Cho won chul Kim Hee Dae Lee Jung Hwan Yoon Won Jung.
Fayoum University Faculty of Engineering Electrical Engineering Department E-voting system Using Smart Card Under the supervision Of: Dr. Magdy Amer.

Fayoum University Faculty of Engineering Electrical Engineering Department E-voting system Using Smart Card Under the supervision Of: Dr. Magdy Amer.
Smart Card 李開振, 許家碩 Department of Computer Science National Chiao Tung University.

Smart Card 李開振, 許家碩 Department of Computer Science National Chiao Tung University.
Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Introduction Slide 1 A Communications Model Source: generates.

Department of Electronic Engineering City University of Hong Kong EE3900 Computer Networks Introduction Slide 1 A Communications Model Source: generates.
Global Platform Presentation C:\Path - filename - san - 23.10.02 - page 1 Open Platform on Java Card Introduction by Ingeborg Sandow.

Global Platform Presentation C:\Path - filename - san page 1 Open Platform on Java Card Introduction by Ingeborg Sandow.
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.

Similar presentations

Ads by Google