SMART CARDS Miguel Monteiro apm@fe.up.pt FEUP / DEI
WHAT IS A SMART CARD Distinguishable characteristics Can participate in automated electronic transactions Used primarily to add security Not easily forged or copied Can store data securely Can host/run a range of security algorithms and functions Comments Smart usually implies the fifth characteristic Some capacity to do transformations and/or processing The word card sometimes is misleading Nowadays these devices can take a variety of forms 2 a small hexagonal piece
SMART CARD MAIN APPLICATIONS Smart Cards can be used in several areas and functions Mobile telecommunications Banking Transportation Identity cards / passports Service entitlement Health Physical access control IT access control Satellite TV and set top boxes 3
EXAMPLE: BASIC SIM FUNCTION Each SIM contains a unique identifier and an identification key (K i ): the IMSI International Mobile Subscriber Identifier 1. For identification and authentication the SIM sends the IMSI to the mobile operator 2. The operator consults its database and sends a challenge (RAND) back 3. Both the operator and SIM encrypt the challenge (RAND) using algorithm A3 and key K i 4. The SIM sends back the result (SRES) 5. The operator compares the SIM response with its own value 6. If authenticated, both sides derive a new key K c, using algorithm A8, for encrypting further communications (with a different algorithm: A5) 4
SECURITY FUNCTIONS Some of most common security functions performed by smart cards include: Identification Authentication Holding, adding, and modification of private data Holding rights or permissions (authorization) In addition they can be involved in Message confidentiality using encryption Message integrity in both directions (incoming and outgoing) Non-repudiation Can hold certificates for expected message authors A private key of the owner Apply standard hashing and cipher algorithms 5
IS THE MAGNETIC STRIPE CARD SMART? Magnetic stripe cards have been used for many of the previous functions But they don t comply with the 3 rd and mainly the 5 th characteristics of a smart card Its use is now almost inexistent in Europe for security applications But they are yet quite common in many other regions 6
SMART CARD COMPONENTS Considering the smart cards capacity of doing processing operations They need a CPU For storing they also need memory And some mean of communication (I/O) Also, because cryptographic algorithms are demanding, they usually have specialized (hardware) coprocessors Typical architecture for a standard contact card 7
EMBEDDED OR CONTACTLESS (1) Embedded cards can have other forms of connection to other systems Modern SIMs embedded in mobile devices can have other serial links with improved bandwidths another serial interface Nowadays the SWP Single Wire Protocol is common 8
EMBEDDED OR CONTACTLESS (2) Contactless cards use NFC for the serial channel They possess a radio frequency interface Short range (near field) They have an antenna They are powered also wirelessly by the other party 9
MORE DETAILED ARCHITECTURE A High End Smart Card A Philips/NXP smart card From top to bottom and left to right: ROM, Flash, processor, coprocessor, RAM, other units 10
MEMORY TYPES AND ACCESS Besides ROM which is factory recorded, smart cards should have volatile and non-volatile memory Non-volatile is essential to retain data as the smart card is not powered whenever it is not in use EEPROM, Flash, FRAM (ferroelectric random-access) These types has different sizes in the ship (per bit), number of accesses, and speed Example areas of 1 bit Memory types characteristics 11
CONTACTS AND SIZES Smart cards occur in many formats and sizes Contacts some standard sizes C1 VCC operating power C2 RST reset C3 CLK clock signal C5 GND ground C6 VPP programming power C7 I/O serial input/output standard SIM sizes 12
SMART CARD READERS Communicate bidirectionally with the card Some examples PCs and smart card readers communicate using a standard protocol and set of commands:. the PC/SC standard. PC connected reader SIM card in a smartphone A payment terminal A contactless terminal 13 Most PC operating systems incorporate now this standard A contactless card in the form of a ring
SMART CARD SOFTWARE ROM Along the years smart cards have evolved The first were monolithic systems with a single proprietary application Now we have multi application platforms compliant with well accepted standards Monolithic Application Operating System Multi application platform Payment Transport Signature Operating System Technologies JavaCard GlobalPlatform MultOS 14
SMART CARD OPERATING SYSTEM (SCOS) The SCOS is responsible for the management of the resources in the card Transferring data to and from the serial interface Controlling command execution File management Managing and executing cryptographic algorithms Managing and executing application code SCOS architecture evolution 15
MANAGED ENVIRONMENTS On top of the operating system There can be some managed environments Implement a standard providing a working model The GlobalPlatform specification is one common environment for telecommunication cards with multi-owner / multi-application capabilities JavaCard provides a Virtual Machine, Java APIs, and a programming model for writing card applications 16 Smart Card with Global Platform and Java Card
GLOBAL PLATFORM (GP) SPECIFICATION GP defines a set of components Enhance multi-application (and multi-owner) operation They provide Security (isolation and secure domains) Portability Interoperability Security domains represent the organizations that own applications They store their own keys to install new applications Initially there is only the Issuer Domain that can create other domains Applications belonging to different domains (owners) are completely isolated 17
JAVA CARD RUNTIME SYSTEM Most Smart Cards support Java Card Applications can be developed in Java (with the limitations and framework for Java Card) Those applications (called applets) follow a strict programming model Smart card with Java Card Applets can communicate if from the same owner 18
LIMITATIONS OF THE JAVA CARD VM In recent versions: The int type is common, almost always present There is a not automatic garbage collection for freeing dynamic allocated objects Fields of classes and dynamic allocated objects are created in non-volatile memory Local variables of methods (primitive types and arrays of primitive types) are allocated on the stack, in volatile memory 19
JAVA CARD API HIGHLIGHTS Package javacard.framework Classes for dealing APDUs, PINs, memory freeing and the Applet Package javacard.security Most security classes and operations are here: Keys, Exchanges, Hashing, Signatures, Encryption, Random numbers, etc, using several algorithms Package javacardx.biometry Storing and algorithms for biometric data (optional) Package javacardx.crypto Cipher AES algorithms Package javacardx.framework.math Working with big numbers Package javacardx.framework.string String like operations performed in byte[ ]. (For UTF-8 codes) Package javacardx.framework.util Operations in arrays 20
JAVA APPLET DEVELOPMENT AND EXECUTION Several tools are needed until a Java Card applet can be executed 21
SMART CARD AND READER COMMUNICATION Cards and readers (CAD Card Accepting Device) communicate by APDU exchange CAD An APDU (application protocol data unit) is a formatted sequence of bytes for commands (CAD Card) and responses (Card CAD) c-apdu 1 r-apdu 1... c-apdu n r-apdu n Card 8X h instruction (even number) A command APDU 2 parameters size of the response (optional) size of the data field (optional) The response APDU Status word: 9000 h or 61XX h for OK, otherwise an error 22
INITIAL CARD OPERATION When connected to a CAD a reset occurs The card sends an ATR (Answer To Reset) packet Contains communication parameters The CAD should configure itself in conformance for further communication (or request to select some Protocol Parameters) Communications between card and CAD Reset and exchange of info 23
INSTALLATION AND OPERATION OF APPLETS There are several commands to install applets GP defines them in connection to Secure Domains First the security domain is selected Next the applet is loaded and installed After it can be selected, becoming ready for operation Some states of an applet Install for Load* Install for Install* Select this applet Installed Selectable Selected Reset or Select another Delete* * - GP commands require a Secure Channel Protocol (SCP) 24
SECURE CHANNEL PROTOCOL Besides encryption it assures that is the owner of the Security Domain to emit it There are several SCPs defined by the GP Usually they involve the knowledge of 3 symmetric keys by the emitter of the command A very simplified example CAD and Card send each other a 16 byte random number a1 a16 and b1 b16 Both cipher both numbers using a common key α1 α16 and β1 β16 Send each other half of the encrypted challenges for verification (for instance α1 α8 and β9 β16) If verified build both another encryption key formed by the non transmitted halves β1 β8α9 α16 25
THE APPLET JAVA CARD CLASS Applet is an abstract class It implements some methods except one that is defined as abstract abstract void process(apdu apdu) An applet derives from the Applet class public abstract class Applet extends Object { protected Applet() // only the install method should build an Applet static void install(byte[] barray, short boffset, byte blength) // called after loading protected void register() // should be called by install public boolean select() // called when the select command is received. Should return true public void deselect() // called when the card is reset or when other applet is selected abstract void process(apdu apdu) // executes the commands received and builds an answer } 26
APPLET OPERATION Using an applet Host system Card reader (CAD) Install for install Select applet Other command Select another applet or reset JCRE install()* select() process() deselect() Applet * Should build an instance (new) and register() 27
STANDARDIZATION ORGANIZATIONS ETSI/SCP European Telecommunications Standards Institute / Smart Card Platform http://www.etsi.org EMVCo Europay, Mastercard, VISA payment transactions and applications http://www.emvco.com GSM Association http://www.gsma.com Mobey Forum Mobile Finantial Services http://www.mobeyforum.org/ Global Platform https://www.globalplatform.org/home.asp SIM Alliance http://simalliance.org/ 28
BIBLIOGRAPHY (1) Chen Zhiqun Chen, Java Card Technology for Smart Cards, Addison-Wesley, 2000 EMVCo EMV Books 1-4, Version 4.3, 2011. https://www.emvco.com/specifications.aspx?id=223 ETSI TS 102 226, Smart Cards: Remote APDU structure for UICC based applications (Release 13), 2016 http://www.etsi.org/standards-search GP Global Platform Card Specification version 2.3, 2015 https://www.globalplatform.org/specificationscard.asp Hillebrand F. Hillebarand, GSM & UMTS - The Creation of Global Mobile Communication, Wiley, 2002 ISO/IEC ISO/IEC Standard 7816 part 4, Organization, security and commands for interchange, 2013 http://www.iso.org/iso/home/store/catalogue_ics.htm 29
BIBLIOGRAPHY (2) ISO/IEC ISO/IEC Standard 14443 parts 1-4, Identification cards Contactless integrated circuit cards - Proximity cards, 2016 http://www.iso.org/iso/home/store/catalogue_ics.htm ITSO Integrated Transport Smartcard Organisation Specification v 2.1.4, 2015 https://www.itso.org.uk/the-specification MAOSCO MultOs operating system developers guide, 2016 http://www.multos.com/developer_centre/technical_library Oracle Java Card Platform Specification, v. 3.0.5, 2015 https://docs.oracle.com/javacard/3.0.5 Rankl W. Rankl and W. Effing, Smart Card Handbook, Wiley, 2010 30