SMART CARDS

1
SMART CARDS
2
Smart Card Introduction

• A smart card is a credit-card sized plastic card
  with an embedded computer chip
• microprocessor with internal memory
• memory chip with non-programmable logic

Chip connection

• via direct physical contact
• remotely via a contactless electromagnetic
  interface

3
History

• 1974 - inventor Roland Moreno
• 1970s - patents by inventors in Germany, Japan,
  and France -- mostly only research and
  development
• 1980s -- first high volume opportunities
• French National Visa Debit Card
• France Telecom

4
Trends

• 1 billion cards per year (since 1998)
• 95 of these cards are issued in Europe, South
  America, and Asia
• In year 2000, over 3 billion cards in
  circulation worldwide
• 15 of the total in use in US and Canada
• Compare to 900 million credit cards in use
• Worldwide smart card market is expected to
  generate more than 2 billion in revenue in 2001

5
Kinds of Cards

• Contact -- requires insertion into a smart card
  reader with a direct connection to a conductive
  micro-module on the surface of the card -- ISO
  7816 series, part 1-10 standard
• Contactless -- requires only close proximity to
  a reader. Both reader and card have antenna --
  ISO 14443 standard
• Hybrid -- has 2 chips, each with its respective
  contact and contactless interface -- 2 chips are
  not connnected
• Combi -- access single chip via contact or
  contactless interface

6
Applications (1 of 3)

• Telephony
• 300 GSM mobile telephones with smart cards
• Payphones use instead of coins in 100 countries
  -- Germany, France, UK, Brazil, Mexico, China
• small dish TV satellite receiver uses a smart
  card as its removable security element
• Financial
• French Visa Debit card (25 million) has a chip
  in it
• Germany, 40 million banking cards
• EuroPay, MasterCard, and Visa all have smart
  card programs
• Portugal and Singapore, banking networks have
  electronic purse projects

7
Applications Continued (2 of 3)

• Health
• Germany solution deployed over 80 million cards
  to every person in Germany and Austria to reduce
  costs associated with delivering services in
  national health care programs
• France, government project Sesam Vitale--to
  deploy over 10 million smart cards
• Loyalty
• Boots project and Shell projects use smart card
  to identify loyal customers and reward them
• In US, Rite Aid and SouthPark shopping mall use
  smart card based reward systems
• Information Technology
• every PC may start shipping with smart card
  reader

8
Applications Continued (3 of 3)

• Mass Transit
• one of first projects to deploy contactless card
  technology is the Seoul Bus Association -- SCIA
  1998 award
• Identification
• college campus IDs -- 1 million in US alone (1
  in 17 students) -- even more universities outside
  US
• drivers licenses
• immigration cards
• Government
• US Federal government initiatives -- federal
  employees use one card for multiple agency
  applications

9
Technology

• Memory Card
• 103 bits to 4KB of data
• depend on security of card reader (card
  accepting device) for their processing
• memory cards represent the bulk of smart cards
  sold last year, primarily for pre-paid disposable
  applications like pre-paid phone cards

• Microporcessor Card or chip cards
• add, delete and otherwise manipulate information
  in its memory
• 8, 16, 32-bit architectures
• data storage capacity ranges from 300 bytes to
  32K bytes

• Optical Memory Cards
• CD glued on top -- up to 4 MB of data -- medical
  history, driving records

10
Comparison
11
Common Micro-controller Chips
F - clock frequency--too fast influences timings
for writing EEPROM too slow, may be
step-by-step L - light exposure and passivation
sensor--micro-module was opened V - abnormal
voltage--influences random number generator and
EEPROM circuitry W - witness cell--detects if the
EEPROM was erased abnormally Surface area ranges
from 3.5 x 3.5 mm up to approximately 5.5 x 5.5
mm NVM is EPROM or more typically EEPROM
(electrically erasable programmable memory)
12
Operating Systems

• Java Card 2.1.1 Platform
• Platform independent
• Multi-Application Capable
• Post-Issuance of Applications
• Flexible
• Compatible with Existing Smart Card Standards
• Microsoft Windows for Smart Cards Toolkit
• Customize your own smart card operating system
• Choose from the most popular micro-controllers
• Develop applications for the smart card and the
  PC using Visual Basic
• Simulate and debug in Visual Studio before
  deployment
• Others -- also manufacturer-specific operating
  systems

13
Cryptography

• EEPROM size is a critical issue in design of
  public-key algorithms were keys are relatively
  large. Optimization techniques are used
• regenerate public keys from secret keys when
  needed
• regenerate secret keys from shorter seeds
  (smaller secret numbers)
• avoid large-key schemes (for instance
  Fiat-Shamir)
• implement compression algorithms for redundant
  data (text, user data, etc.)
• EEPROM garbage collection mechanisms

14
Arithmetic Coprocessors (ACPs)
Modular multiplication (d t mod n where t ab)
is most frequent operation. An arithmetic
coprocessor ACP is dedicated hardware for
computing d, or in some cases, an entire modular
exponentiation. ACPs operate in the following
steps 1. Hardware reset and initialization 2.
Loading (or refreshing) operands a, b, and
(optionally) n 3. Multiplication (possibly
repeated) 4. unloading the result Step 3 requires
the most clock cycles and grows as the square of
N (the operand size)--so is proportional to a 2nd
degree polynomial
15
Types of ACPs and Micro-Controller Chips

• Montgomery
• Motorola (calls theirs MAP)
• Thomson
• Universite Catholique de Louvain
• de Waleffe and Quisquater
• Philips
• Levy-dit-Vehel and Naccache
• Gemplus
• Bucci and other variants of Barrett
• Amtec
• Sedlak
• Siemens

16
High-level Implementation
Separate cryptographic schemes (RSA, DSA, Rabin,
GOST) from cryptographic operations (sign,
verify, encrypt, decrypt, hash, and key
exchange). Designers implement an I/O buffer in
the card into which the terminal writes data to
be processed. When the card performs a
cryptographic operation 1. A select command
selects a key file specific to a scheme. 2. A put
command writes data to process (message,
ciphertext, signature, etc.) to the I/O RAM
buffer. 3. A get command (specific to an
operation) retrieves the cards result.
17
Example (1 of 3)

• encryption of the message process me that with
  the RSA keys contained in file 2401
• the signature of the message 123 by DSA file
  334A and
• a Diffie-Hellman key exchange with the keys
  contained in file E1F3.
• select file 2401 // card to reader
• RSA, 768, s/e/i // RSA 768-bit key,
  signature/verify, encrypt/decrpt, identification
• put data // reader to card
• process me that

18
Example (2 of 3)
get data encrypt 0000 // card to
reader E32A371B908AB37 // encrypt.exe select
file 334A // card to reader DSA, 512, s put
data // reader to card 123 // data to
process get data sign 0000 // card to
reader ADE603B826FD304 // sign.exe
19
Example (3 of 3)
select file E1F3 // card to reader D-H, 512,
k // Diffie-Hellman, 512-bit key, key
exchange put data // reader to card some
data value // ax mod p get data key
exchange 2010 // card to reader AE589EB6A564CDD
// key_exch.exe returns ay mod p
20

• Unlike ACP designs, other functions are
  constantly changed and improved.
• Siemens offers elliptic-curve functions
• Gemplus offers several EEPROM options
• El Gamal
• Schnorr
• Rabin
• Russian GOST 34.10

21
Applicatons of Smart-Card Coprocessors

• Bull TB Crypt (Siemens 44C200) RSA, DSA, DH DES
• CP8 Oberthur TB 98 (Siemens 44C200) RSA DES
• Datakey Signasure (Siemens 44C200) RSA, DSA,
  DH DES
• Giesecke Devrient Starcos PK (Siemens
  44C200) RSA DES
• McCorquodale AMC04 (Unknown) RSA, DSA DES
• Oldenbourg ODS83 (Philips 83C852) RSA,
  DSA Unknown
• PC3 Smart-Card RSA (Thomson ST16CF54) RSA,
  DSA Secret key
• Philips TRT DX (Philips 83C852/8) RSA, DSA DES
• Schlumberger Multiflex 8K (Thomson
  ST16CF54) RSA DES
• Setec Setcard 5K RSA (Siemens 44C200) RSA DES
• Gemplus GPK 2000 (Thomson ST16CF54) RSA, DSA,
  DH, DES, SHA,
• Rabin, GQ MD5, GOST

22
Smart-card Performance for a 5-Mhz Clock
RSA 512-bit in milliseconds Chip S C V
K ST16CF54/A 385 150 50 5000 ST16CF54/B 195 SC
49 500 125 35 5600 SLE44CR80S 300
60 40 20000 SLE44C200 60 P83C852 225
70 P83C858 600
Ssignature without CRT Csignature
with CRT Vverification K (on board) key
generation time
23
Smart-card Performance for a 5-Mhz Clock
RSA 768 (ms) RSA 1024 (ms) Chip S C V
S C V ST16CF54/A 870 ST16CF54/B
185 185 SC49 4480 1112 168 5600 1499 168 SLE44C
R80S 630 450 SLE44C200 271 271
456 456 P83C852 2400 P83C858 2000 500
Ssignature without CRT Csignature with
CRT Vverification
24
Smart-card Performance for a 5-Mhz Clock
DSA (ms) Chip S V ST16CF54/A 150 350 ST1
6CF54/B SC49 114 250 SLE44CR80S 95 200
SLE44C200 92 P83C852 P83C858 70 130
25
MC68HC05SC49 Motorola SC49
Non-optimized, non-ACP-assisted HC05 code takes
at least 2 minutes to perform 512-bit RSA
signature (without CRT) compared to 500 ms. SC49
incorporates a firmware library of routines
including secret- and public-key algorithms--DES,
RSA, DSS, and SHA standards--and a range of
mathematical functions.
26
PCMCIA/Terminal Chip Performance
Chip Advantage Disadvantage Amtec (RSA
512) Very fast Exactly 512 bits Pijnenburg
(PC2200) Fast Limited to 1023 bits Cylink
(CY1024A) Limit is 16,384 bits Relatively slow
The most flexible designs in terms of operand
size are generally slower!
27
Logical Non-Invasive Attacks
All the key material of a smart card is stored in
the EEPROM. Since EEPROM write operations can be
affected by unusual voltages and temperatures,
information can be trapped by raising or dropping
the supplied voltage to the micro-controller. PIC
16C84 micro-controller --security bit of the
controller can be cleared without erasing the
memory by raising the voltage Vcc to Vpp -
0.5V. DS5000 security processor --a short
voltage drop can release the security lock
without erasing the secret data sometimes. Low
voltage can facilitate other attacks as well,
such as an analog random generator used to create
cryptographic keys will produce an output of
almost all 1s when the supply voltage is lowered
slightly. Sensors will cause alarm--however, if
they exist, often trigger false alarms on power
up.
28
Physical Attacks

• First, the circuit chip has to be removed from
  the plastic card.
• Use sharp knife to cut away plastic behind the
  chip module until the epoxy resin becomes
  visible.
• Then the resin can be dissolved by adding a few
  drops of fuming nitric acid (gt 98 HNO3).
• The acid and resin can be washed away by shaking
  the card in aceton until the silicon surface is
  fully exposed
• The chip can be examined and attacked directly.

29
Physical Attacks Continued
At Cavendish laboratory in Cambridge, a technique
is developed for reverse engineering the circuit
chips. The layout and function of the chip can
be identified using that technique. Then another
technique developed by IBM can be used to observe
the operation of the chip. As a result its
secret can be fully revealed.
30
Expensive Physical Attacks

• Erase the security lock bit by focusing UV light
  on the EPROM
• Probe the operation of the circuit by using
  micro-probing needles
• Use laser cutter microscopes to explore the chip
• These attacks are only available for well-funded
  laboratories as the costs are very high.