3 Smartcards Protocol Os

8/11/2019 3 Smartcards Protocol Os

http://slidepdf.com/reader/full/3-smartcards-protocol-os 1/34

Smartcards

smartcard operating systems

Erik Poll

Digital Security

University of Nijmegen

1



Standard for contact smartcards ISO 7816

• 7816-1 Physical characteristics

• 7816-2 Dimension & size of contacts• 7816-3 Electronic signals and transmission protocols

– defines voltage & current requirements

•– standard set of commands

• 7816-5 Numbering system and Registration Produre for

Application Identifiers (AIDs)

• ....

2



Contact cards (ISO 7816-2)

External power supply and external clock

• Originally 5 V, now also 3V or 1.8V• . , , z

Vpp - higher voltage for writing EEPROM - no longer used

as it introduces a serious securit weakness

3



Smart card terminals

• Terminal (aka CAD, Card Acceptance Device) and

smartcard operate as Master & Slave– smartcard cannot initiate actions

4



The Terminal Problem!

• no trusted I/O between user and card

– no trusted display– no trusted keyboard

– w y is t is a pro em?

– , ,fingerprint readers.

5





APDU communication (ISO 7816-4)

All subsequent communication via APDUs

A lication Protocol Data Unitswhich are just sequences of bytes in particular format

1. Terminal sends command APDU2. Card replies with response APDU

etc, etc ....

7



Command APDU

• CLA class byte

A I S c ... ata .... e

• INS instruction byte

• P1,P2 parameters obligatory

• Lc length of data block• Data Lc bytes of data

• Le length of expected response op ona

8



Response APDU

• Data : Le bytes of data (optional)

a a ...

• SW1, SW2 : status word (obligatory)

9



APDU coding conventions

• Some conventions for CLA, INS etc. are given in ISO

7816-4

• Conventions for status word SW1 SW2

– norma processing 61xx, 9000– warning processing 62xx, 63xx

– ,

– coding error 67xx, 6Fxx

10



Logical channels

• Modern cards provide several logical channels to talk

to multiple applications on the card concurrently

– eg mobile phone talking to phone book and organiser

11



Future

• ISO7816 protocol stems from 80s and it shows

slow speed & small size of APDUs a bottleneck!• faster communication speeds wanted

– eg. USB 2.0

• more modern protocols wanted?– http(s)

12



mar car so wareand Operating Systems

13



Smartcard operating systems

• Similar evolution as for normal OSs, but faster

– additional factor: storing code in ROM vs EEPROM

• Still very primitive compared to normal OSs such as

n ows or nux– no multi-programming, hardly any I/O, ...

• but multi-threading in newest JavaCard 3.0...

14



Smartcard OS

Tasks:

• life-cycle management– of card + individual applications

• instruction processing

• memory management• I/O

• hardware error handling– incl. support for atomic EEPROM updates

card tear

15



Typical application life cycle

• installation of application (aka applet)

– uploading & installing code• personalisation

– uploading application data

– a terwar s, app ication starts in norma active i e• end-of-life –

– possibly leaving logging functionality enabled

– u on external command or because the card noticessomething fishy going on

16



Smartcard life cycle (ISO 10202-1 - cancelled)

– testing & removing test functionality

Card re aration

– completing OS

Application preparation incl. Personalisation

– initialising applications – personalisation / individualisation

• both e ectrica y & optica y

Card utilisation

–

End of card utilisation

– de-activating applications

17

–

de-activating cards



Smartcard OS evolution

1. no OS: one application, burnt into ROM

2. standard libraries in ROM, applications in EEPROM3. proprietary operating systems

– programs written in machine code or C

– providing standardised file system (IS07816-4) withaccess control

.– MULTOS

– JavaCard5. next generation, experimental `concept' card

– JavaCard 3.0

18





Modern multi-application cards

• Downloadable program code, in high level language

– multi-application– post-issuance download

• Examples

– MULTOS• first of these "modern" smartcard OSs

– ava ar

• esp. popular as GSM sims

–• since abandoned

20



Modern multi-application cards

pros

• vendor-independence– old cards have proprietary OSs and instruction sets

• fast development & quick time-to-market– .

cons• overhead – ample memory & CPU power needed

– more expensive card needed

• complexity – w c r ngs secur y concerns

• and abstraction can be a dangerous illusion for the defender

Financial sector much more conservative than telecom sector

21





• car prov es a r ua ac ne n erpre ng(MULTOS Executable Language)

• originally developed for electronic purse systemMondex

– by BT, Westminster & Midland banks in the UK

• designed for ITSEC EC6-high evaluation

23



.

e nex -genera on smar car

• multi-threading –

• communication with https:// – the s artcard is a web-ser er

But who will use it??• intended market: telco

• not all card manufacturers produce JC 3.0, or

have the intention to

24



an arfunctionality & commands



IS0 7816-4 file system

• MF (Master File) – ie. root directory

• DF (Directory Files)• EF (Elementary Files) - external or internal

• internal = for use of OS only

– file formats:• binar

• lineair fixed sized records

• lineair variable sized records• cyclic fixed sized records (why?...)– useful for logging

–

26



File attributes

Also includes more baroque things such as

• WORM (Write Once, Read Many time)– realised in hardware or software

• EDC (Error Detection Code)

• multiple storage attribrute– for fre uentl used files to rolon lifetime of file iven

limited EEPROM life

• data transfer selection attribute

– on ua -contact car s, to ma e e access e on y v acontact or contactless interface

27



ISO 7816 commands

• ISO 7816 defines a set of standard commands for

– file s stem access and mana ement– PIN codes

– authentication b challen e-res onse

– crypto

• Related standards, that build on top of this

– EMV for banking cards– GSM 11.11 and its superset EN 726-3 for SIMS

– United Nations ICAO specs for e-passport

28



File access commands (ISO 7816)

Standard commands for

• reading & writing– eg READ BINARY, READ RECORD, ...

– increase & decrease by n

• or cyc ic i es

• append

•

• lock & rehabilitate

29



Identification command (ISO 7816)

• VERIFY command

– for PIN code verification• CHV = Card Holder Verification = PIN

– also used for verification of biometric aspects

30



Example Authentication Protocols

• ISO7816 proposes some standard instructions for

authentication using challenge-response• authentication of card

– INTERNAL AUTHENTICATE

• argumen s: ran om, a gor m , ey no

• card returns: enc(key,random)

•– GET CHALLENGE

• card returns random number– EXTERNAL AUTHENTICATE

• arguments: enc(key, random), algorithm, key no

31



Example Authentication Protocols

• mutual authentication

– GET CHIP NUMBER• card returns chip number

– GET CHALLENGE

• car re urns smar car ran om s_rn

– MUTUAL AUTHENTICATE

• ar u ents: enc e ter inal rando s rnd chi _number), algorithm, key no

• card returns: enc(key, terminal random, s_rnd)

32



• asymme r c cryp o, e. pu c pr va e eys

– pro? cons?

– pro? cons?

33



• s an ar ec n que o re uce ass e o ey

manangement with many symmetric keys

• terminals or central back-end has a master key M

• card with uni ue card nu ber ha e an indi idua

diversified key derived from the master key M and x – eg. Mx = AESM(x)

34

Documents

3 Smartcards Protocol Os