Download - 3 Smartcards Protocol Os
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 1/34
Smartcards
smartcard operating systems
Erik Poll
Digital Security
University of Nijmegen
1
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 2/34
Standard for contact smartcards ISO 7816
• 7816-1 Physical characteristics
• 7816-2 Dimension & size of contacts• 7816-3 Electronic signals and transmission protocols
– defines voltage & current requirements
•– standard set of commands
• 7816-5 Numbering system and Registration Produre for
Application Identifiers (AIDs)
• ....
2
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 3/34
Contact cards (ISO 7816-2)
External power supply and external clock
• Originally 5 V, now also 3V or 1.8V• . , , z
Vpp - higher voltage for writing EEPROM - no longer used
as it introduces a serious securit weakness
3
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 4/34
Smart card terminals
• Terminal (aka CAD, Card Acceptance Device) and
smartcard operate as Master & Slave– smartcard cannot initiate actions
4
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 5/34
The Terminal Problem!
• no trusted I/O between user and card
– no trusted display– no trusted keyboard
– w y is t is a pro em?
– , ,fingerprint readers.
5
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 7/34
APDU communication (ISO 7816-4)
All subsequent communication via APDUs
A lication Protocol Data Unitswhich are just sequences of bytes in particular format
1. Terminal sends command APDU2. Card replies with response APDU
etc, etc ....
7
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 8/34
Command APDU
• CLA class byte
A I S c ... ata .... e
• INS instruction byte
• P1,P2 parameters obligatory
• Lc length of data block• Data Lc bytes of data
• Le length of expected response op ona
8
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 9/34
Response APDU
• Data : Le bytes of data (optional)
a a ...
• SW1, SW2 : status word (obligatory)
9
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 10/34
APDU coding conventions
• Some conventions for CLA, INS etc. are given in ISO
7816-4
• Conventions for status word SW1 SW2
– norma processing 61xx, 9000– warning processing 62xx, 63xx
– ,
– coding error 67xx, 6Fxx
10
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 11/34
Logical channels
• Modern cards provide several logical channels to talk
to multiple applications on the card concurrently
– eg mobile phone talking to phone book and organiser
11
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 12/34
Future
• ISO7816 protocol stems from 80s and it shows
slow speed & small size of APDUs a bottleneck!• faster communication speeds wanted
– eg. USB 2.0
• more modern protocols wanted?– http(s)
12
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 13/34
mar car so wareand Operating Systems
13
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 14/34
Smartcard operating systems
• Similar evolution as for normal OSs, but faster
– additional factor: storing code in ROM vs EEPROM
• Still very primitive compared to normal OSs such as
n ows or nux– no multi-programming, hardly any I/O, ...
• but multi-threading in newest JavaCard 3.0...
14
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 15/34
Smartcard OS
Tasks:
• life-cycle management– of card + individual applications
• instruction processing
• memory management• I/O
• hardware error handling– incl. support for atomic EEPROM updates
card tear
15
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 16/34
Typical application life cycle
• installation of application (aka applet)
– uploading & installing code• personalisation
– uploading application data
– a terwar s, app ication starts in norma active i e• end-of-life –
– possibly leaving logging functionality enabled
– u on external command or because the card noticessomething fishy going on
16
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 17/34
Smartcard life cycle (ISO 10202-1 - cancelled)
– testing & removing test functionality
Card re aration
– completing OS
Application preparation incl. Personalisation
– initialising applications – personalisation / individualisation
• both e ectrica y & optica y
Card utilisation
–
End of card utilisation
– de-activating applications
17
–
de-activating cards
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 18/34
Smartcard OS evolution
1. no OS: one application, burnt into ROM
2. standard libraries in ROM, applications in EEPROM3. proprietary operating systems
– programs written in machine code or C
– providing standardised file system (IS07816-4) withaccess control
.– MULTOS
– JavaCard5. next generation, experimental `concept' card
– JavaCard 3.0
18
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 20/34
Modern multi-application cards
• Downloadable program code, in high level language
– multi-application– post-issuance download
• Examples
– MULTOS• first of these "modern" smartcard OSs
– ava ar
• esp. popular as GSM sims
–• since abandoned
20
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 21/34
Modern multi-application cards
pros
• vendor-independence– old cards have proprietary OSs and instruction sets
• fast development & quick time-to-market– .
cons• overhead – ample memory & CPU power needed
– more expensive card needed
• complexity – w c r ngs secur y concerns
• and abstraction can be a dangerous illusion for the defender
Financial sector much more conservative than telecom sector
21
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 23/34
• car prov es a r ua ac ne n erpre ng(MULTOS Executable Language)
• originally developed for electronic purse systemMondex
– by BT, Westminster & Midland banks in the UK
• designed for ITSEC EC6-high evaluation
23
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 24/34
.
e nex -genera on smar car
• multi-threading –
• communication with https:// – the s artcard is a web-ser er
But who will use it??• intended market: telco
• not all card manufacturers produce JC 3.0, or
have the intention to
24
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 25/34
an arfunctionality & commands
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 26/34
IS0 7816-4 file system
• MF (Master File) – ie. root directory
• DF (Directory Files)• EF (Elementary Files) - external or internal
• internal = for use of OS only
– file formats:• binar
• lineair fixed sized records
• lineair variable sized records• cyclic fixed sized records (why?...)– useful for logging
–
26
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 27/34
File attributes
Also includes more baroque things such as
• WORM (Write Once, Read Many time)– realised in hardware or software
• EDC (Error Detection Code)
• multiple storage attribrute– for fre uentl used files to rolon lifetime of file iven
limited EEPROM life
• data transfer selection attribute
– on ua -contact car s, to ma e e access e on y v acontact or contactless interface
27
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 28/34
ISO 7816 commands
• ISO 7816 defines a set of standard commands for
– file s stem access and mana ement– PIN codes
– authentication b challen e-res onse
– crypto
• Related standards, that build on top of this
– EMV for banking cards– GSM 11.11 and its superset EN 726-3 for SIMS
– United Nations ICAO specs for e-passport
28
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 29/34
File access commands (ISO 7816)
Standard commands for
• reading & writing– eg READ BINARY, READ RECORD, ...
– increase & decrease by n
• or cyc ic i es
• append
•
• lock & rehabilitate
29
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 30/34
Identification command (ISO 7816)
• VERIFY command
– for PIN code verification• CHV = Card Holder Verification = PIN
– also used for verification of biometric aspects
30
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 31/34
Example Authentication Protocols
• ISO7816 proposes some standard instructions for
authentication using challenge-response• authentication of card
– INTERNAL AUTHENTICATE
• argumen s: ran om, a gor m , ey no
• card returns: enc(key,random)
•– GET CHALLENGE
• card returns random number– EXTERNAL AUTHENTICATE
• arguments: enc(key, random), algorithm, key no
31
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 32/34
Example Authentication Protocols
• mutual authentication
– GET CHIP NUMBER• card returns chip number
– GET CHALLENGE
• car re urns smar car ran om s_rn
– MUTUAL AUTHENTICATE
• ar u ents: enc e ter inal rando s rnd chi _number), algorithm, key no
• card returns: enc(key, terminal random, s_rnd)
32
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 33/34
• asymme r c cryp o, e. pu c pr va e eys
– pro? cons?
– pro? cons?
33
8/11/2019 3 Smartcards Protocol Os
http://slidepdf.com/reader/full/3-smartcards-protocol-os 34/34
• s an ar ec n que o re uce ass e o ey
manangement with many symmetric keys
• terminals or central back-end has a master key M
• card with uni ue card nu ber ha e an indi idua
diversified key derived from the master key M and x – eg. Mx = AESM(x)
34