smart card handbook - gbv
TRANSCRIPT
Smart Card Handbook W. Rankl W. Effing Giesecke & Devrient GmbH Munich, Germany
Translated by Chanterelle Translations London, UK
JOHN WILEY & SONS Chichester • New York • Weinheim • Brisbane • Singapore • Toronto
Contents
••••MBBBMIHHMHHBMiBaBHBBBHBHI^HHBHHHHBHHBMHBBMI^KMBI^HHBHBHHMBHft
FOREWARD TO THE SECOND EDITION XI
SYMBOLS AND NOTATION XV
1 INTRODUCTION 1 1.1 The History of Smart Cards 2 1.2 Applications 4
1.2.1 Memory cards 4 1.2.2 Microprocessor Cards 5
1.3 Standardization 6
2 TYPES OF CARDS 9 2.1 Embossed Cards 9 2.2 Magnetic Stripe Cards 10 2.3 Smart Cards 12
2.3.1 Memory Cards 12 2.3.2 Microprocessor Cards 13 2.3.3 Contactless Smart Cards 14
2.4 Optical Memory Cards 15
3 PHYSICAL AND ELECTRICAL PROPERTIES 17 3.1 Physical properties 17
3.1.1 Formats 18 3.1.2 Cards with contacts 21 3.1.3 Cards without contacts 23 3.1.4 Security features 33
3.2 The Body of the Card 35 3.2.1 Smart Card Material 36 3.2.2 Production methods 37
3.3 Electrical Properties 40 3.3.1 Circuitry 41 3.3.2 Supply voltage 42 3.3.3 Supply current 43 3.3.4 Clock supply 44 3.3.5 Data transmission 45
VI CONTENTS
3.3.6 Booting/Shutdown Sequence 45 3.4 Smart Card Microprocessors 46
3.4.1 Processor types 49 3.4.2 Memory types 50 3.4.3 Supplementary hardware 56
4 FUNDAMENTALS OF INFORMATION TECHNOLOGY 61 4.1 Error Detection and Error Correction Codes 61
4.1.1 XOR checksums 62 4.1.2 CRC checksums 63 4.1.3 Error correction by multiple storage 65
4.2 Encryption 66 4.2.1 Symmetrie crypto-algorithms 70 4.2.2 Asymmetrie crypto-algorithms 75 4.2.3 Padding 81 4.2.4 Message authentication code 82
4.3 Hash Functions 83 4.4 Random Numbers 84
4.4.1 Random number generation 85 4.4.2 Testing random numbers 87
4.5 Data Structuring 89 4.6 State Automata 92
4.6.1 Fundamentals of automata theory 93 4.6.2 Practical application 94
4.7 SDLSymbolism 96
5 OPERATING SYSTEM ARCHITUCTURE 99 5.1 History.. 100 5.2 Fundamental Principles 101 5.3 Design and Implementation Principles 104 5.4 Program Code Sections 107 5.5 Memory Organization 107 5.6 Data Structures in the Smart Card 111
5.6.1 Types offiles 112 5.6.2 File hierarchies 114 5.6.3 Filename 114 5.6.4 Addressing 116 5.6.5 File structures 118 5.6.6 Access 122 5.6.7 Attribute 123
5.7 File Management 124 5.8 Execution Control ....126 5.9 Atomic Routines 127 5.10 Code Programmed in Circuit 128
6 DATA TRANSMISSION TO THE SMART CARD 133 6.1 Physical Transmission Layer 135 6.2 Transmission Protocols 139
6.2.1 Synchronous data transmission 141 6.2.2 Transmission protoeol T=0 147
CONTENTS Vü
6.2.3 Transmission protocol T=l 152 6.2.4 Comparison of asynchronous transmission protocols 163
6.3 Answer to Reset 164 6.4 Protocol Type Selection 173 6.5 Message Structure 177
6.5.1 Instruction APDU structure 178 6.5.2 Response APDU structure 180
6.6 Secure Messaging 182 6.6.1 The Authentic Procedure 185 6.6.2 The combined procedure 186 6.6.3 Transmission sequence counter 188
6.7 Logical Channels 189
THE INSTRUCTION SET 191 7.1 File Selection 194 7.2 Read and Write Instructions 196 7.3 Search Instructions .204 7.4 File Operations 205 7.5 Identification Instructions 208 7.6 Authentication Instructions 210 7.7 Instructions for Cryptographic Algorithms 214 7.8 File Management 217 7.9 Instructions for Electronic Purses 223 7.10 Credit Card Instructions 227 7.11 Completing the Operating System 228 7.12 Hardware Testing Instructions 230 7.13 Application Specific Instructions 233 7.14 Transmission Protocol Instructions 234
SECURITY METHODS 237 8.1 User Identification 237
8.1.1 Input of secret numbers 238 8.1.2 Biometrie methods 239
8.2 Authentication 246 8.2.1 Unidirectional Symmetrie authentication 247 8.2.2 Mutual Symmetrie authentication 249 8.2.3 Static asymmetric authentication 250 8.2.4 Dynamic asymmetric authentication 253
8.3 Digital Signatare 254 8.4 Key Management 256
8.4.1 Derivedkeys 257 8.4.2 Key diversification 257 8.4.3 Key versions 257 8.4.4 Dynamic keys 258 8.4.5 Key data 258 8.4.6 Example: key manager 259
8.5 Smart Card Security 261 8.5.1 Technical options for chip hardware 261
8.5.1.1 Passive protective mechanisms 262 8.5.1.2 Active protective mechanisms 263
VHI CONTENTS
8.5.2 Software protection mechanisms 264 8.5.3 The applications's protective mechanisms 266
8.6 Typical Attack and Defence Mechanisms 267 8.6.1 Attacks at the physical level 268 8.6.2 Attacks at the logical level 270
9 QUALITY ASSURANCE AND TESTING 273 9.1 Testing the Card's body 9.2 Microprocessor Hardware Tests 279 9.3 Testing Microprocessor Software 280
9.3.1 Security tests 281 9.3.2 Software testing methods 283 9.3.3 Dynamic testing of operating Systems and applications 289
10 SMART CARD MANUFACTURING 293
11 SMART CARD TERMINALS 307 11.1 Mechanical Features 309 11.2 Electrical Properties 312 11.3 Security Methods 314
12 SMART CARDS IN ELECTRONIC PAYMENT SYSTEMS 317 12.1 Card-Based Payment Transactions 318
12.1.1 Electronic payment transactions with Smart Cards 318 12.1.2 Electronic funds 322 12.1.3 Fundamental options for System architecture 324
12.2 Prepaid Memory Cards 326 12.3 Electronic Purses 327
12.3.1 CEN Standard prEN 1546 328 12.3.2 The Mondex System 342
12.4 Chip-Containing Credit Cards 347
13 SAMPLE APPLICATIONS 355 13.1 Contact less memory cards in the airline industry 355 13.2 Electronic Toll Systems 358 13.3 GSM Network 362
14 APPLICATION DESIGN 369 14.1 General Notes and Data 369
14.1.1 Microprocessor 369 14.1.2 Application 372 14.1.3 System 374
14.2 Aids to the generation of Applications 375 14.3 Examples of Application Design 377
14.3.1 Purse for a gaming machine 378 14.3.2 Access control 381
15 APPENDIX 385 15.1 Glossary 385 15.2 Literature 396
CONTENTS IX
15.3 Standards List with Commentary 397 15.4 Characteristic Values and Tables 410
15.4.1 Time interval for ATR 410 15.4.2 Conversion table for ATR data elements 410 15.4.3 Calculation table for transmission speed 411 15.4.4 Table for sensing points 412 15.4.5 Table of class bytes used 413 15.4.6 Table of the most important Smart Card instructions 413 15.4.7 Summary of instruction bytes inuse 416 15.4.8 Important Smart Card return codes 418 15.4.9 Typical instruction execution times 420 15.4.10 Sample codings of Smart Card instructions 422 15.4.11 Selected chips for memory cards 423 15.4.12 Selected Smart Card microprocessors 427
INDEX 435