Smart cards, ePassports, …and Open Source

Martijn Oostdijk, NovayWojciech Mostowski, UTwente

whois

• Martijn Oostdijk, advisor @ Novay• Wojciech Mostowski, researcher @ Utwente• We share a history of applying formal

methods to smart cards (in Nijmegen)• And as a result started some open source

projects:– JMRTD.org (ePassport API & applet)– GPJ (Global Platform), ISO 18013 (eDL), PKI applet

Smart Cards

• Chances are you have at least 3 smart cards on you right now…– Banking (EMV debit/credit card)– Telecom (SIM card)– Government (passport / identity card)– Public transport (“OV chipkaart”)– Access control (access key card for building)– Conditional access (card for TV decoder)

• They’re EVERYWHERE!

Smart Cards• Simple computer, designed for security• Simple I/O (ISO 7816 comparable to RS 232)• With crypto processor• And security counter measures– Noise generator– Dual rail logic– Active grid

• Ranging from “filesystem with access control” to “fully programmable microcontroller”

Java Card

Java Card platformJava Card platform

smart card hardwaresmart card hardwareap

plet

appl

et

appl

etap

plet

appl

etap

plet

Java CardVirtual Machine Java Card API

Command APDU

Response APDU

Java Card

• Higher level of abstraction than native assembly programming (but only slightly)

• Published standard: JLS, JCVM• Multiple applets on one card• Use standard Java toolset to develop for JC• Simpler VM: 16 bit arithmetic, simpler API, no

floats• More complex: transactions, applet firewall• Crypto API (for access to crypto processor)

ePassports

10

Why? Document authenticity

Special paper,some stampstypewriter

Cheaper to altergenuine than tofabricate one

Look-a-likefraud cheaperthan documentfalsification

Polycarbonateholder page

Watermark Document withpublic key crypto signature

11

Why? Extra info on user

• Face ~ 449x599 .jpg ~ 20KB– Machine can do (reasonable) match– Human inspector gets better quality

• Fingerprints ~ 35KB– Machine can do match

• Signature ~ 2KB– Machine can check authenticity, based

on country root certificate

Compare QR code: 7KB max

12

Why? ABC

• ePasport == Privium for mere mortals

[Link]

DEMO

OSS coding “in the boss’s time”

• @RU 2006: BZK funded security test ePassport• @RU 2009: BZK funded security test EAC• @RU/Novay: RDW funded pilot• @Novay: NLnet funded project• @Novay: project for ScanTech-IT (Denmark)

Conclusions• Smartcard == “secure core” computer• ePassport primarily for doc authenticity, we will

have to see about biometric, ABC, etc.

• Academic project == good starting point OSS• Smart cards, Java Card, ePassport … small incrowd

of developers & users. It’s not Linux / OpenOffice• Still, some adoption, and developers, perhaps

NFC in more handsets will help

More Info

• http://jmrtd.org• http://isodl.sf.net• http://javacardsign.sf.net• http://gpj.sf.net• http://martijno.blogspot.com • http://wwwhome.ewi.utwente.nl/~mostowski

wi/