Escolar Documentos
Profissional Documentos
Cultura Documentos
Smart Cards
H. Karen Lu1, Senior IEEE Member, Asad M. Ali1, Stephane Durand2, and Laurent Castillo2
Gemalto, Inc., 1Arboretum Plaza II, 9442 Capital of Texas Highway, North, Austin, TX, USA
2
6 rue de la Verrerie, Meudon Cedex France 92197
email: {karen.lu, asad.ali, stephane.durand, laurent.castillo}@gemalto.com
2
Authorized licensed use limited to: DELHI TECHNICAL UNIV. Downloaded on December 31, 2009 at 05:44 from IEEE Xplore. Restrictions apply.
clients, which communicate with remote servers using Due to the master/slave operation mode of MSD, the host
HTTPS. agent must poll the card agent to see if it has anything to send.
Figure 3 summarizes our new smart card communication Polling consumes computing resource and is not efficient. To
framework. This framework enables USB smart cards to be solve this problem, the smart card also enumerates an HID.
plug-and-play without software installation, to provide The card agent uses HID to signal the host agent when it has
security services to Internet applications, and to leave nothing data to send. The combination of MSD and HID achieves
behind on the host computer after usage. The next few peer-to-peer communication.
sections describe different parts of the framework. The computer file system is designed for storing, retrieving,
and managing files, but not for general purpose
communication. Therefore, to use files for communication, we
need to define higher-level protocols. On the one hand,
applications should not worry about details of the
communication; hence the communication protocol should be
application-independent. On the other hand, different
applications have different data transport requirements. For
example the transport requirements between a smart card and
an application on a local host are different from those between
the smart card and a remote server over the Internet. Some
applications may require ISO 7816 APDU as transport while
others may prefer standard Internet protocols. Some
applications require card user privileges while others may
require card administrator privileges. Therefore, an
application-dependent communication protocol layer is also
needed.
Figure 3. The new smart card communication framework.
ALP: Application Layer Protocol
IV. COMMUNICATION BETWEEN HOST AND CARD AGENTS CLP: Communication Layer Protocol
File System HID: Human Interface
Assume that the smart card has a full-speed USB interface
MSD: Mass Storage Device Device
and the host computer has no CCID driver enabled. In order to
USB: Universal Serial Bus
communicate and to achieve plug-and-play, the smart card
must use pre-installed USB device drivers that enable sending Figure 4. Communication stack
data in both directions, require no software installation, and
Based on the above requirements, our communication
need no administrator privileges to use.
protocols have two layers: the lower layer is called
After examining USB device drivers on typical computers,
Communication Layer Protocol (CLP) that is purely for
we have found that only two USB protocols, Mass Storage
communication; the upper layer is called Application Layer
Class Device (MSD) and Human Interface Device (HID) [7],
Protocol (ALP) that supports application protocols. The CLP
can satisfy the above requirements. HID provides means for
layer provides a secure communication channel between the
low latency communication that a device initiates. A USB
host agent and card agent, including key management and
keyboard and mouse are both examples of HIDs. However,
diversification, host agent authenticity, data encryption, and
HID data throughput is capped at 64 KB per second with a
data integrity. Figure 4 illustrates the communication stack.
full-speed USB device. In contrast, MSD can reach the
maximum throughput of the bus (1.2 MB/s) with the same A. Communication Layer Protocol
device, but it has the lowest priority access on the bus and The Communication Layer Protocol (CLP) combines a
behaves in a master/slave mode only. If a smart card had a MSD with a HID. It enables the host and card agents to
high speed USB interface, HID would be fast enough. communicate securely and efficiently. Figure 5 illustrates the
However, current USB smart cards only support full speed inner workings of the CLP.
USB; using HID alone would be inefficient. To take The host agent uses a CLP library to communicate with the
advantages of MSD’s throughput and HID’s low latency, we smart card. The CLP library accesses an input file and an
combine MSD with HID in the smart card. The resulting output file, which are both stored on an MSD presented by the
communication model is both efficient and responsive. smart card, and responds to the HID signals sent by the same
To enable plug-and-play and communication, we have a device. The smart card communicates through a dedicated
USB smart card enumerate two MSDs and one HID. The first CLP driver connected to MSD and HID device drivers.
MSD is read-only, which stores computer-readable files. The To send data to the smart card, the CLP library writes to the
host agent resides on this MSD as described in Section III. CLP output file through host computer’s file system calls. The
The host and card agents communicate via files using the MSD driver on the smart card intercepts the low level write
second MSD (Figure 2). request from the host and relays the data written to the CLP
3
Authorized licensed use limited to: DELHI TECHNICAL UNIV. Downloaded on December 31, 2009 at 05:44 from IEEE Xplore. Restrictions apply.
layer to upper layer software. the smart card’s host agent related files stored on the first
To receive data from the smart card, the CLP library waits a MSD partition. The card management system uses ALP 3
HID signal from the device. This operation has no CPU cost commands to administrate the smart card, for example, to
since the USB hardware manages it. update a file in card’s internal secure memory. To protect the
integrity of the product, both ALP 2 and ALP 3 operate in
authenticated and encrypted sessions.
HID signal
C. Communication Security
The smart card communicates with its client software
CLP-enabled software
CLP-enabled software
CLP drivers on device
CLP device MSD running on the host computer to accomplish its tasks. The card
CLP library
To send data to the host computer, the smart card first V. COMMUNICATION WITH A STANDARD WEB BROWSER
readies the data in the CLP input file’s internal buffer, and
We use a standard web browser on a PC to provide human
then sends a HID signal to the host computer. Upon reception
interface to the smart card. The host agent implements a HTTP
of the HID signal, the CLP library reads the CLP input file
web server that serves the web browser and facilitates smart
through host computer’s file system calls. Once received the
card access. The communication protocol between the browser
low level read request from the computer, the MSD driver on
and the web server is HTTPS.
the smart card gets the data from the internal buffer and sends
To support TLS for HTTPS, the smart card maintains a
it to the computer.
RSA key pair and an x.509 certificate for host agent’s web
The CLP layer makes no assumption about data being
server. It keeps the private key in its secure memory, and
transmitted. A CLP frame consists of a 2-bytes header
stores the certificate and the public key in a MSD partition
followed by a payload. The header contains the payload
visible from the host computer. In this way, the web server can
length. The payload may contain one ALP frame or one
easily get the certificate during TLS handshaking.
command frame. Commands are defined for maintenance and
To achieve performance and maintain security, the host
management of the communication channels.
agent implements the TLS protocol in collaboration with the
B. Application Layer Protocol smart card. During the TLS handshaking, the host agent does
The Application Layer Protocol (ALP) enables applications computationally intensive work, including computing digest
to define or choose appropriate transport. An ALP frame and generating session keys; the smart card does security
begins with a 2 bytes header followed by its payload. The critical parts, including decrypting the pre-master secret
header contains information about the ALP type, payload (PMS) using the private key [9]. Once the handshaking
length, and if the payload is encrypted and/or compressed. completes, the browser and the web server in the host agent
Each ALP type represents a specific transport type, for communicate securely using HTTPS.
example, ISO 7816 APDU, HTTP, or TCP/IP.
The ALP types that we have implemented include: VI. COMMUNICATION WITH A REMOTE WEB SERVER
ALP Type 1 encapsulates ISO 7816 APDUs. It enables The smart card communicates with remote servers over the
reusing existing smart card operating systems and interfaces Internet for two general purposes:
for applications using an USB connection. 1. To provide security services to Internet applications; for
ALP Type 2 is used to administrate the MSD on the smart example, to authenticate a remote server before a user logs
card, for example, adding files to MSD. into the server, and to send the user data stored in the card to
ALP Type 3 transports card administrative commands. The the remote server securely when needed.
security mechanisms of this type use a PKI infrastructure that 2. To enable online token management after smart card
enables a higher degree of trust and security. This also enables tokens are issued to users; for example, to update the token
reusing existing smart card operating systems. software and to unblock the user PIN.
The ALP type 2 and 3 enable a remote card management The host agent implements a web client to initiate
system over the Internet to update the smart card software. connections to remote web servers. The communication
The remote system can generate ALP 2 commands to update protocol between the web client and a remote web server is
4
Authorized licensed use limited to: DELHI TECHNICAL UNIV. Downloaded on December 31, 2009 at 05:44 from IEEE Xplore. Restrictions apply.
HTTPS. For this purpose, the smart card maintains a RSA key systems. Using them will enable a same smart card token be
pair and an x.509 certificate for host agent’s web client. plug-and-play on any PC regardless of the PC operating
Again, during TLS handshaking the host agent does system.
computationally heavy work and the smart card does security
critical ones, such as verifying the remote server’s certificate, VIII. CONCLUSIONS
to achieve both performance and security [9]. One of the key requirements for a security token in the
consumer market is plug-and-play without installation of any
software on the PC. This paper presents a new smart card
communication framework that enables USB smart cards to be
plug-and-play. The method relies only on pre-installed device
drivers that are included in modern computer operating
systems. Since these devices were not designed for general
purpose communication, we define new communication
protocols over the devices. The USB smart card emulates the
devices to communicate with the host computer using these
new protocols. The framework further includes methods for a
smart card to communicate with a standard web browser and
with remote Internet web servers. With this framework, USB
smart cards can achieve true plug-and-play and provide
security services to Internet web applications.
5
Authorized licensed use limited to: DELHI TECHNICAL UNIV. Downloaded on December 31, 2009 at 05:44 from IEEE Xplore. Restrictions apply.