Você está na página 1de 20

Cutting Edge 2005 workshop, IIT Kanpur

BRIJENDRA MOHAN
EC 8th SEMESTER
ROLL NO:0614331021
Cutting Edge 2005 workshop, IIT Kanpur

What are smart cards


What is in smart card
Classification of smart cards
Security mechanisms
Applications
Challenges
Processor cards (and therefore
Cutting Edge 2005 workshop, IIT Kanpur

memory too)
Credit card size
 With or without contacts.
Cards have an operating system
too.
The OS provides
 A standard way of interchanging information
 An interpretation of the commands and data.
Cards must interface to a
computer or terminal through a
Classification of smart cards
•Contact and contactless type smart cards

•Memory and microprocessor type smart cards


A second type is the
Cutting Edge 2005 workshop, IIT Kanpur

contactless smart card, in which


the chip communicates with the
card reader through RFID
induction technology (at data
rates of 106 to 848 kbit/s).
The standard for contactless
smart card communication.
A related contactless technology
is RFID (radio frequency
identification). tions is
The automated chip card was
Cutting Edge 2005 workshop, IIT Kanpur

invented by German rocket


scientist Helmut Gröttrup and
his colleague Jürgen Dethloff in
1968,
The first mass use of the cards
was for payment in French
pay phones, starting in 1983 .
The major boom in smart card
use came in the 1990s, with
the introduction of the smart-
card-based SIM used in GSM
Smart cards can be used for
Cutting Edge 2005 workshop, IIT Kanpur

identification, authentication,
and data storage.
Smart cards provide a means
of effecting business
transactions in a flexible,
secure, standard way with
minimal human intervention.
Smart card can provide
strong authentication.
Cutting Edge 2005 workshop, IIT Kanpur

. A smart card is like a


‘pocket-size power
The chip in the smart card is
composed of memory a
microprocessor.
They require only a card
acceptor, often known as
card reader.
They are susceptible to chip
Cutting Edge 2005 workshop, IIT Kanpur

Reserved
Clock
Reset
VCC

I/O
VPP
GND
Cutting Edge 2005 workshop, IIT Kanpur

RFU

GND

RFU

I/O
CLK
RST

Vpp
Vcc
 Password
Cutting Edge 2005 workshop, IIT Kanpur

 Card holder’s protection


Cryptographic challenge
Response
 Entity authentication
Biometric information
 Person’s identification
A combination of one or more
Credit cards
Cutting Edge 2005 workshop, IIT Kanpur

Electronic cash

Computer security systems

Wireless communication

Loyality systems

Banking

Satellite TV

Government identification
256 bytes to 4KB RAM.
Cutting Edge 2005 workshop, IIT Kanpur

8KB to 32KB ROM.


1KB to 32KB EEPROM.
8-bit to 16-bit CPU. 8051 based designs are
common.

The price of a mid-level chip when produced in


bulk is less than US$1.
Terminal asks the user to
Cutting Edge 2005 workshop, IIT Kanpur

provide a password.
Password is sent to Card for
verification.
Scheme can be used to permit
user authentication.
 Not a person identification scheme
Data is stored in smart cards in
Cutting Edge 2005 workshop, IIT Kanpur

E2PROM
 Card OS provides a file structure
mechanism

File types
Binary file
(unstructured)
Fixed size record file
Variable size record
file
Card is inserted in the
Card gets power. OS boots
Cutting Edge 2005 workshop, IIT Kanpur

terminal
up. Sends ATR (Answer to
ATR negotiations take place reset)
to set up data transfer
speeds, capability
negotiations etc.
Terminal sends first Card responds with an error
command to select MF (because MF selection is only
on password presentation)
Terminal prompts the user to
provide password
Terminal sends password for Card verifies P2. Stores a
verification status “P2 Verified”.
Responds “OK”“OK”
Card responds
Terminal sends command to
select MF again Card supplies personal data and
responds “OK”
Terminal sends command to read
EF1
1. Authenticate user to bank
Terminal with officer card:
Cutting Edge 2005 workshop, IIT Kanpur

two card 1a. Get challenge from


readers banker card.
Banker’s card User’s card 1b. Obtain response for the
Application challenge from passport
software runs (IAUTH).
here 1c. Validate response with
officer card (EAUTH)
2. Authenticate officer card
to passport.
3. Transfer money to the
user’s card

The terminal itself does not store any keys, it’s the two cards that
really authenticate each other. The terminal just facilitates the
process.
At RTOs, two RTO officers are
Cutting Edge 2005 workshop, IIT Kanpur

required to create a DL
 These two work in pair.
 Have a usage counter of key built in.

 RTO keys are generated and given in


the RTO cards
STA can revalidate the usage
counter.
STA keys are also generated.
www.google.com
Cutting Edge 2005 workshop, IIT Kanpur

www.wikwpedia.com
www.cs.fsu.ed

Você também pode gostar