what is smart cards?...8 exploitation of hardware test interfaces (jtag) x 9 attacks on rng x 10...
TRANSCRIPT
1/83
• Exploded view of a Smart Card
• Architecture of a Smart Card
• Memory Cards
• Microprocessor Cards
• Contactless Cards
1. What is a smart card?
2/83
•Micro Module•8 or 6 Contacts
•Integrated Circuit
•Plastic Card
•Free Access Memory
•Protected Memory
•Microprocessor
•Contact Smart Card
•Contactless Smart Card
•ABS, PVC, Polycarbonate
•Hologram
•Brand Stamp
•Mag. Stripe
•Chip with ante
nna
Exploded view of a Smart Card1. What is a smart card?
3/83
•C1 •C5
•C2 •C6
•C3 •C7
•C4 •C8
•C1: VCC(전압공급)
•C2: RST(리셋신호)
•C3: CLK(클럭신호)
•C4: Reserved
•C5: GND(접지)
•C6: Reserved
•C7: I/O(입출력)
•C8: Reserved•Module
•Chip
•Bonding Pads
•Address Data Bus
•I/O •CPU •NPU •RAM
•ROM•EEPROM
•Charge Pump
•Bonding Pads
•IC Chip
CARD BODY (Back)
•adhesive foil
•
•contact surface
•wire bond
•gluing surface
•Microprocessor (Chip)
•card body
•empty space
•epoxy
•Antenna Coil
Chip
Antenna
Module (Contacts)
CARD BODY (Front)
•Physical Architecture
Exploded view of a Smart Card1. What is a smart card?
4/83
Contact Smart Card Standards1. What is a smart card?
• ISO 7816-1: Physical characteristics
• ISO 7816-2: Dimension & location of contacts
• ISO 7816-3: Electronic signal & transmission protocol
• ISO 7816-4: Interindustry commands
• ISO 7816-5: Resistration system for application in IC card
• ISO 7816-6: Interindustry data elements
• ISO 7816-7: Interindustry commands for Structured
Card Query Languge(SCQL)
• ISO 7816-8: Security architecture and related commands
5/83
•ISO 7816 Standards
•The Very Big Bank
•1234 5678 9012 3456
•Rich Wealthy
•NET
•ISO 7816-1
•Dimensions and
•physical constraints•ISO 7816-2
•Electrical signals
•ISO 7816-3
•Communication
•protocole
•ISO 7816-4 ...
•Memory management and
•inter industry commands
Contact Smart Card Standards1. What is a smart card?
6/83
• Free Access Memory card
•EEPROM :
•Application Data
•Wired Logic:
•Addressing
• a Memory Card can be compared to a Floppy disk...
Memory Card Architecture1. What is a smart card?
7/83
•EPROM
•Security Info.
•Fuses
•Wired Logic :
•Addressing,
•Security
•EEPROM,
•Application Data
•EPROM :
•Security Info.•Wired Logic :
•Addressing,
•Security
•EEPROM :
•Abaccus counter
•Fuses
•EPROM
•Security Info.
•Fuses
•Wired Logic
•Addressing,
•Security
•EEPROM,
•Application Data
•Keys
• Protected Memory Card
Memory Card Architecture1. What is a smart card?
8/83
•Clock •Reset
•Input /
Output
•CPU
•RAM :
•Scratch Pad
•ROM,
•Operating system•EEPROM,
•Application Memory
•EEPROM :
•Application Mem
ory
•ROM :
•Operating Syste
m
•a microprocessor card can be compared to a computer !!
1. What is a smart card? Microprocessor Card Architecture
9/83
• CPU 6805/8051/H8/RISC
• 8 bits/16 bits/32 bits
• 3,57 / 5Mhz
• 5 / 3Volts
1. What is a smart card? Processing unit : CPU
10/83
• RAM = Random Access Memory
• 128 up to 2 K bytes (Stack included)
• Scratch pad
• Checked and reseted after reset
1. What is a smart card? Volatile memory : RAM
11/83
• ROM (Read Only Memory)
• EEPROM (Electrically Erasable and Programable Read Only Memory)
•ROM,
•Operating system•EEPROM,
•Application Memory
1. What is a smart card? Non Volatile memories
12/83
• Operating System
– I/O protocol
– Chip handler
– External commands
– Memory management
– Authentication algorithms
• 6 up to 56k bytes
•ROM,
•Operating system•EEPROM,
•Application Memory
1. What is a smart card? ROM
13/83
• Application memory
• Specific file architecture
• Data informations
• Softmask
• Data OS
• 1 up to 64 K bytes
1. What is a smart card? EEPROM
14/83
• Light
• Temperature
• Passivation
• Clock
• Vcc
1. What is a smart card? Security componet
15/83
•Plastic Card•Integrated Circuits
• o Power circuit
• o Analog I/O circuit
• o Data storage and processing
•Power transm
ission
•coil
•Data
•transmission
•coil or plates
•Smart Transportation Authority
•1234 5678 9012 3456
•City Dweller
•Smart Transportation Authority
•1234 5678 901
•City Dweller
1. What is a smart card? Contactless Cards
16/83
•Smart card functions
•Mechanical strength•Data security
•Data storage •Data processing
2. How does a smart card work? Main Functions of a Smart Card
17/83
• 1-Token card
– Read / write / erease data in memory
– Protect data (ex: serial number storage)
– Process certificates: Authentication,...
– Count units : Abaccos
• 2- Microprocessor cards
– Read / write / erease data
– Identify the card: component,...
– Manage Memory
– Manage Files (PC): multi-aplication cards,...
– Protect data (ex: secret key storage )
– Encrypt data( ex: financial transactions )
– Authenticate ( ex : card owner with PIN)
2. How does a smart card work? Functions of a Smart Card
18/83
•READER CARD
•X select •Y s
ele
c
t
•Power, Clock
RAZ
•Messages
•Electronics
• +
•Connector
•I/O
lo
gic
2. How does a smart card work? Read and Write in a token Card
19/83
• Plastic Cards
• Modules
• Embedding & Test
• Personalization
3. Manufacturing Process Manufacturing
20/83
• ABS / ABS modified
• PVC
• Polycarbonate
• Hologram
• Brand Stamp
• Magnetic stripe
• Printing
3. Manufacturing Process Card Body
21/83
• 8 or 6 contacts
– 1. Vcc
– 2. Reset
– 3. Clock
– 4. (Optional)
– 5. Ground
– 6. (optional)
– 7. Input/Output
– 8. (optional)
• Metal:Tungsten, Gold
3. Manufacturing Process Micro module
22/83
•Sky High Transit
•Sky High Transit
•Sky High Transit
•Sky High Transit
•Punching
•Sky High Transit
•Sheet Printing
•Graphic data
•(Films, disk, syquest...)•Plastic sheet: PVC
3. Manufacturing Process Plastic Card Printing
23/83
•Motorola, Atmel
•Texas Instruments
•SGS Thomson
•Siemens, Hitachi
•Probing
•Dicing
•Wafer
•Die
•Coating•Module
•Bonding
3. Manufacturing Process Module Assembly Process
24/83
•1.Punch or mold
•Sky High Transit
•2. Mill
•3. Insert
•Sky High Transit•1234
•Super
•Glue
•Sky High Credit•1234
•1234 5678 9012 3456
•John Doe - Exp 13/999
•4. Test - Serialize
•5. Personalize
3. Manufacturing Process Embedding & Test
25/83
•Customer ID file
•Microprocessor car
d encoding
•Final Inspec
tion and ship
ping
•Embossing
•Encoding
•Black box
•Personal ID mailing
•Mag tape
• Stripe Card
•Mag tape Sm
art Card
•Bank card (mP+magstripe) Personalization Process
3. Manufacturing Process Personalization Process
26/83
•Chip manufacturer•Motorola, Siemens...
Main industrial actors in the smart card environment
•Printer •Embedder •Card supplier
•Card issuer:•Bank, Telecom,..
•Card Owner
•Service Provider
• , FDR
•Terminal manufacturer• , Verifone, L&G,...
•Processor
3. Manufacturing Process Industrial Actors
27/83
• Benefits of the Smart Card
• Cards technology features
• Applications
• Exemple of Applications Architectures
4. Applications of the smart card Industrial Actors
28/83
• Portable and mobile: identify the owner
• Convenient and flexible
• Protected and secure
• Good mechanical strength
• Proven technology with good reliability
• Can store and process data (personal, digital certificates,..)
• Cost effective
• Branded
• Innovative
•Why a smart card ?
4. Applications of the smart card
29/83
•Access control
•network security
•Digital Cell. Phones
•Health Ca
re
•Mass Transit
•Ticketless Tr
aveling
•Electronic
•Commerce
•Electronic Purse•Loyalty
•Ultra Mall
•Rewards
•Pay TV•Access Control
•Parking
•The Very Big Bank
•Rich Wealthy
•NET
•1234 5678 9012 3456
•Credit/ Debit
•Payphones
4. Applications of the smart card Applications
30/83
4. Applications of the smart card Smart card in Retail E - Commerce
31/83
•Emission Center
•Access rights
•Scrambling Keys
•Set up box
•Pay TV
•Pay TV
•Image Scrambling
4. Applications of the smart card Smart Cards in Pay TV
32/83
•SMS Centre
•NetGate
•Internet
•Back
•Office
•Web
•server•Banking
•server
•GSM•OTAC
4. Applications of the smart cardSmart Card in Mobile PhonesBanking, Trading & Shopping
33/83
•B: Global-Travel Agency
•E-Travel
•A: Joe Traveler
•CryptoFlex•CryptoFlex•A Public Key
•A Private Key
•Handshake
•Exchange Public Keys
•& Challenges
•B Private Key
•B Public Key
•B Public Key •A Public Key
•blablabla
•blablabla •B Challenge
4. Applications of the smart card Smart Cards in Network Security
34/83•Page 34/43
•Social Security
•CNAM
The French Health Care System•Dr Smith • Mr. Martin
•Prescription
•Payment
•Professional •Mr. Martin
•1
•2
•3•4
•5
•6
4. Applications of the smart card Smart cards in Health
35/83
?
36/83
II. Smart Cards Attack – From ICTK
Attack to be consideredAttack
Category
Assurance gained by
Chip Evaluation Card Evaluation
1 Minimal Invasive or Non-Invasive Physical Attacks
Hardware
Evaluation
X
2 Physical Attacks to Retrieve Secret Data X
3 Overcoming Sensors, Switches and Filters X
4 Perturbation AttacksPerturbation
Analysis
X X
5 Retrieving keys with DFA X X
6 SPA/DPA – Non-invasive retrieving of secret dataSide-channel
Analysis
X X
7 EMA and Sound Attacks X X
8 Exploitation of Hardware Test Interfaces (JTAG) X
9 Attacks on RNG X
10 Software Attacks
Software Evaluation
X
11 Information gathering X
12 Editing Messages X
13 Direct protocol attacks X
14 Man-in-the-middle attacks X
15 Replay attacks X
16 Buffer overflow or stack overflow X
37/83
Chip Fabrication
38/83
Finished wafer
39/83
Micro module etching
40/83
Automatic etcher
41/83
Result of etching process
42/83
Silicon Inspection
43/83
Reverse engineering
44/83
Lay-out plots
45/83
IR picture from back
46/83
Metal mask ROM
47/83
Ion implant ROM after staining
48/83
Automated ROM scanning set-up
49/83
Sub micron probe station
50/83
Probing with eight needles
51/83
Probing set-up
52/83
Scanning Electron Microscope
53/83
SEM: view mode
54/83
SEM imaging
55/83
Focused Ion Beam systems (FIB)
56/83
FIB – milling mode
57/83
58/83
59/83
60/83
61/83
62/83
63/83
64/83
65/83
66/83
67/83
68/83
69/83
70/83
71/83
72/83
73/83
74/83
75/83
76/83
77/83
78/83
79/83
80/83
81/83
82/83
83/83