“SMART CARD BASED SYSTEMS”
ABSTRACT
This paper discusses about the smart card in three different aspects.
Firstly, we will have a look of the physical structure of a smart card, and how it protects the data through the card’s life cycle.
Ø This section discusses the physical structure of a smart card and examines the components of a smart card. It will also discuss all the phases of a card’s life cycle, and explores how the micro controller handles and transfers data securely from the card manufacturer to the application supplier and then to the bearer. As a result, we can determine how the data or information stored on the card can be protected.
Secondly, we will examine how the data is protected through logical controls over the files in the card.
Ø After the application provider issues a smart card to the consumer, the protection of the card will be controlled by the application operating system mainly. Physical addressing mode of accessing data is no longer available. Access of data has to be done through the logical file structure on the card. This section will discuss how the operating system accomplishes the security protection of the data stored on the card by examining the logical file structure and the corresponding access controls of a smart card.
Thirdly, we will discuss how the smart card can provide a secure and authenticated environment for applications through procedural operation and mechanism.
At last, before we conclude whether the smart card is secure or not, some of the available techniques of attacking the smart card will be reviewed.
Ø Introduction
The smart card, an intelligent token, is a credit card sized plastic card embedded with an integrated circuit chip. It provides not only memory capacity, but computational capability as well. The self-containment of smart card makes it resistant to attack, as it does not need to depend upon potentially vulnerable external resources. Because of this characteristic, smart cards are often used in different applications that require strong security protection and authentication.
Smart card can act as an identification card that is used to prove the identity of the cardholder. It also can be a medical card that stores the medical history of a person. Furthermore, the smart card can be used as a credit/debit bankcard that allows off-line transactions.
The traditional magnetic strip card will be replaced and integrated together into a single card by using the multi-application smart card, which is known as an electronic purse or wallet in the smart card is becoming more and more significant and will play an important role in our daily life. It will be used to carry a lot of sensitive and critical data about the consumers ever more than before when compared with the magnetic strip card.
PHYSICAL STRUCTURE AND LIFE CYCLE
The physical structure of a smart card, components of a smart card and different phases of a card’s life cycle can determine how the data or information stored on the card can be protected.
· Physical Structure:
The physical structure of a smart card is specified by the International Standard Organization (ISO). Generally it is made up of three elements. The plastic card is the most basic one and has the dimensions of 85.60mm x 53.98mm x 0.80mm. The printed circuit conforms to ISO standard 7816/3, which provides five connection points for power and data. It is hermetically fixed in the recess provided on the card and is burned onto the circuit chip, filled with a conductive material, and sealed with contacts protruding. The printed circuit protects the circuit chip from mechanical stress and static electricity. Communication with the chip is accomplished through contacts that overlay the printed circuit
· Life Cycle of a Smart Card:
There is an operating system inside each smart card which may contain a manufacturer Identification Number (ID), type of component, serial number, profile information, and so on. More important, the system area may contain different security keys, such as Manufacturer Key or Fabrication Key (KF), and Personalization Key (KP). There are five main phases for a typical smart card life cycle. We will discuss each of them below.
1. Fabrication Phase:
This phase is carried out by the chip manufacturers. The silicon integrated circuit chip is created and tested in this phase. A Fabrication Key (KF) is added to protect the chip from fraudulent modification until it is assembled into the plastic card support.
2. Pre-personalization Phase:
This phase is carried out by the card suppliers. In this phase, the chip will be mounted on the plastic card, which may have the logo of the application provider printed on it.
3. Personalization Phase:
This phase is conducted by the card issuers. It completes the creation of logical data structures. Data files contents and application data are written to the card. Information of cardholder identity, PIN, and unblocking PIN will be stored as well.
4. Utilization Phase:
This is the phase for the normal use of the card by the cardholder. The application system, logical file access controls, and others are activated. Access of information on the card will be limited by the security policies set by the application. This will be discussed in detail in the next section.
5. End-of-Life Phase (Invalidation Phase):
There are two ways to move the card into this phase. One is initiated by the application, which writes the invalidation lock to an individual file or the master file. All the operations including writing and updating will be disabled by the operating system. Only read instructions may remain active for analysis purposes.
Logical Structure and Access Controls:
After the application provider issues a smart card to the consumer, the protection of the card will be controlled by the application operating system mainly. Access of data has to be done through the logical file structure on the card.
· Logical File Structure:
In general, in terms of data storage, a smart card can be viewed as a disk drive where files are organized in a hierarchical form through directories. Similar to MS-DOS, there is one master file (MF), which is like the root directory. Under the root, we can have different files, which are called Elementary Files (EFs). Simply consists of its header and the body, which stores the data. We can also have various subdirectories called Dedicated files (DFs) is a functional grouping of files which are immediate Child’s of DF. Under each subdirectory will be elementary files again.
The main difference of a smart card file structure and a MS-DOS file structure is that dedicated files can also contain data. In smart card terminology, the root or Master File (MF), besides the header part which consists of itself, the body part contains the headers of all of the dedicated files and elementary files which contain the MF in their parental hierarchy.
· Access Control:
The smart card accesses control system covers file access mainly. Each file is attached by a header, which indicates the access conditions or requirements of the file and the current status as well. The fundamental principle of the access control is based on the correct presentation of PIN numbers and their management
Levels of Access Conditions:
Primarily, the access conditions of a file can be defined into the following five levels. Some of the operating systems may offer more than these depending on the application they provide.
- Always (ALW): Access of the file can be performed without any restriction.
- Cardholder verification 1 (CHV1): Access can only be possible when valid CHV1 value is presented.
- Cardholder verification 2 (CHV2): Access can only be possible when valid CHV2 value is presented.
- Administrative (ADM): Allocation of these levels and the respective requirements for their fulfillment are the responsibility of the appropriate administrative authority.
- Never (NEV): Access of the file is forbidden.
PIN Presentations:
The Pins are normally stored in separate elementary files, EFCHV1 and EFCHV2 for example; through access conditions on files we can prevent the PINs from being changed. The PIN can be changed by issuing the change PIN instruction together with the new and old PIN. However, for most of the smart card operating systems, the corresponding PIN will be invalidated or blocked when a fixed number of invalid PINs are presented consecutively. The number of times will vary with different systems.
PIN Management
To achieve the protection and blockage of the PINs mentioned above, two counters have to be implemented for each of the cardholder verification numbers (CHVs).
1. PIN has been presented:
Files or functions which have PIN presentation as a pre-requisite or condition can be carried out. Every time the PIN is presented correctly, the PIN counter will be reset to the maximum number of tries.
2. PIN has not been presented or was presented incorrectly:
The PIN counter will be decremented by one after each incorrect PIN was presented. All the operations or instructions which require PIN presentation will be invalidated. If the PIN counter reaches zero, then the PIN will be blocked.
3. PIN is blocked:
In this state, all the operations require PIN presentation and even the PIN presentation instruction itself is blocked. Unblock PIN instruction has to be carried out. If correct unblocking PIN is presented, the PIN counter will be reset to the maximum number of tries and backed to the first state.
Procedural Protection
1. After an overview of the physical and logical protection given by the smart card, its time to look at how we can make use of the smart card to protect and secure our systems in the real life.
2. Because of the on-board computing power of the smart card, it is possible to achieve off-line transactions and verifications. For instance, a smart card and a Card Acceptor Device (CAD) can identify each other by using the mutual active authentication method.
3. Moreover, data and codes stored on the card are encrypted by the chip manufacturer by using computational scrambling encryption, which makes the circuit chip almost impossible to be forged.
· Identification of Documents:
Printed information and photographs can be digitised and stored into the card. By setting up the access condition and password on files, only authorised persons or authorities, such as government departments, are allowed to access the information. Moreover, together with the biometrics technology, biometrics information of the cardholder can be placed on the card, so that it verifies whether the card is owned by the cardholder or not. However instead of verifying the documents by observation of an inspection officer, a card acceptor device will be used, which contains the authorised code and PIN can unlock the file and retrieve the owner’s information for verification.
Authentication in Kerberos:
.
In an open Distributed Computing Environment (DCE), a workstation cannot be trusted to identify its users because the workstation may be far away from the central server. In order to protect the system from human being attacked by remote network hosts, a certain kind of authentication must be taken into account.
Kerberos is one of the systems, which provide trusted third-party authentication services to authenticate users on a distributed network environment. Basically, when a user want to access to a particular service from the server, he/she has to obtain a ticket or credential from the Kerberos Authentication Server (AS). The user then presents that credential to the Ticket Granting Server (TGS) and obtains a service ticket
So, Kerberos assumed that only the correct user could use the credential, as others do not have the password to decrypt it. And also because of this, a user can actually request the credential of others.
Access Control On Operating System:
Access control is one of the important motivations behind the development of smart card. In this we access the control of an operating system in a personal computer by using the smart card.
1. The personal computers have lack of security protection in the boot sector of a hard disk or floppy. They are allowed to be modified by anyone without any protection; this causes the possibility of infection by computer virus.
2. A Boot Integrity Token System (BITS) is introduced to make use of smart card technology to protect the operating system, where it requires critical information from the card to complete the boot sequence.
3. During system startup, two authentications have to be performed before the completion of boot sequence. At first, the user is authenticated to the smart card by means of a password. And then the host authenticates the card by reading the shared secret from the card.
Attacks on Smart Card
The smart card seems to be a superior tool for enhancing system security and provides a place for secure storage. One of the security features provided is the cryptographic facility. They provide encryption and decryption of data for the card; The secret of the cryptographic algorithm, the keys stored, and the access controls inside the smart card become the targets of attackers. They attack on logical non-invasive, the card physically while others just prove their success by mathematical theorems.
· Logical Attacks:
As all the key material of a smart card is stored in the Electrically Erasable Programmable Read Only Memory (EEPROM), and due to the fact that EEPROM write operations can be affected by unusual voltages and temperatures, information can be trapped by raising or dropping the supplied voltage to the microcontroller.
· Physical Attacks:
Invasive physical attacks are typical. Before this kind of attack can be performed, the circuit chip has to be removed from the plastic card. This can be done by sharp knife to cut the plastic behind the chip module until epoxy resin becomes visible. Where it dissolved by adding a few drops of Fuming nitric acid (>98% HNO3).
CONCLUSION:
Smart cards offer more security and confidentiality than the other kinds of information or transaction storage. Applications applied with smart card technologies are illustrated which demonstrate smart card is one of the best solutions to provide and enhance their system with security and integrity. An overview of the attack techniques on the smart card is discussed as well. It is important to realize that attacks against any secure systems are nothing new or unique. Any systems or technologies claiming 100% secure are irresponsible. It is a safe place to store valuable information such as private keys, account numbers, and valuable personal data such as biometrics information. As the technology advances quickly, manufacturers update and enhance their products constantly. Therefore, as soon as the hackers find ways of hacking the system, the problems could be solved by the new generation of technology. The smart card can be an element of solution to a security problem in the modern world.
Bibliography
· www.gold.net
· www.dice.ucl.ac.be
· www.slb.com
· Philips DX Smart Card Reference Manual
· Schumberger Limited (1996). Advantages, Smart Cards: Inherent advantages
· Krueger J. & Schloss R. (1997). Facing the Smart Card Security Issue, Internet WWW page at URL:
No comments:
Post a Comment