Smart Card Background
An integrated circuit card (ICC), more popularly known as a smart card is a portable, tamper-resistant computer with a programmable data store. It is the exact shape and size of a credit card, but can hold 4KB - 64KB of information and perform a modest amount of data processing as well. Smart cards are particularly suited to applications that require data security as well as data integrity. Data security ensures that a data value or computation contained on the card can only be accessed by authorised parties. Data integrity guarantees that the value of the data stored on the card is defined at all times and is not corrupted. This property must hold even if the power to the smart card is cut during a computation involving information stored on the card.
1. History
The term smart card was coined by French publicist Roy Bright in 1980, however it was invented by two German engineers in 1967 and 1968, Jurgen Dethloff and Helmut Grottrupp. They filed for a patent in February 1969 but were only granted the patent in 1982 titled "Identifikanden/Identifikationsschalter". Independently, Kunitaka Arimura of the Arimura Technology Institute in Japan filed for a smart card patent in Japan in 1970. The following year, Paul Castrucci of IBM filed an American patent titled "Information Card". A French journalist, Roland Moreno filed 47 smart card related patents in 11 countries between 1974 and 1979.
2. Types of Smart Cards
Smart cards that are currently available on the market can be classified into the three categories below. Cards with:
- surface contacts connected to a memory-only integrated circuit chip (IC) - memory cards
- surface contacts connected to an IC chip containing a microprocessor - microprocessor cards
- an electromagnetic connection to an IC chip containing a microprocessor - contactless cards
Memory Cards
The earliest smart cards were memory cards that contained an integrated circuit chip only containing nonvolatile memory and the necessary circuitry to read and write to the memory. These cards are dependent on the smart card reader or the computer for processing. They still comprise the majority of smart cards in use today. They are inexpensive and provide a modest level of security. Memory cards are suitable for applications that perform fixed operations. Examples of memory cards include pre-paid phone cards and high-security alternatives to magnetic stripe cards.
Memory cards use a synchronous communication protocol between the reader and the smart card. The communication channel is always under the control of the reader. A variation on the memory card is the logic card. This card incorporates security enhancements through the provision of memory addressing circuitry that requires a shared secret between the reader and the smart card chip.
Yet another variation on the memory card is the optical card. Optical cards can store up to 4MB of data. However, once written, this data cannot be changed or removed. These cards are suited for applications requiring record keeping (such as medical, driving or travel records). Existing optical cards do not contain a processor. The card readers use non-standard protocols and are expensive.
Microprocessor cards
These are also known as "chip cards" as they contain a microprocessor chip and can process data on the card. The current generation of microprocessor cards has the equivalent processing power of original IBM-XT computers (with slightly less memory capacity). Examples of microprocessor cards include cards that hold money, cards that provide secure access to networks, and cards that secure cellular telephones from fraud.
Contactless Cards
These cards make use of an electromagnetic signal for communication between the reader and the smart card. The power required to run the chip is transmitted at microwave frequencies from the reader. These cards offer greater ease of use for certain applications where possession of the card is sufficient for card use (e.g. toll stations, identification etc.).
3. Elements of a Smart Card
The Central Processing Unit (CPU), memory and Input/Output electronics are assembled into one integrated circuit chip. Figure 2.1 illustrates the organisation of these components on the card. The simple packaging provides all the capabilities required of smart cards in a very small package. In addition, it conceals the interconnections between the various component elements making it difficult for an observer to intercept these signals.
Figure 2.1: Layout of a smart card integrated circuit chip [2].
3.1 The Smart Card Central Processing Unit
The CPU in a smart card chip is an 8-bit microcontroller (typically using the Motorola 6805 or Intel 8051 instruction set). Smart card CPUs execute machine instructions at a speed of approximately 400,000 instructions per second. Although the latest chips are capable of speeds of up to 1 million instructions per second (1 MIP).
A reasonable amount of time for a smart card to perform a transaction is 1-3 seconds. However, RSA encryption using a 1024-bit key can take 10-20 seconds on a typical smart card processor. Consequently, some smart card chips include a coprocessor to accelerate the encryption computations.
Some smart cards place a restriction on where executable code can be placed. For example, most smart card chips will not execute code that is stored in RAM. Moreover, some smart cards enable sections of nonvolatile memory to be reconfigured so that a program loaded into it cannot be overwritten (effectively transforming it into ROM).
3.2 The Smart Card Memory System
In contrast to most personal computers with large amounts of homogenous random access memory available (RAM), smart cards have a relatively tiny amount of RAM (256-1,000 bytes). They also contain read-only memory (ROM) as well as nonvolatile memory (NVM).
Data stored in RAM is not preserved when power is lost. However, RAM is essential for certain operations in smart card applications. In particular, the time taken for the CPU to read from and write to RAM is relatively fast. This can be significant when the smart card is interacting with a PC application in which the timing of responses from the card is important (e.g. mobile communications).
General-purpose smart cards contain between 8KB and 32KB of ROM. The smart card operating system is stored in ROM including routines for communication, file system maintenance, encryption and special-purpose arithmetic routines. The manufacturer places this information in ROM and it cannot be changed.
Variable data is stored in NVM, which, is actually electrically erasable and programmable read-only memory (EEPROM). Smart cards generally have between 1KB and 16KB of EEPROM. This memory can be read and written by application programs and retains its contents even when the power is removed. Data will last 10 years in EEPROM. However, there are two problems with EEPROM:
- Speed: it takes 3-10ms to write data to EEPROM
- Data loss: EEPROM has a limited number of write cycles (approximately 100,000 times)
3.3 Smart Card Input/Output
The connection with the outside world is made through a simple I/O port that can be guarded by the processor. This can be done using high-level communications protocols where the processor filters all information that is passed to and from the other components of the chip. These protocols can be used for authentication (see Smart Card Security).
3.4 Smart Card Interface Devices
A smart card does not contain an independent power source or clock signal, which are needed by the processor embedded on the card. As a result, the smart card must be inserted into a device that can provide both power and clock signals. This device is known as an interface device (IFD), terminal or reader.
In addition to providing the power and clock signals, the reader is responsible for opening a communication channel between application software on the computer and the operating system on the card. Nearly all smart card readers are actually reader/writers, that is, they allow an application to write to the card as well as read from it.
3.5 Smart Card Operating Systems
The operating system found on the majority of smart cards implements a standard set of commands (usually 20 - 30) to which the smart card responds. Smart card standards such as ISO 7816 and CEN 726 describe a range of commands that smart cards can implement. Most smart card manufacturers offer cards with operating systems that implement some or all of these standard commands (and possibly extensions and additions). The relationship between the smart card reader and the smart card is a master/slave relationship. The reader sends a command to the smart card, the card executes the command and returns the result (if any) to the reader and waits for another command.
3.6 Smart Card File Systems
Most smart card operating systems also support a simple file system based on the ISO 7816 standard. A smart card file is actually just a contiguous block of smart card memory. A smart card file system is a singly rooted, directory-based, hierarchical file system in which files may have long alphanumeric, short numeric or relative names.
Once a file is allocated, it cannot be extended and so files must be created to be the maximum size that they are expected to be. Smart card file systems do not support garbage collection or compaction. For example, file A is first created followed by the creation of file B. If file A is then deleted, the space occupied by A is lost until B is also deleted.
Smart card operating systems support the usual set of file operations such as create, delete, read, write and update on all files. In addition, certain operations are supported on particular types of files. For example, linear files consist of a series of fixed-size records that can be accessed by record number or read sequentially using read next and read previous operations. Some smart card operating systems also perform a limited seek on linear files. The table below lists some special operations on the different file types.
Type |
Special Operations |
Example |
Linear |
seek |
credit card account table |
Cyclic |
read next, read previous |
transaction log |
Transparent |
read and write binary |
picture |
SIM file |
encrypt, decrypt |
cellular telephone |
Table 2.1: Some operations on various file types [2].
Each file is associated with an access control list that records the operations that authorised parties are allowed to perform on the file.
3.7 Smart Card Communications
The communication channel to a smart card is half-duplex. This means that data can either flow from the reader to the card or from the card to the reader, but data cannot flow in both directions at the same time. The receiver is required to sample the signal on the serial line at the same rate as the transmitter sends it in order for the correct data to be received. This rate is known as the bit rate or baud rate. Data received by and transmitted from a smart card is stored in a buffer in the smart card’s limited random access memory. Consequently, relatively small packets (10 - 100 bytes) of data are moved in each message.
4. Smart Card Software
Smart card software can be categorised into two types:
- Card software
- Host software
This section describes the purpose of each of these.
4.1 Card software
Card software or card-side software is software that runs on the smart card itself. Card software provides computational services for applications that access the data contained in the card. It also protects this data from applications that may attempt to access it incorrectly. Card software implements the data, security properties and policies of a particular smart card. It is usually classified into application software and system software. Application software uses the computational and data storage capabilities of a smart card in the same manner as any computer. Application-specific software is typically written in:
- assembly language for the chip architecture of the microprocessor found embedded in the smart card or
- a high-level language that can be interpreted directly on the card or compiled into assembly language and loaded onto the card.
System software explicitly uses and may contribute to the data integrity and data security properties of the particular smart card.
4.2 Host software
Host software runs on a computer that is connected to a smart card. Host software is also referred to as reader-side software. It mostly includes end-user application software, system software that supports smart cards and smart card readers. Host software is usually written in a high-level programming language such as C, C++, Java, Pascal etc. and linked with commercially available libraries and device drivers to access smart cards and readers.
In order for a host smart card program to conduct business with a smart card it must first ensure that the particular smart card is authentic. To complete the mutual authentication, the program must then convince the smart card that it is authentic.
5. Smart Card Security
One of the primary reasons that smart cards exist is for security. The card provides a computing platform on which information can be securely stored. Moreover, computations can also be carried out securely. Consequently, smart cards are ideally suited to enhance the security of other systems. Some examples of these applications include physical access systems and financial systems (including electronic commerce applications).
The information stored on a smart card can be configured such that access to it can be strictly controlled by the cardholder, the card issuer, or the provider of any specific applications on the card. Access control is generally implemented by requiring a key or PIN to access certain files. These keys are stored in key files on the card. Only the smart card can access these key files for comparison with the key obtained from the smart card reader or user. (Further details on file access control and key files can be found in section 6.5.)
Smart cards provide a variety of useful security features, including:
- Storage of passwords for access to computer systems, networks etc.
- Storage of keys, public and private, for encrypting information to ensure its privacy
- Storage of keys, public and private, for authenticating identity
- Storage of information to be transported without the cardholder being able to access or change that information in any way
- Performance of encryption algorithms for authenticating identity
- Performance of encryption algorithms for ensuring the privacy of information
The authentication procedure may be simple (e.g. demonstrating the possession of a shared secret such as a PIN) or may be complex (e.g. demonstrated the ability to encode a message offered known as a challenge with a particular key and algorithm). If the authentication process does not complete successfully, all further communication is blocked. A record of all failed attempts may be kept on the card. Once a certain number of consecutive failures is reached, the card may destroy itself and its contents completely.
The encryption of transaction information is often referred to as bulk encryption. In general, smart cards are not involved in bulk encryption processes. Encryption and decryption is computationally intensive. In addition, some cryptographic algorithms require significantly more computation than others do. In particular, public-key encryption is far more intensive that symmetric key encryption. However, a few cards are specifically built for this purpose and are equipped with a dedicated processor (known as a crytoprocessor) which performs the encryption. An example of this type of smart card is the Cryptoflex smart card manufactured by Schlumberger. The Cryptoflex can perform encryption using the following algorithms: DES, triple DES and RSA 1024 public-key encryption.
Encryption can be applied to all messages to and from the smart card or alternatively only to particular messages. Generally smart card programmers do not have to design new authentication or encryption algorithms. Instead, they use the facilities that are built into the smart card which, is provided with a certain level of assurance of correctness.