Smart Card Handbook E-Book

Smart Card Handbook

Fourth Edition

First published under the title Handbuch der Chipkarten: Fünfte Edition by Carl Hanser Verlag © 2008 Carl Hanser Verlag, Munich/FRG

This edition first published 2010 © 2010, John Wiley & Sons, Ltd

First edition published 1997 Second edition published 2000 Third edition published 2003

Registered office John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, United Kingdom

For details of our global editorial offices, for customer services and for information about how to apply for permission to reuse the copyright material in this book please see our website at www.wiley.com.

The right of the authors to be identified as the author of this work has been asserted in accordance with the Copyright, Designs and Patents Act 1988.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by the UK Copyright, Designs and Patents Act 1988, without the prior permission of the publisher.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Designations used by companies to distinguish their products are often claimed as trademarks. All brand names and product names used in this book are trade names, service marks, trademarks or registered trademarks of their respective owners. The publisher is not associated with any product or vendor mentioned in this book. This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold on the understanding that the publisher is not engaged in rendering professional services. If professional advice or other expert assistance is required, the services of a competent professional should be sought.

Library of Congress Cataloging-in-Publication Data

Rankl, W. (Wolfgang) [Handbuch der Chipkarten. English] Smart card handbook / Wolfgang Rankl. – 4th ed. p. cm. Includes bibliographical references and index. ISBN 978-0-470-74367-6 (cloth) 1. Smart cards–Handbooks, manuals, etc. I. Title. TK7895.S62R3613 2010 004.5'6–dc22 2009052095

A catalogue record for this book is available from the British Library.

ISBN 978-0-470-74367-6 (Hbk)

Preface to the Fourth Edition

Preparing the fourth edition of a book with more than one thousand pages is not entirely the same as preparing the first edition of a technical book with three hundred pages. We learned this from painful experience in the course of the last two years, after we decided to write this new edition of the Smart Card Handbook.

Our decision was motivated by the dramatic evolution of smart card technology since the last edition of the book in 2002, which has resulted in so many fundamental changes that modifications were necessary on almost every page. With this major revision effort, we took the opportunity to migrate to a different working environment. Instead of using a certain well-known word processing program that was constantly on the verge of total collapse under the burden of this volume of material, we resolved to switch to a professional layout system. As well-known advocates of open-source software, we naturally had only one choice: LaTeX. Although we have never regretted this step, it did not exactly accelerate our project. One of the visible effects of this change for the reader is the large number of cross-references with page numbers. We also revised most of the figures and all of the tables. The result is a book that is distinctly more lucid and easier to read.

With this major revision, we have restructured the book to achieve a more logical arrangement of the various topics. This also allowed us to incorporate all the additions, changes, and special cases that have appeared in the previous editions in a structure that is once again self-contained and presents the entire subject in a clearly organized manner.

This also reflects the incipient paradigm shift in smart card technology. Until fairly recently, smart cards were largely niche products in the world of information technology, existing in a rather isolated technotope. However, in the last few years the technology of the PC and Internet worlds has made increasing inroads in the world of smart cards. As an example, we can mention cryptographically secured data transmission between smart cards and the outside world. The standard remains secure messaging, as specified by ISO/IEC 7816, but the integration of SSL and TSL protocols, long since proven in the Internet realm, is already on the horizon. A similar situation can be seen with TCP/IP in the medium term. This will make smart cards uniquely addressable Internet devices and allow them to be integrated accordingly into the Internet infrastructure.

Another topic that made relatively large revisions necessary is the use of smart card microcontrollers with flash memory instead of mask-programmed ROM. If this evolutionary trend continues on its present course, and there is every reason to believe that it will, in only a few years there will be scarcely any ROM-based chips available for smart cards. This is accompanied by distinctly increased flexibility in operating systems and production logistics.

With regard to the overall organization of the book, we have maintained the proven approach of the previous editions. It begins with a relatively short chapter that provides a general introduction to the world of smart cards and sets the stage for the rest of the book. This is followed by several chapters devoted to the underlying aspects of the technology, which are necessary for proper understanding of this rather extensive subject. After this comes a group of chapters that deal with data transmission, commands, operating systems, smart card production, and quality assurance.

The book concludes with copious descriptions of diverse applications. We have limited the application descriptions to representative examples, since a nearly indescribable variety of new and interesting application areas have opened up for smart cards in the last few years.

At this point we would like to thank our families, friends and colleagues, whose help and encouragement made this book possible. Our particular thanks go to the following people: Bernhard Seen for his expert comments on card production; Jörn Treger for his thoroughgoing revision of the section on Java Card; Christoph Schiller for answering many questions about LaTeX; Johannes Reschreiter for his helpful information on smart cards in ski areas; Thomas Tarantino for helping with questions on card bodies; Michael Baldischweiler for his expert advice regarding USB, SWP and HCI; Peter Hildinger for reviewing the chapter on payment cards; Marcus Janke and Peter Laackmann for numerous tips and photos related to attacks on smart cards; Christopher Tarnovsky for his interesting photos of chip analysis equipment; Jürgen Hirschinger for his precise comments on the subject of testing; Harald Vater for answering many detailed questions on cryptography; Hermann Altschäfl for his practical advice on telecommunication applications; Peter van Elst and Dieter Weiß for their always prompt and knowledgeable answers to many small questions about cards; Irene Weilhart for her outstanding suggestions and expert assistance on the typography and layout of technical books; and Margarete Metzger for her astounding patience every time we postponed the delivery date yet again, and for being an ideal partner in this book project.

Our special thanks also go to the many dedicated readers of the Smart Card Handbook, whose questions, comments and suggestions have often led us to new and interesting insights.

Munich, June 2008

Wolfgang Rankl

[[email protected]]

[www.wrankl.de]

Wolfgang Effing

[[email protected]]

Abbreviations

μC

microcontroller

3DES

triple DES (data encryption standard) (see glossary)

3GPP

Third Generation Partnership Project (see glossary)

3GPP2

Third Generation Partnership Project 2 (see glossary)

3rd FF

third form factor

A-PET

amorphous polyethylene terephthalate

A3, A5, A8

GSM algorithm 3, 5, 8 (see glossary)

AAM

application abstract machine

ABA

American Bankers Association

ABS

acrylonitrile butadiene styrene

AC

access conditions (see glossary)

ACD

access control descriptor

ACK

acknowledge

ACM

accumulated call meter

ADF

application dedicated file

ADK

additional decryption key

ADN

abbreviated dialing number

AES

Advanced Encryption Standard (see glossary)

AFI

application family identifier

AFNOR

Association Française de Normalisation (see glossary)

AGE

Autobahngebührenerfassung (motorway toll collection)

AGE

automatische Gebührenerfassung (automatic toll collection)

AID

application identifier (see glossary)

AM

access mode

Amd.

amendment

AMPS

Advanced Mobile Phone Service (see glossary)

ANSI

American National Standards Institute (see glossary)

AoC

advice of charge

AODF

authentication object directory file

APACS

Association for Payment Clearing Services

APDU

application protocol data unit (see glossary)

API

application programming interface (see glossary)

AR

access rules

ARM

advanced RISC machine

ARR

access rule reference

ASC

application-specific command

ASCII

American Standard Code for Information Interchange

ASIC

application-specific integrated circuit

ASK

amplitude shift keying (see glossary)

ASN.1

Abstract Syntax Notation One (see glossary)

AT

attention

ATM

automated teller machine

ATQA

answer to request, type A

ATQB

answer to request, type B

ATR

answer to reset (see glossary)

ATS

answer to select

AUX1, AUX2

auxiliary 1, auxiliary 2

BAC

Basic Access Control

BAFA

Bundesamt für Wirtschaft und Ausfuhrkontrolle

BASIC

Beginners All Purpose Symbolic Instruction Code

BCD

binary-coded digit

Bellcore

Bell Communications Research Laboratories

BER

Basic Encoding Rules (see glossary)

BER-TLV

Basic Encoding Rules – tag, length, value

BEZ

Börsenevidenzzentrale (electronic purse clearing center for GeldKarte)

BGT

block guard time

BIBO

be-in / be-out

BIN

bank identification number

BIP

bearer independent protocol

bit

binary digit

BPF

basic processor functions

BPSK

binary phase-shift keying (see glossary)

BS

base station

BSI

Bundesamt für Sicherheit in der Informationstechnik

BWT

block waiting time

C-APDU

command APDU (see glossary: command APDU)

C-SET

Chip SET (secure electronic transaction)

CA

certification authority (see glossary: certification authority)

CAD

chip accepting device (see glossary)

CAFE

Conditional Access for Europe (EU project)

CAMEL

Customized Applications for Mobile Enhanced Logic

CAP

card application (see glossary: CAP file)

CAPI

crypto API (application programming interface)

CASCADE

Chip Architecture for Smart Card and Portable Intelligent Devices

CASE

computer-aided software engineering

CAT

card application toolkit

CAT_TP

card application toolkit transport protocol

CAVE

Cellular Authentication, Voice Privacy And Encryption

CBC

cipher block chaining

CC

Common Criteria (see glossary)

CCD

card coupling device

CCID

integrated circuit(s) cards interface device

CCITT

Comité Consultatif International Télégraphique et Téléphonique (now ITU) (see glossary)

CCR

chip card reader

CCS

cryptographic checksum (see glossary)

CD

committee draft

CDC

communications device class

CDF

certificate directory file

CDM

card dispensing machine

CDMA

code division multiple access (see glossary)

CEN

Comité Européen de Normalisation (see glossary)

CENELEC

Comité Européen de Normalisation Eléctrotechnique

CEPS

common electronic purse specifications (see glossary)

CEPT

Conférence Européenne des Postes et Télécommunications (see glossary)

CFB

cipher feedback

CGI

Common Gateway Interface

CHV

cardholder verification or cardholder verification information

CICC

contactless integrated chip card

CICO

check-in/check-out

CID

card identifier

CISC

complex instruction set computer

CLA

class

CLF

contactless front end

CLK

clock

CLn

cascade level n, type A

CMEA

Cellular Message Encryption Algorithm

CMM

capability maturity model (see glossary)

CMOS

complementary metal oxide semiconductor

CMS

card management system

CoD

clear on deselect

CoR

clear on reset

COS

chip operating system (see glossary)

COT

chip on tape (see glossary)

CPA

Common Payment Application

CPU

central processing unit

CRC

cyclic redundancy check (see glossary)

CRCF

clock rate conversion factor

CRT

Chinese remainder theorem

CRT

control reference template

Cryptoki

Cryptographic Token Interface

CSD

circuit-switched data

CT

card terminal

CT

cascade tag, type A

CT

chipcard terminal

CT

cordless telephone

CT-API

chipcard terminal API (see glossary)

CTDE

cryptographic token data element

CTI

cryptographic token information

CTIO

cryptographic token information object

CVM

cardholder verification method

CWT

character waiting time

D

divisor

D-AMPS

Digital Advanced Mobile Phone Service (see glossary)

DAD

destination address

DAM

DECT authentication module

DAM

draft amendment

DAP

data authentication pattern

DB

database

DBF

database file

DBMS

database management system

DC/SC

Digital Certificates on Smart Cards

DCODF

data container object directory file

DCS

digital cellular system

DEA

Data Encryption Algorithm (see glossary)

DECT

Digital Enhanced Cordless Telecommunications (see glossary)

DEMA

differential electromagnetic analysis

DER

Distinguished Encoding Rules (see glossary)

DES

Data Encryption Standard (see glossary)

DF

dedicated file or directory file (see glossary)

DFA

differential fault analysis (see glossary)

DG

data group

DIL

dual inline

DIN

Deutsche Industrienorm (German industrial standard)

DIS

draft international standard

DLL

dynamic link library

DMA

direct memory access

DO

data object

DoA

dead on arrival

DoD

Department of Defense (USA)

DOM

Document Object Model

DoS

denial of service

DOV

data over voice

DPA

differential power analysis (see glossary)

dpi

dots per inch

DR

divisor receive (PCD to PICC)

DRAM

dynamic random access memory (see glossary)

DRI

divisor receive integer (PCD to PICC)

DS

divisor send (PICC to PCD)

DSA

Digital Signature Algorithm

DSI

divisor send integer (PICC to PCD)

DSS

digital signature standard

DTD

Document Type Definition

DTMF

dual tone multiple frequency

DVD

digital versatile disc

E

end of communication, Type A

E2PROM

electrically erasable programmable read-only memory

EAC

extended access control

EAP

Extensible Authentication Protocol

EAP-SIM

extensible authentication protocol security identity module

EBCDIC

Extended Binary Coded Decimal Interchange Code

EC

elliptic curve or elliptic curve cryptoalgorithm

ec

Eurocheque

ECB

electronic code book

ECBS

European Committee for Banking Standards (see glossary)

ECC

elliptic curve cryptosystems (see glossary)

ECC

error correction code (see glossary)

ECC

EU Citizen Card

ECDSA

Elliptic Curve Digital Signature Algorithm (DSA)

ECML

Electronic Commerce Modelling Language

ECTEL

European Telecom Equipment and Systems Industry

EDC

error detection code (see glossary)

EDGE

Enhanced Data Rates for GSM and TDMA Evolution (see glossary)

EDI

electronic data interchange

EDIFACT

Electronic Data Interchange for Administration, Commerce and Transport

EEM

Ethernet emulation model

EEPROM

electrically erasable programmable read-only memory (see glossary)

EF

elementary file (see glossary)

EFF

Electronic Frontier Foundation

EFI

EF internal

EFTPOS

electronic fund transfer at point of sale

EFW

EF working

eGK

elektronische Gesundheitskarte (German electronic health care card)

EGT

extra guard time, type B

EHIC

European Health Insurance Card

EMV

Europay, MasterCard, Visa (see glossary)

EOF

end of frame, type B

EOP

end of packet

EP

endpoint

EPA

elektronische Patientenakte (electronic patient file)

EPROM

erasable programmable read-only memory (see glossary)

ESD

electrostatic discharge

ETS

European Telecommunication Standard (see glossary)

ETSI

European Telecommunications Standards Institute (see glossary)

etu

elementary time unit (see glossary)

ET

evaluation target (see glossary)

f

following page

F2F

face to face

FAQ

frequently asked questions

FAR

false acceptance rate

FAT

file allocation table (see glossary)

fC

frequency of operating field (carrier frequency)

FCB

file control block

FCC

Federal Communications Commission

FCFS

first come, first served

FCI

file control information

FCOS

flip chip on substrate

FCP

file control parameters

FD/CDMA

frequency division / code division multiple access (see glossary)

FDMA

frequency division multiple access (see glossary)

FDN

fixed dialing number

FDT

frame delay time, type A

FEAL

Fast Data Encipherment Algorithm

FET

field effect transistor

ff

following pages

FID

file identifier (see glossary)

FIFO

first in, first out

FINEID

Finnish Electronic Identification Card

FIPS

Federal Information Processing Standard (see glossary)

FMD

file management data

FN

Fowler–Nordheim effect

FO

frame option

FPGA

field programmable gate array

FPLMTS

Future Public Land Mobile Telecommunication Service (see glossary)

FRAM

ferroelectric random access memory (see glossary)

FRR

false rejection rate

FS

file system

fS

frequency of subcarrier modulation

FSC

frame size for proximity card

FSCI

frame size for proximity card integer

FSD

frame size for coupling device

FSDI

frame size for coupling device integer

FSK

frequency-shift keying

FTAM

file transfer, access, and management

FTL

flash translation layer (see glossary)

FWI

frame waiting time integer

FWT

frame waiting time

FWTTEMP

temporary frame waiting time

GF

Galois field

GGSN

gateway GPRS support node

GMT

Greenwich Mean Time

GND

ground (electrical)

GNU

GNU's not Unix

GP

Global Platform (see glossary)

GPL

GNU general public license

GPRS

General Packet Radio System (see glossary)

GPS

Global Positioning System

GSM

Global System for Mobile Communications (see glossary)

GSMA

GSM Association

GTS

GSM Technical Specification

GUI

graphical user interface

HAL

hardware abstraction layer (see glossary)

HBA

Heilberufsausweis (health professional ID card)

HBCI

Home Banking Computer Interface (see glossary)

HCI

host controller interface

HiCo

high coercivity

HLTA

halt command, type A

HLTB

halt command, type B

HMAC

keyed hash message authentication code (MAC)

HPC

health professional card

HSCSD

high-speed circuit-switched data

HSM

hardware security module

HSM

high-security module

HSP

High-speed Protocol

HTML

Hypertext Markup Language

HTTP

Hypertext Transfer Protocol

HV

Vickers hardness

HW

hardware

I block

information block

I/O

input/output

I2C

inter-integrated circuit

IATA

International Air Transport Association

IBAN

international bank account number

IBE

identity-based encryption

ICAO

International Civil Aviation Organization

ICC

integrated circuit card (see glossary)

ICCD

integrated circuit(s) card device

ICCSN

ICC serial number

ID

identifier

IDEA

International Data Encryption Algorithm

IEC

International Electrotechnical Commission (see glossary)

IEEE

Institute of Electrical and Electronics Engineers

IEP

inter-sector electronic purse

IFD

interface device (see glossary)

IFS

information field size

IFSC

information field size for the card

IFSD

information field size for the interface device

IIC

institution identification codes

IMEI

international mobile equipment identity

IMSI

international mobile subscriber identity

IMT-2000

International Mobile Telecommunication 2000 (see glossary)

IN

intelligent network

INF

information field

INS

instruction

INTAMIC

International Association of Microcircuit Cards

IP

Internet protocol

IPES

Improved Proposed Encryption Standard

IPR

intellectual property rights

IrDA

Infrared Data Association

ISDN

Integrated Services Digital Network (see glossary)

ISF

internal secret file

ISIM

IP security identity module

ISO

International Organization for Standardization (see glossary)

IT

information technology

ITSEC

Information Technology Security Evaluation Criteria (see glossary)

ITU

International Telecommunications Union (see glossary)

IuKDG

Informations- und Kommunikations-Gesetz (Information and Communication Act)

IV

initialization vector

IVU

in-vehicle unit

J2ME

Java 2 Micro Edition

JC

Java Card

JCF

Java Card Forum (see glossary)

JCP

Java Community Process

JCRE

Java Card runtime environment (see glossary)

JCVM

Java Card virtual machine (see glossary)

JDK

Java Development Kit (see glossary)

JECF

Java electronic commerce framework

JFFS

journaling flash file system

JIT

just in time

JSR

Java specification request

JTC1

Joint Technical Committee One

JVM

Java virtual machine

K

key

Kc

ciphering key

KCV

check value key

KD

derived key

KFPC

key fault presentation counter

Ki

individual key

KID

key identifier

KM

master key

KS

session key

KVK

Krankenversichertenkarte (health insurance card)

LA

location area

LAN

local area network

Lc

length command

LCSI

life cycle status indicator

LDS

logical data structure

Le

expected length

LEN

length

LFSR

linear feedback shift register

LIFO

last in, first out

LLC

logical link control

LND

last number dialed

LOC

lines of code

LoCo

low coercivity

LPDU

link protocol data unit

LRC

longitudinal redundancy check

LSAM

load secure application module

lsb

least significant bit

LSB

least significant byte

M

month

M2M

machine to machine (see glossary)

MAC

medium access control

MAC

message authentication code (see glossary)

MAO

multiapplication operating system

MBL

maximum buffer length

MBLI

maximum buffer length index

MCU

microcontroller unit

MD5

message digest algorithm 5

ME

mobile equipment

MEL

Multos Executable Language

MExE

mobile station execution environment (see glossary)

MF

master file (see glossary)

MFC

multifunction card

MIME

Multipurpose Internet Mail Extensions

MIPS

microprocessor without interlocked pipeline stages

MIPS

million instructions per second

MKT

Multifunktionales Kartenterminal (multifunctional card terminal) (see glossary)

MLC

multilevel cell

MLI

multiple laser image

MM

moduliertes Merkmal

MMI

man–machine interface

MMS

multimedia messaging service

MMU

memory management unit

MOC

match on card

MOO

mode of operation

MOSAIC

microchip on surface and in card

MOSFET

metal oxide semiconductor field effect transistor

MoU

memorandum of understanding (see glossary)

MRTD

machine-readable travel document

MRZ

machine-readable zone

MS

mobile station

msb

most significant bit

MSB

most significant byte

MSC

mass storage class

MSE

MANAGE SECURITY ENVIRONMENT

MTBF

mean time between failures

MUSCLE

Movement for the Use of Smart Cards in a Linux Environment

NAD

node address

NAK

negative acknowledgment

NBS

National Bureau of Standards (USA) (see glossary)

NCSC

National Computer Security Center (USA) (see glossary)

NDA

nondisclosure agreement

NFC

near field communication

NIST

National Institute of Standards and Technology (USA) (see glossary)

NOK

not OK

NOP

no operation

NPU

numeric processing unit (see glossary)

NRZ

non return to zero

NRZI

non return to zero inverted

NSA

National Security Agency (USA) (see glossary)

NU

not used

NVB

number of valid bits

NVM

nonvolatile memory

OBU

onboard unit

OCF

Open Card Framework

OCR

optical character recognition

ODF

object directory file

OFB

output feedback

OID

object identifier

OMA

Open Mobile Alliance (formerly WAP)

OOK

on/off keying

OP

Open Platform (see glossary)

OS

operating system

OSI

Open Systems Interconnect

OTA

Open Terminal Architecture

OTA

over the air (see glossary)

OTASS

over the air SIM services

OTP

one-time password

OTP

one-time programmable

OTP

Open Trading Protocol

OVI

optically variable ink

P1, P2, P3

parameter 1, 2, 3

PA

power analysis

PACE

Password Authenticated Connection Establishment

PB

procedure byte

PC

personal computer

PC

polycarbonate

PC/SC

Personal Computer / Smart Card (see glossary)

PCB

protocol control byte

PCD

proximity coupling device (see glossary)

PCMCIA

Personal Computer Memory Card International Association

PCN

personal communication networks

PCS

personal communication system

PDA

personal digital assistant

PES

Proposed Encryption Standard

PET

polyethylene terephthalate

PETP

partially crystalline polyethylene terephthalate

PGP

Pretty Good Privacy

PICC

proximity ICC (see glossary)

PIN

personal identification number

PIX

proprietary application identifier extension

PKCS

Public Key Cryptography Standards (see glossary)

PKI

public key infrastructure (see glossary)

PLL

phase locked loop

PLMN

public land mobile network (see glossary)

PM

person month

POD

production on demand

POS

point of sale (see glossary)

POZ

POS ohne Zahlungsgarantie (type of payment transaction)

PP

protection profile (see glossary)

PPC

production planning and control

PPM

pulse position modulation

PPP

Point-to-point Protocol

PPS

protocol parameter selection

prEN

preliminary Europe Standard

prETS

preliminary European Telecommunication Standard

PrKDF

private key directory file

PRNG

pseudorandom number generator (see glossary)

PROM

programmable read-only memory

PSAM

purchase secure application module

PSK

phase shift keying

PSO

PERFORM SECURITY OPERATION

PSTN

public switched telephone network (see glossary)

PTS

protocol type selection

PTT

Post, Telegraph and Telephone

Pub

publication

PUK

personal unblocking key (see glossary)

PuKDF

public key directory file

PUPI

pseudo-unique PICC identifier

PVC

polyvinyl chloride

PWM

pulse width modulation

QFN

quad flat pack, no leads

R-APDU

response APDU (see glossary)

R-UIM

removable user identity module (see glossary)

RACE

Research and Development in Advanced Communication Technologies in Europe

RAM

random access memory (see glossary)

RATS

request to answer to select

Reg TP

Regulierungsbehörde für Telekommunikation und Post

REJ

reject

REQA

request command, type A

REQB

request command, type B

RES

resynchronisation

RF

radio frequency

RFC

Request for Comment

RFID

radio frequency identification

RFU

reserved for future use

RID

record identifier

RID

registered application provider identifier

RIPE

RACE Integrity Primitives Evaluation

RIPEMD

RACE Integrity Primitives Evaluation Message Digest

RISC

reduced instruction set computer

RMI

remote method invocation

RND

random number

RNDIS

remote network device interface specification

RNG

random number generator

ROM

read-only memory (see glossary)

RS

Reed–Solomon

RSA

Rivest, Shamir and Adleman Algorithm

RST

reset

RTE

runtime environment

S

start of communication

S-HTTP

Secure Hypertext Transfer Protocol

S2C

SigIn–SigOut Connection

S@T

SIM Alliance Toolbox

S@TML

SIM Alliance Toolbox Markup Language

SA

security attributes

SA

service area

SAD

source address

SAGE

Security Algorithm Group of Experts

SAK

select acknowledge

SAM

secure application module (see glossary)

SAS

Security Accreditation Scheme

SAT

SIM Application Toolkit (see glossary)

SATSA

security and trust services API

SC

security conditions

SC

smart card

SCC

smart card controller

SCMS

smart card management system

SCOPE

smart card open platform environment (see glossary)

SCP

smart card platform

SCQL

Structured Card Query Language

SCSUG

Smart Card Security Users Group

SCWS

smart card web server

SDL

Specification and Description Language

SDMA

space division multiple access (see glossary)

SE

security environment (see glossary)

SECCOS

Secure Chip Card Operating System (see glossary)

SEIS

Secured Electronic Information In Society

SEL

select code

SEMA

simple electromagnetic analysis

SEMPER

Secure Electronic Marketplace for Europe (EU project)

SEPP

Secure Electronic Payment Protocol

SET

secure electronic transaction (see glossary)

SFGI

start-up frame guard time integer

SFGT

start-up frame guard time

SFI

short file identifier

SGSN

serving GPRS support node

SigG

Signaturgesetz (see glossary)

SigV

Signaturverordnung (see glossary)

SIM

subscriber identity module (see glossary)

SIMEG

subscriber identity module expert group (see glossary)

SKDF

secret key directory file

SLC

single-level cell

SM

secure messaging

SM

security mechanism

SMD

surface mounted device

SMG9

Special Mobile Group 9 (see glossary)

SMIME

Secure Multipurpose Internet Mail Extensions

SMS

Short Message Service (see glossary)

SMS-PP

Short Message Service Point to Point

SMSC

Short Message Service Center

SOF

start of frame

SOP

small outline package

SOP

start of packet

SPA

simple power analysis (see glossary)

SPU

standard or proprietary use

SQL

Structured Query Language

SQUID

superconducting quantum interference device

SRAM

static random access memory (see glossary)

SRES

signed response

SS

supplementary service

SSC

send sequence counter

SSCD

secure signature creation device

SSL

secure socket layer

SSO

single sign-on (see glossary)

STARCOS

Smart Card Chip Operating System (G+D)

STC

sub-technical committee

STK

SIM Application Toolkit (see glossary)

STT

secure transaction technology

SVC

Stored Value Card (Visa International)

SW

software

SW1, SW2

status word 1, 2

SWIFT

Society for Worldwide Interbank Financial Telecommunications

SWP

Single-wire Protocol

T

tag

TAB

tape automated bonding

TACS

Total Access Communication System

TAL

terminal application layer

TAN

transaction number (see glossary)

TAR

toolkit application reference

tbd

to be defined

TC

technical committee

TC

thermochrome

TC

trust center (see glossary)

TCOS

Telesec Card Operating System

TCP

Transport Control Protocol

TCSEC

Trusted Computer System Evaluation Criteria (see glossary)

TD/CDMA

time division / code division multiple access (see glossary)

TDES

triple DES (see glossary)

TDMA

time division multiple access (see glossary)

TETRA

Trans-European Trunked Radio (see glossary)

TLS

transport layer security

TLV

tag length value (see glossary: TLV format)

TMSI

temporary mobile subscriber identity

TOE

target of evaluation (see glossary)

TPD

trusted personal device (see glossary)

TPDU

transmission protocol data unit (see glossary)

TRNG

true random number generator (see glossary: random number generator)

TS

technical specification

TSCS

The Smart Card Simulator

TTCN

Tree And Tabular Combined Notation

TTL

terminal transport layer

TTL

transistor–transistor logic

TTP

trusted third party (see glossary)

UART

universal asynchronous receiver transmitter (see glossary)

UATK

UIM Application Toolkit

UCS

Universal Character Set (see glossary)

UDP

User Datagram Protocol

UI

user interface

UICC

universal integrated chip card (see glossary)

UID

unique identifier

UIM

user identity module (see glossary)

UML

Unified Modeling Language (see glossary)

UMTS

Universal Mobile Telecommunication System (see glossary)

URL

uniform resource locator (see glossary)

USAT

USIM Application Toolkit (see glossary)

USB

Universal Serial Bus (see glossary)

USIM

Universal Subscriber Identity Module (see glossary)

USSD

unstructured supplementary services data

UTF

UCS transformation format

UTRAN

UMTS radio access network

VAS

value-added services (see glossary)

Vcc

supply voltage

VCD

vicinity coupling device

VEE

Visa Easy Entry (see glossary)

VICC

vicinity integrated chip card

VLSI

very large scale integration

VM

virtual machine (see glossary)

VOP

Visa Open Platform (see glossary)

Vpp

programming voltage

VSI

vertical system integration

W3C

World Wide Web Consortium

WAE

wireless application environment

WAN

wide area network

WAP

Wireless Application Protocol (see glossary)

WCDMA

wideband code division multiple access (see glossary)

WDP

Wireless Datagram Protocol

WfSC

Windows for Smart Cards

WG

working group

WIG

wireless Internet gateway

WIM

wireless identification module (see glossary)

WML

Wireless Markup Language (see glossary)

WORM

write once, read multiple

WSP

wafer-scale package

WSP

Wireless Session Protocol

WTAI

Wireless Telephony Application Interface

WTLS

Wireless Transport Layer Security

WTP

Wireless Transport Protocol

WTX

waiting time extension

WTXM

waiting time extension multiplier

WUPA

wake-up command, type A

WUPB

wake-up command, type B

WWW

World Wide Web (see glossary)

XML

Extensible Markup Language (see glossary)

XOR

logical exclusive OR operation

Y

year

ZKA

Zentraler Kreditausschuss (see glossary)

1

Introduction

This book is intended for students, engineers, and technically minded persons who want to learn more about smart card technology. It attempts to cover this broad topic as completely as possible, in order to provide the reader with a general understanding of the fundamentals and the current state of the technology.

We have put great emphasis on a practical approach. The wealth of illustrations, tables and references to real applications is intended to help the reader become familiar with the subject much faster than would be possible with a strictly technical approach. Consequently, this book is intended to be practically useful instead of academically complete. This is also the reason for making the descriptions as illustrative as possible. In places where we were faced with a choice between academic accuracy and ease of understanding, we have tried to strike a happy medium. Where this was not possible, we have given the preference to ease of understanding.

The book is structured such that it can be read in the usual way, from front to back. We have tried to avoid forward references as much as possible. The structure and content of the individual chapters are formulated to allow them to be read individually without any loss of understanding. A comprehensive index and a glossary allow this book to be used as a reference work. If you wish to know more about a specific topic, the references in the text and the annotated directory of standards will help you find the relevant documents.

Unfortunately, a large number of abbreviations have become established in smart card technology, as in so many other areas of technology and everyday life. This makes it particularly difficult for newcomers to become familiar with the subject. We have tried to minimize the use of these cryptic and frequently illogical abbreviations. Nevertheless, we have often had to choose a middle way between internationally accepted smart card terminology used by specialists and common terms more easily understood by laypersons. If we have not always succeeded, the extensive list of abbreviations should at least help overcome any barriers to understanding, which we hope will be short-lived. An extensive glossary at the end of the book explains the most important technical concepts and supplements the list of abbreviations.

An important feature of smart cards is that their properties are strongly based on international standards. This is also essential for interoperability, which is a fundamental requirement in most applications. Unfortunately, these standards are often difficult to understand, and in some problematic places they require outright interpretation. Sometimes only the members of the relevant standardization group can explain the intended meaning of certain sections. In such cases, The Smart Card Handbook attempts to present the meaning generally accepted in the smart card industry. Nevertheless, the relevant standards remain the ultimate authority, and in such cases they should always be consulted.

1.1 THE HISTORY OF SMART CARDS

The proliferation of plastic cards began in the USA in early 1950s. The low price of the synthetic material PVC made it possible to produce robust, durable plastic cards that were much more suitable for everyday use than the paper and cardboard cards previously used, which could not adequately withstand mechanical stresses and climatic effects.

The first all-plastic payment card for general use was issued by the Diners Club in 1950. It was intended for an exclusive class of individuals, and thus also served as a status symbol, allowing the holder to pay with his or her ‘good name’ instead of cash. Initially, only the more select restaurants and hotels accepted these cards, so this type of card came to be known as a ‘travel and entertainment’ card.

The entry of Visa and MasterCard into the field led to a very rapid proliferation of ‘plastic money’ in the form of credit cards. This occurred first in the USA, with Europe and the rest of the world following a few years later.

Today, credit cards allow travelers to shop without cash everywhere in the world. A cardholder is never at a loss for means of payment, yet he or she avoids exposure to the risk of loss due to theft or other unpredictable hazards, particularly while traveling. Using a credit card also eliminates the tedious task of exchanging currency when traveling abroad. These unique advantages helped credit cards become rapidly established throughout the world. Billions of cards are produced and issued annually.

At first, the functions of these cards were quite simple. They served as data storage media that were secure against forgery and tampering. General data, such as the card issuer's name, was printed on the surface, while personal data, such as the cardholder's name and the card number, was embossed. Many cards also had a signature panel where the cardholder could sign his or her name for reference. In these first-generation cards, protection against forgery was provided by visual features such as security printing and the signature panel. Consequently, the system's security depended largely on the experience and conscientiousness of the employees of the card-accepting organization. However, this did not represent an overwhelming problem, due to the card's initial exclusivity. With the increasing proliferation of card use, these rather rudimentary functions and security technology were no longer adequate, particularly since threats from organized criminals were growing apace.

Increasing handling costs for merchants and banks made a machine-readable card necessary, while at the same time, losses suffered by card issuers as the result of customer insolvency and fraud grew from year to year. It became apparent that the security features for protection against fraud and manipulation, as well as the basic functions of the card, had to be expanded and improved.

The first improvement consisted of a magnetic stripe on the back of the card, which allowed digital data to be stored on the card in machine-readable form as a supplement to the visual information. This made it possible to minimize the use of paper receipts, which were previously essential, although the customer's signature on a paper receipt was still required in traditional credit card applications as a form of personal identification. However, new approaches that rendered paper receipts entirely unnecessary could also be devised. This made it possible to finally achieve the long-standing objective of replacing paper-based transactions by electronic data processing. This required a different method to be used for user identification, which previously employed the user's signature. The method that has come into widespread general use involves a secret personal identification number (PIN) that is compared with a reference number in a terminal or a background system. Most people are familiar with this method from using bank cards in automated teller machines. Embossed cards with a magnetic stripe and a PIN code are still the most commonly used type of payment card.

However, magnetic-stripe technology has a crucial weakness, which is that the data stored on the stripe can be read, deleted and rewritten at will by anyone with access to a suitable magnetic card reader/writer. It is thus unsuitable for storing confidential data. Additional techniques must be used to ensure confidentiality of the data and prevent manipulation of the data. For example, the reference value for the PIN can be stored in the terminal or host system in a secure environment, instead of on the magnetic stripe in unencrypted form. Most systems that employ magnetic-stripe cards thus use online connections to the system's host computer for reasons of security, even though this generates significant costs for the necessary data transmission. In order to minimize costs, it is necessary to find solutions that allow card transactions to be executed offline without endangering the security of the system.

The development of the smart card, combined with the expansion of electronic data processing systems, has created completely new possibilities for devising such solutions.

In the 1970s, rapid progress in microelectronics made it possible to integrate nonvolatile data memory and processing logic on a single silicon chip measuring a few square millimeters. The idea of incorporating such an integrated circuit into an identification card was contained in a patent application filed by the German inventors Jürgen Dethloff and Helmut Grötrupp as early as 1968. This was followed in 1970 by a similar patent application by Kunitaka Arimura in Japan. However, real progress in the development of smart cards began when Roland Moreno registered his smart card patents in France in 1974. It was only then that the semiconductor industry was able to supply the necessary integrated circuits at acceptable prices. Nevertheless, many technical problems still had to be solved before the first prototypes, some of which contained several integrated circuit chips, could be transformed into reliable products that could be manufactured in large numbers with adequate quality at a reasonable cost.

The basic inventions in smart card technology originated in Germany and France, so it is not surprising that these countries played the leading roles in the development and marketing of smart cards.

The great breakthrough was achieved in 1984, when the French PTT (postal and telecommunication services authority) successfully carried out a field trial with telephone cards. In this field trial, smart cards immediately proved to meet all expectations with regard to high reliability and protection against manipulation. Significantly, this breakthrough for smart cards did not come in an area where traditional cards were already used, but in a new application. Introducing a new technology in a new application has the great advantage that compatibility with existing systems does not have to be taken into account, so the capabilities of the new technology can be fully exploited.

A pilot project was conducted in Germany in 1984–85, using telephone cards based on several technologies. Magnetic-stripe cards, optical-storage (holographic) cards and smart cards were used in comparative tests.

Smart cards proved to be the winners in this pilot study. In addition to a high degree of reliability and security against manipulation, smart card technology promised the greatest degree of flexibility for future applications. Although the older but less expensive EPROM technology was used in the French telephone card chips, newer EEPROM chips were used from the start in German telephone cards. The latter type of chip does not need an external programming voltage. An unfortunate consequence is that the French and German telephone cards are mutually incompatible. Further developments followed the successful trials of telephone cards, first in France and then in Germany, with breathtaking speed. By 1986, several million ‘smart’ telephone cards were in circulation in France alone. The total rose to nearly 60 million in 1990, and to several hundred million worldwide in 1997.

Germany experienced similar progress, with a time lag of about three years. These systems were marketed throughout the world after the successful introduction of the smart card public telephone in France and Germany. Telephone cards incorporating chips are currently used in more than 50 countries. However, the use of telephone cards in their original home countries (France and Germany), as well as in highly industrialized countries in general, has declined dramatically in the last decade due to the widespread availability of inexpensive mobile telecommunication networks and the general use of mobile telephones.

The integrated circuits used in telephone cards are relatively small, simple and inexpensive memory chips with specific security logic that allows the card balance to be reduced while protecting it against manipulation. Microprocessor chips, which are significantly larger and more complex, were first used in large numbers in telecommunication applications, specifically for mobile telecommunication. The production trends of smart cards with memory chips (memory cards) and smart cards with microprocessor chips (microcontroller cards) in recent years are shown in Figure 1.1.

In 1988, the German Post Office acted as a pioneer in this area by introducing a modern processor card using EEPROM technology as an authorization card for the analog mobile telephone network (C-Netz). The reason for introducing such cards was an increasing incidence of fraud with the magnetic-stripe cards used up to that time. For technical reasons, the analog mobile telephone network was limited to a relatively small number of subscribers (around one million), so it was not a true mass market for processor cards. However, the positive experience gained from using smart cards in the analog mobile telephone system was decisive for the introduction of smart cards in the digital GSM network. This network was put into service in 1991 in various European countries and has presently expanded over the entire world, with more than three billion subscribers in nearly every country of the world.

Progress was significantly slower in the bank card area, in part due to the more stringent security requirements and higher complexity of bank cards compared with telephone cards. These differences are described in detail in the following chapters. Here we would just like to remark that the development of modern cryptography has been just as crucial for the proliferation of bank cards as developments in semiconductor technology.

With the widespread use of electronic data processing in the 1960s, the discipline of cryptography experienced a sort of quantum leap. Modern, high-performance hardware and software made it possible to implement complex, sophisticated mathematical algorithms in single-chip processors, which allowed previously unparalleled levels of security to be achieved. Moreover, this new technology was available to everyone, in contrast to the previous situation in which cryptography was a covert science in the private reserve of the military and secret services.

With these modern cryptographic algorithms, the strength of the security mechanisms in electronic data processing systems could be mathematically calculated. It was no longer necessary to rely on a highly subjective assessment of conventional techniques, whose security essentially rests on the secrecy of the methods used.

The smart card proved to be an ideal medium. It made a high level of security (based on cryptography) available to everyone, since it could safely store secret keys and execute cryptographic algorithms. In addition, smart cards are so small and easy to handle that they can be carried and used everywhere by everybody in everyday life. It was a natural idea to attempt to use these new security features for bank cards, in order to come to grips with the security risks arising from the increasing use of magnetic-stripe cards.

The French banks were the first to introduce this fascinating technology in 1984, after completion of a pilot project with 6000 cards in 1982–83. It took another 10 years before all French bank cards incorporated chips. In Germany, the first field trials took place in 1984–85, using a multifunctional payment card incorporating a chip. However, the Zentrale Kreditausschuss (ZKA), which is the coordinating committee of the leading German banks, did not manage to issue a specification for multifunctional Eurocheque cards incorporating chips until 1996. In 1997, all German savings associations and many banks issued the new smart cards. In the previous year, multifunctional smart cards with POS capability, an electronic purse, and optional value-added services were issued in all of Austria. This made Austria the first country in the world to have a nationwide electronic purse system.

An important milestone for the future worldwide use of smart cards for making payments was the adoption of the EMV specification, a product of the joint efforts of Europay, MasterCard and Visa. The first version of this specification was published in 1994. It provides a detailed description of the operation of credit cards incorporating processor chips, and it ensures the worldwide compatibility of the smart cards of the three largest credit card organizations. Hundreds of millions of EMV cards are presently in use worldwide.

With a delay of around ten years relative to normal contact smart cards, the technology of contactless smart cards has developed to the point of market maturity. With contactless cards, an electromagnetic field is used to supply power to the cards and exchange data with the terminal, without any electrical contact. The majority of currently issued EMV cards use this technology to enable fast, convenient payment for small purchases.

In the 1990s, it was anticipated that electronic purses, which store money in a card and can be used for offline payment, would prove to be another driver for the international proliferation of smart cards for payment transactions. The first such system, called Danmøntnt}, was put into service in Denmark in 1992. There are presently more than twenty national systems in use in Europe alone, many of which are based on the European EN 1546 standard. The use of such systems is also increasing outside of Europe. Payment via the Internet offers a new and promising application area for electronic purses. However, a satisfactory solution to the difficulties involved in using the public Internet medium to make payments securely but anonymously throughout the world, including small payments, has not yet been found. Smart cards could play a decisive role in such a solution.

The anticipated pioneering success of electronic purses has failed to materialize up to now. Most installed systems remain far below the original highly optimistic expectations, which among other things can be attributed to the fact that fees for online transactions have decreased dramatically, with the result that one of the key advantages of electronic purse systems – cost savings resulting from offline capability – has largely vanished. Today the electronic purse function is often included as a supplementary application in multifunction smart cards for payment transactions.

Another potentially important application for smart cards is as personal security devices for electronic signatures, which are slowly becoming established in several European countries after the legal basis for their use was created in 1999 when the European Parliament adopted an EU directive on digital signatures.

Another application has resulted the issuing of smart cards to nearly all the citizens of several countries. These smart cards serve as health insurance cards, which are issued to the insured persons and which contribute to cost savings in the billing of services to health insurance organizations. In most cases, the first cards to be issued were simple memory cards containing only the personal data of the insured person necessary for identification, but the patient cards now in common use contain complex security microcontrollers that also make it possible to store prescriptions and patient files, and to use electronic signatures to enable secure access to centrally stored data via the Internet.

The high functional flexibility of smart cards, which even allows programs for new applications to be added to a card already in use, has opened up completely new application areas, extending beyond the boundaries of traditional card uses.

As already mentioned, the technology of contactless smart cards has reached a level of maturity that enables economical mass production. For this reason, contactless smart cards are used as electronic tickets for local public transport in many cities throughout the world. In addition, this technology has established a firm position in electronic passports. Although electronic passports do not have the same size or shape as a credit card, which is standardized as an ID-1 card, under the cover they have the same circuitry as a contactless smart card, consisting of a security microcontroller connected to an antenna coil for contactless data exchange.

Intensive efforts are presently underway at the European level to achieve standardization of a contactless electronic card to be issued to all citizens, which will have an ID1 form factor (the same as a credit card) and is intended to be used as a personal identification card, among other things.

Although the history of smart cards and their applications goes back more than 25 years, a steady stream of promising new applications is still being developed. The increasing, almost omnipresent networking of our world creates major problems with regard to the security, confidentiality, and anonymity of personal data. Smart cards as personal security devices, with their ability to store and encode data securely, can make a major contribution to solving these problems.

1.2 CARD TYPES AND APPLICATIONS

As can be seen from the historical summary, the potential applications of smart cards are extremely diverse. With the steadily increasing storage and processing capacities of available integrated circuits, the range of potential applications is constantly expanding. Since it is impossible to describe all of these applications in detail within the confines of this book, a few typical examples must serve to illustrate the basic properties of smart cards. This introductory chapter is only meant to provide an initial overview of the functional versatility of these cards. Some typical application areas with their memory and processing capacities are shown in Figure 1.2, and several typical applications are described in detail in later chapters.

To make this overview easier to follow, it is helpful to divide smart cards into two categories: memory cards and processor cards.

1.2.1 Memory cards

The first smart cards used in large quantities were memory cards for telephone applications. These cards are prepaid, with the value stored electronically in the chip being decreased by the amount of the calling charge each time the card is used. Naturally, it is necessary to prevent the user from subsequently increasing the stored value, which could easily be done with a magnetic-stripe card. With such a card, all the user would have to do is record the data stored at the time of purchase and rewrite it to the magnetic stripe after using the card. The card would then have its original value and could be reused. This type of manipulation, known as buffering, is prevented in smart phone cards by security logic in the chip that makes it impossible to erase a memory cell once it has been written. Decreasing the card balance by the number of charge units used is thus irreversible.

This type of smart card can naturally be used not only for telephone calls, but also whenever goods or services are to be sold against prior payment without the use of cash. Examples of possible uses include local public transport, vending machines of all types, cafeterias, swimming pools, car parks and so on. The advantage of this type of card lies in its simple technology (the surface area of the chip is typically only a few square millimeters), and hence its low cost. The disadvantage is that the card cannot be reused once it is empty, but must be discarded as waste – unless it ends up in a card collection.