Smart Cards A smart card is a plastic

  • Slides: 19
Download presentation
Smart Cards § A smart card is a plastic card that contains an embedded

Smart Cards § A smart card is a plastic card that contains an embedded integrated circuit (IC). § They store and process Information. § Smart Cards Can be used to add authentication and secure access to information systems that require a high level of security Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 1

Properties of Smart Cards § Highly secure-Tempering with one, results in destruction of the

Properties of Smart Cards § Highly secure-Tempering with one, results in destruction of the information it contains § Don’t contain battery- Become active when connected with a card reader § Come in two forms Contact or Contact less Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 2

What is a Java Card? § Adoption of Java Platform for usage on Smart

What is a Java Card? § Adoption of Java Platform for usage on Smart Cards. Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 3

Java Card Features • Receives clock and power from terminal • Three types of

Java Card Features • Receives clock and power from terminal • Three types of memory: – Random Access Memory (RAM) – Read-Only Memory (ROM) – Erasable Read-Only Memory (EEPROM) • Restricted Resources – – Slow and simple microprocessor (8 -bit) RAM ~1 Kb ROM ~64 Kb EEPROM ~16 -64 Kb • Restricted Version of Java Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 4

Java Card/Terminal System APDU = Application Protocol Data Unit Sara Javanmardi, INF 123 -

Java Card/Terminal System APDU = Application Protocol Data Unit Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 5

The Card-Side q Elements: § One or more Java Applets § Card’s operating System

The Card-Side q Elements: § One or more Java Applets § Card’s operating System § Java Card Runtime Environment(JCRE) • Java Card Virtual Machine • Java Card Framework and APIs Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 6

The Message-Passing Model Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability

The Message-Passing Model Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 7

Java for Java Cards Features Supported • Small primitive data types: boolean, byte, short.

Java for Java Cards Features Supported • Small primitive data types: boolean, byte, short. • One dimensional arrays. • Object oriented features: inheritance, virtual methods, dynamic object creation, overloading, scope. Not Supported • Large primitive data types: long, double, float. • Characters, strings. • Multidimensional arrays. • Dynamic class loading. • Garbage collection. • Threads. • Object Cloning. Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 8

Developing a Java Card Applet 1. Write the Java source. 2. Compile your source.

Developing a Java Card Applet 1. Write the Java source. 2. Compile your source. 3. Convert the class files into a Converted Applet (CAP) file (binary representation of classes and interfaces). 4. Verify that the CAP is valid (structure, valid bytecode subset, inter-package dependencies). 5. Install the CAP file. Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 9

Message-Passing Model Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 10

Message-Passing Model Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 10

APDU Structure • • • CLA, INS define the command P 1, P 2

APDU Structure • • • CLA, INS define the command P 1, P 2 – parameters Lc – data field length Le – maximum response length SW 1, SW 2 – response status Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 11

A Challenge in Java Card Programming • Java Cards have very restricted resources –

A Challenge in Java Card Programming • Java Cards have very restricted resources – Limited Memory – Limited Computing Power • Can we use terminal’s resources to overcome the restriction provided that the terminal is potentially untrusted? Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 12

Authentication • Registration Phase • Login Phase • Verification Phase Sara Javanmardi, INF 123

Authentication • Registration Phase • Login Phase • Verification Phase Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 13

Registration Phase • User Ui submits his identity IDi and password PWi to a

Registration Phase • User Ui submits his identity IDi and password PWi to a server for registration via secure channel. If the server accepts the request, it computes: • The server issues Ui a smart card containing: – Ri – h( ), where h( ) is a one-way hash function • x is the secret key maintained by the server Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 14

Login Phase • When Ui wants to login to the server, he inserts his

Login Phase • When Ui wants to login to the server, he inserts his smart card into a terminal then, the smart card performs the following steps: Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 15

Verification Phase – Server side • After receiving the message (IDi, T, C 2)

Verification Phase – Server side • After receiving the message (IDi, T, C 2) from Ui, the server performs the following steps to authenticate Ui: Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 16

Verification Phase – Client side • After receiving the message (C 3, T’’) from

Verification Phase – Client side • After receiving the message (C 3, T’’) from the server, Ui performs the following steps to authenticate the server: Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 17

Sample Scenario - Login Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and

Sample Scenario - Login Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 18

Sample Scenario - Verify Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and

Sample Scenario - Verify Sara Javanmardi, INF 123 - Software Architectures, Distributed Systems and Interoperability 19

typedef struct card Card struct card Card 15typedef struct card Card struct card Card 15
What is A PLASTIC OCEAN plastic PLASTIC POLLUTIONWhat is A PLASTIC OCEAN plastic PLASTIC POLLUTION
Plastic Waste What is plastic waste Plastic recyclingPlastic Waste What is plastic waste Plastic recycling
Plastic bags Soft plastic bottle Hard plastic bottlePlastic bags Soft plastic bottle Hard plastic bottle
Plastic Moulding Plastic q Plastic is a typePlastic Moulding Plastic q Plastic is a type
PLASTIC Group 3 3 2 Plastic Plastic isPLASTIC Group 3 3 2 Plastic Plastic is
PLASTIC BAG SIMONA GODLOV PLASTIC BAG A plasticPLASTIC BAG SIMONA GODLOV PLASTIC BAG A plastic
Plastic Soup What is Plastic Soup The PlasticPlastic Soup What is Plastic Soup The Plastic
Mobile App ID Cards Plastic ID cards AllMobile App ID Cards Plastic ID cards All
Mobile App ID Cards Plastic ID cards AllMobile App ID Cards Plastic ID cards All
Security in smart cards lti application smart cardsSecurity in smart cards lti application smart cards
Security in smart cards lti application smart cardsSecurity in smart cards lti application smart cards
Note Cards vs Source Cards Source Cards YouNote Cards vs Source Cards Source Cards You
Bibliography Cards and Note Cards Bibliography Cards YouBibliography Cards and Note Cards Bibliography Cards You
Source Cards Note Cards and Outlines Source cardsSource Cards Note Cards and Outlines Source cards
Chip cards Contact cards Dual interface cards ContactlessChip cards Contact cards Dual interface cards Contactless
Video Cards Integrated Video Cards Integrated video cardsVideo Cards Integrated Video Cards Integrated video cards
Source Cards and Note Cards SOURCE CARDS WhatSource Cards and Note Cards SOURCE CARDS What