Programming Smart Cards - PowerPoint PPT Presentation

About This Presentation
Title:

Programming Smart Cards

Description:

A Card with built-in micro-processor and memory. Applications : ... e-cash. Terminology. Program. Applet. Application. Cardlet. Instance of Program. Unique AID ... – PowerPoint PPT presentation

Number of Views:157
Avg rating:3.0/5.0
Slides: 29
Provided by: RajN1
Learn more at: https://www.cs.rice.edu
Category:

less

Transcript and Presenter's Notes

Title: Programming Smart Cards


1
Programming Smart Cards
  • Rajnish Kumar
  • Comp527.

2
Expect to learn
  • Cardlet
  • Development
  • Installation
  • Coke Machine Interface Implementation
  • Basic Cryptography

3
Smart Cards
  • A Card with built-in micro-processor and memory.
  • Applications
  • Pre-paid calling card
  • Security needs
  • e-cash

4
Terminology
  • Program
  • Applet
  • Application
  • Cardlet
  • Instance of Program
  • Unique AID
  • APDU
  • Communication format between card and terminal

5
Java Card Architecture
Cardlets
Loader Application
Javacard API
SOLO virtual Machine
Utilities
APDU Mgmt
FileSystem
Crypto
Chip Dependent Functions
6
Developing a Cardlet
1.
  • Use the packages provided
  • Javacard.framework
  • Javacardx.cryptography
  • Use -g to compile
  • javac g wallet.java

Compile to .class
Develop a .java file
7
Developing a Cardlet
1.
Compile to .class
Use MakeSOLO tool to generate .bin file from
.class
Develop a .java file
2.
Create a .bin file
8
Developing a Cardlet
1.
Use CardletManager tool to download .bin file to
the card.
Compile to .class
Develop a .java file
2.
3.
Create a .bin file
Download as a program file
9
Developing a Cardlet
1.
  • Instantiate the program
  • Assign AID

Compile to .class
Develop a .java file
2.
3.
4.
Create a .bin file
Download as a program file
Install as a Cardlet
10
Methods required for Cardlet
  • install() instantiate cardlet object
  • select() prepare the cardlet for execution
  • process() switch statement
  • Optional
  • main() entry point for cardlet

11
Javacard.framework
  • AID - Application ID
  • APDU - Handling communication buffer
  • ISO - constants
  • OwnerPin
  • Applet
  • Util - array functions

12
Beware !!
  • Card resource limitations
  • Total cardlet size 13.5 kb
  • Limited heap and stack size
  • Operation time out
  • Desynchronization

13
  • Writing Terminal Application

14
Java Cards native commands
  • Hosted by Loader utility
  • Loader acts as native OS
  • Loaders function
  • Conduct transaction between terminal and cardlet
  • Provide cryptography support
  • Manage cards files, program files and cardlets.

15
Example Commands
  • CreateFile
  • DeleteFile
  • SelectFile
  • ReadBinary
  • UpadteBinary
  • VerifyCHV
  • VerifyKey

16
Terminal Application
  • Use slb.iop. classes to write terminal
    application in Java
  • Example method
  • SmartCard.sendCardAPDU( CLA, INS,
    P1,P2, dataArray,
    Mode )

17
Command format (APDU)
Data
From Terminal
CLA
INS
P1
P2
P3
From Card, To Terminal
SW1
SW2
  • CLA Command Class ( 1byte )
  • 00h for loader class ( Card specific ).
  • 03h for Wallet ( User defined )

18
Command format
Data
From Terminal
CLA
INS
P1
P2
P3
From Card, To Terminal
SW1
SW2
  • INS Command Instruction Identifier (1b)
  • CLA INS uniquely identifies the command
  • If native, loader process
  • Else, forwarded to suitable cardlet
  • 03h for getBalance().

19
Command format
Data
From Terminal
CLA
INS
P1
P2
P3
From Card, To Terminal
SW1
SW2
  • P1,P2 Command parameters
  • P3 number of bytes of data to follow, or
    expected by the terminal
  • SW1,SW2 status words.

20
  • Cryptography Support

21
Cryptography Support
  • Symmetric/Asymmetric Authentication
  • Internal/External Authentication
  • Key Files
  • Supported Encryption Algorithms
  • DES
  • 3-DES
  • RSA

22
Key Files
Key File File ID Details
CHV1 CHV2 0000 0100 Card holder verification PIN, unblocking PIN, attempts
Ext Key file 0011 Contains DES/3DES keys for external authentication, transport key
Int Key file 0001 DES/3DES keys for internal authentication, MAC
RSA-PRI RSA-PUB 0012 1012 Private key Public key
23
External Authentication
  • Terminal calls AskRandom. Card has to return a
    challenge (random number ).
  • Terminal encrypts the challenge. Sends the
    encrypted challenge back to card using
    ExternalAuth . Key ID is also specified.
  • Card checks the correctness of terminal response,
    and authenticates if correct.

24
Internal Authentication
  1. Call an InternalAuth command
  2. Call getResponse to get the cryptogram
  3. Check if cryptogram is correct.

CLA INS P1 P2 P3 Mode
00/F0 88 algo_ID key_nb length S/R
25
Javacardx.crypto
  • Classes
  • DES_Key
  • DES3_Key
  • RSA_PrivateKey
  • RSA_PublicKey
  • MessageDigest

26
En/Decryption
  • DES_Key class methods
  • encryptECB, encryptCBC
  • decryptECB, decryptCBC
  • generateMAC, verifyMAC
  • setKey
  • getBlockSize

27
  • Code Walk Through

28
Reference
  • SDK Guide
  • Cyberflex Access Programmers Guide
  • Search google for Java cryptography
  • www.cyberflex.com/Support/support.html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Programming Smart Cards" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!