P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Smart Card Handbook Fourth Edition Smart Card Handbook: Fourth Edition Wolfgang Rankl and Wolfgang Effing © 2010, John Wiley & Sons, Ltd. ISBN: 978-0-470-74367-6 i P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Smart Card Handbook Fourth Edition Wolfgang Rankl and Wolfgang Effing Giesecke&DevrientGmbH,Germany Translated by Kenneth Cox KennethCoxTechnicalTranslations,Wassenaar,TheNetherlands A John Wiley and Sons, Ltd., Publication iii P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb FirstpublishedunderthetitleHandbuchderChipkarten:Fu¨nfteEditionbyCarlHanserVerlag (cid:1)C 2008CarlHanserVerlag,Munich/FRG Thiseditionfirstpublished2010 (cid:1)C 2010,JohnWiley&Sons,Ltd Firsteditionpublished1997 Secondeditionpublished2000 Thirdeditionpublished2003 Registeredoffice JohnWiley&SonsLtd,TheAtrium,SouthernGate,Chichester,WestSussex,PO198SQ,UnitedKingdom Fordetailsofourglobaleditorialoffices,forcustomerservicesandforinformationabouthowtoapplyfor permissiontoreusethecopyrightmaterialinthisbookpleaseseeourwebsiteatwww.wiley.com. Therightoftheauthorstobeidentifiedastheauthorofthisworkhasbeenassertedinaccordancewiththe Copyright,DesignsandPatentsAct1988. Allrightsreserved.Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmitted,in anyformorbyanymeans,electronic,mechanical,photocopying,recordingorotherwise,exceptaspermittedbythe UKCopyright,DesignsandPatentsAct1988,withoutthepriorpermissionofthepublisher. Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsinprintmaynotbe availableinelectronicbooks. Designationsusedbycompaniestodistinguishtheirproductsareoftenclaimedastrademarks.Allbrandnamesand productnamesusedinthisbookaretradenames,servicemarks,trademarksorregisteredtrademarksoftheir respectiveowners.Thepublisherisnotassociatedwithanyproductorvendormentionedinthisbook.This publicationisdesignedtoprovideaccurateandauthoritativeinformationinregardtothesubjectmattercovered.It issoldontheunderstandingthatthepublisherisnotengagedinrenderingprofessionalservices.Ifprofessional adviceorotherexpertassistanceisrequired,theservicesofacompetentprofessionalshouldbesought. LibraryofCongressCataloging-in-PublicationData Rankl,W.(Wolfgang) [HandbuchderChipkarten.English] Smartcardhandbook/WolfgangRankl.–4thed. p.cm. Includesbibliographicalreferencesandindex. ISBN978-0-470-74367-6(cloth) 1.Smartcards–Handbooks,manuals,etc. I.Title. TK7895.S62R36132010 004.5’6–dc22 2009052095 AcataloguerecordforthisbookisavailablefromtheBritishLibrary. ISBN 978-0-470-74367-6(Hbk) Typesetin10/12ptTimesbyAptaraInc.,NewDelhi,India PrintedinSingaporebyMarkono iv P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Contents PrefacetotheFourthEdition xxiii SymbolsandNotation xxv Abbreviations xxix 1 Introduction 1 1.1 Thehistoryofsmartcards 2 1.2 Cardtypesandapplications 7 1.2.1 Memorycards 8 1.2.2 Processorcards 8 1.2.3 Contactlesscards 9 1.3 Standardization 10 2 CardTypes 15 2.1 Embossedcards 15 2.2 Magnetic-stripecards 16 2.3 Smartcards 18 2.3.1 Memorycards 20 2.3.2 Contactlessmemorycards 20 2.3.3 Processorcards 21 2.3.4 Contactlessprocessorcards 23 2.3.5 Multi-megabytecards 24 2.3.6 Securitytokens 25 2.4 Opticalmemorycards 25 v P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb vi Contents 3 PhysicalProperties 29 3.1 Cardformats 29 3.2 Contactfield 36 3.3 Cardbody 38 3.4 Cardmaterials 39 3.5 Cardcomponentsandsecurityfeatures 42 3.5.1 Guillochepatterns 42 3.5.2 Signaturepanel 44 3.5.3 Microtext 44 3.5.4 Ultraviolettext 44 3.5.5 Barcode 44 3.5.6 Hologram 45 3.5.7 Kinegram 45 3.5.8 MultipleLaserImage(MLI) 46 3.5.9 Embossing 46 3.5.10 Laserengraving 47 3.5.11 Scratchfield 47 3.5.12 Thermochromedisplay 48 3.5.13 ModuliertesMerkmal(modulatedfeature)method 48 3.5.14 Securityfeatures 49 3.6 Chipmodules 50 3.6.1 Electricalconnectionsbetweenthechipandthemodule 51 3.6.2 TABmodules 53 3.6.3 Chip-on-flexmodules 54 3.6.4 Lead-framemodules 57 3.6.5 Specialmodules 59 4 ElectricalProperties 61 4.1 Electricalconnections 62 4.2 Supplyvoltage 62 4.3 Supplycurrent 65 4.4 Clocksupply 69 4.5 DatatransmissionwithT=0orT=1 69 4.6 Activationanddeactivationsequences 70 5 SmartCardMicrocontrollers 73 5.1 Semiconductortechnology 76 5.2 Processortypes 79 5.3 Memorytypes 82 5.3.1 ROM(read-onlymemory) 84 5.3.2 EPROM(erasableread-onlymemory) 85 5.3.3 EEPROM(electricallyerasableread-onlymemory) 85 5.3.4 Flashmemory 90 5.3.5 RAM(random-accessmemory) 92 5.3.6 FRAM(ferroelectricrandom-accessmemory) 92 5.4 Supplementaryhardware 93 5.4.1 CommunicationwithT=0orT=1 93 P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Contents vii 5.4.2 CommunicationwithUSB 94 5.4.3 CommunicationwithMMC 95 5.4.4 CommunicationwithSWP 95 5.4.5 CommunicationwithI2C 96 5.4.6 Timer 96 5.4.7 CRC(cyclicredundancycheck)calculationunit 97 5.4.8 Randomnumbergenerator(RNG) 97 5.4.9 Clockgenerationandclockmultiplication 98 5.4.10 DMA(directmemoryaccess) 99 5.4.11 Memorymanagementunit(MMU) 100 5.4.12 Javaaccelerator 101 5.4.13 Coprocessorforsymmetriccryptographicalgorithms 102 5.4.14 Coprocessorforasymmetriccryptographicalgorithms 103 5.4.15 Errordetectionandcorrectionfornonvolatilememory 103 5.4.16 Massmemoryinterface 104 5.4.17 Multichipmodule 105 5.4.18 Verticalsystemintegration(VSI) 106 5.5 Extendedtemperaturerange 107 6 InformationTechnologyFoundations 109 6.1 Datastructures 109 6.2 Encodingalphanumericdata 115 6.2.1 Seven-bitcode(ASCII) 115 6.2.2 Eight-bitcode(PCASCII) 115 6.2.3 Sixteen-bitcode(Unicode) 116 6.2.4 Thirty-two-bitcode(UCS) 116 6.3 SDLnotation 117 6.4 Statemachines 118 6.4.1 Basictheoryofstatemachines 118 6.4.2 Practicalapplications 120 6.5 Errordetectionandcorrectioncodes 122 6.5.1 XORchecksums 124 6.5.2 CRCchecksums 125 6.5.3 Reed–Solomoncodes 127 6.5.4 Errorcorrectioncodes 128 6.6 Datacompression 129 7 SecurityFoundations 133 7.1 Cryptology 133 7.1.1 Symmetriccryptographicalgorithms 138 7.1.1.1 DESalgorithm 138 7.1.1.2 AESalgorithm 140 7.1.1.3 IDEAalgorithm 141 7.1.1.4 COMP128algorithms 142 7.1.1.5 Milenagealgorithm 142 7.1.1.6 Operatingmodesofblockencryptionalgorithms 142 7.1.1.7 Multipleencryption 144 P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb viii Contents 7.1.2 Asymmetriccryptographicalgorithms 145 7.1.2.1 RSAalgorithm 146 7.1.2.2 GeneratingRSAkeys 148 7.1.2.3 DSSalgorithm 151 7.1.2.4 Ellipticcurvesasasymmetriccryptographicalgorithms 152 7.1.3 Padding 154 7.1.4 Messageauthenticationcodeandcryptographicchecksum 155 7.2 Hashfunctions 156 7.3 Randomnumbers 159 7.3.1 Generatingrandomnumbers 160 7.3.2 Testingrandomnumbers 163 7.4 Authentication 166 7.4.1 Unilateralsymmetricauthentication 168 7.4.2 Mutualsymmetricauthentication 169 7.4.3 Staticasymmetricauthentication 170 7.4.4 Dynamicasymmetricauthentication 172 7.5 Digitalsignatures 174 7.6 Certificates 178 7.7 Keymanagement 180 7.7.1 Derivedkeys 181 7.7.2 Keydiversification 182 7.7.3 Keyversions 182 7.7.4 Dynamickeys 182 7.7.4.1 Generationwithasymmetriccryptographicalgorithm 182 7.7.4.2 Generationwithanasymmetriccryptographicalgorithm 183 7.7.5 Keydata 183 7.7.6 Keymanagementexample 185 7.8 Identificationofpersons 187 7.8.1 Knowledge-basedidentification 188 7.8.2 Testingasecretnumber 188 7.8.3 TheprobabilityofguessingaPIN 190 7.8.4 GeneratingPINcodes 191 7.8.5 Verifyingthataterminalisgenuine 192 7.8.6 Biometricmethods 194 8 CommunicationwithSmartCards 201 8.1 Answertoreset(ATR) 203 8.1.1 Theinitialcharacter 206 8.1.2 Theformatcharacter 207 8.1.3 Theinterfacecharacters 207 8.1.3.1 GlobalinterfacecharacterTA 208 1 8.1.3.2 GlobalinterfacecharacterTA 209 i 8.1.3.3 GlobalinterfacecharacterTC 209 1 8.1.3.4 SpecificinterfacecharacterTC 210 2 8.1.3.5 SpecificinterfacecharacterTA (i>2) 210 i 8.1.3.6 SpecificinterfacecharacterTB (i>2) 210 i P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Contents ix 8.1.3.7 SpecificinterfacecharacterTC (i>2) 211 i 8.1.3.8 GlobalinterfacecharacterTA 211 2 8.1.4 Thehistoricalcharacters 211 8.1.5 Thecheckcharacter 214 8.1.6 PracticalexamplesofATRs 214 8.2 ProtocolParameterSelection(PPS) 217 8.3 Messagestructure:APDUS 221 8.3.1 CommandAPDUstructure 221 8.3.2 ResponseAPDUstructure 224 8.4 SecureDataTransmission 225 8.4.1 Dataobjectsforplaintext 227 8.4.2 Dataobjectsforsecuritymechanisms 227 8.4.3 Dataobjectsforauxiliaryfunctions 228 8.4.4 Theauthenticmodeprocedure 228 8.4.5 Thecombinedmodeprocedure 230 8.4.6 Sendsequencecounter 231 8.5 Logicalchannels 233 8.6 Logicalprotocols 234 8.6.1 TCP/IPprotocol 234 8.6.2 HTTPprotocol 235 8.6.3 BearerIndependentProtocol(BIP) 236 8.7 Connectingterminalstohigher-levelsystems 237 8.7.1 PC/SC 237 8.7.1.1 ICC-awareapplication 239 8.7.1.2 Serviceprovider 239 8.7.1.3 ICCresourcemanager 240 8.7.1.4 IFDhandler 240 8.7.1.5 IFD(interfacedevice) 240 8.7.1.6 ICC(integratedchipcard) 241 8.7.2 OCF 241 8.7.3 MKT 241 8.7.4 MUSCLE 242 9 DataTransmissionwithContactCards 243 9.1 Physicaltransmissionlayer 243 9.2 Memorycardprotocols 248 9.2.1 Telephonechipprotocol 249 9.2.1.1 Resettingtheaddresspointer 249 9.2.1.2 Incrementingtheaddresspointerandreadingdata 250 9.2.1.3 Writingtoanaddress 250 9.2.1.4 Erasingbytes 250 9.2.2 I2Cbus 251 9.2.2.1 Readingfromanaddress 252 9.2.2.2 Writingtoanaddress 253 9.3 ISOtransmissionprotocols 254 9.3.1 TheT=0transmissionprotocol 255 9.3.2 TheT=1transmissionprotocol 260 P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb x Contents 9.3.2.1 Blockstructure 261 9.3.2.2 Send/receivesequencecounter 264 9.3.2.3 Waitingtimes 265 9.3.2.4 Transmissionprotocolmechanisms 267 9.3.2.5 ExampleofdatatransmissionwiththeT=1protocol 270 9.3.3 ComparisonoftheT=0andT=1transmissionprotocols 270 9.3.4 TheT=14transmissionprotocol(Germany) 271 9.4 USBtransmissionprotocol 272 9.4.1 Electricalconnection 273 9.4.2 Logicalconnection 274 9.4.2.1 Transfermodes 275 9.4.2.2 Datapackets 275 9.4.3 Deviceclasses 276 9.4.4 Summaryandprospects 277 9.5 MMCtransmissionprotocol 277 9.6 Single-wireprotocol(SWP) 278 10 ContactlessDataTransmission 283 10.1 Inductivecoupling 284 10.2 Powertransmission 285 10.3 Datatransmission 286 10.4 Capacitivecoupling 287 10.5 Collisionavoidance 289 10.6 Stateofstandardization 290 10.7 Close-couplingcards(ISO/IEC10536) 291 10.7.1 Powertransmission 292 10.7.2 Inductivedatatransmission 293 10.7.2.1 Transmissionfromthecardtotheterminal 293 10.7.2.2 Transmissionfromtheterminaltothecard 293 10.7.3 Capacitivedatatransmission 295 10.8 Remotecouplingcards 296 10.9 Proximitycards(ISO/IEC14443) 297 10.9.1 Physicalproperties 298 10.9.2 Powertransmissionandsignalinterface 299 10.9.3 Signalandcommunicationinterface 299 10.9.4 TypeAcommunicationinterface 300 10.9.5 TypeBcommunicationinterface 302 10.9.5.1 Datatransmissionfromtheterminaltothecard 302 10.9.5.2 Datatransmissionfromthecardtotheterminal 303 10.9.6 Initializationandanticollision(ISO/IEC14443-3) 304 10.9.6.1 TypeAinitializationandanticollision 305 10.9.6.2 TypeBinitializationandanticollision 314 10.9.7 Transmissionprotocol(ISO/IEC14433–4) 329 10.9.7.1 ProtocolactivationwithTypeAcards 330 10.9.7.2 Half-duplexblockprotocol(ISO/IEC14433–4) 339 10.9.7.3 Deactivatingacard 344 10.9.7.4 Errorhandling 344 P1:MRM/FYX P2:MRM fm JWBK453-Rankl April13,2010 11:5 PrinterName:YettoComebbb Contents xi 10.10 Vicinityintegratedcircuitcards(ISO/IEC15693) 344 10.11 Nearfieldcommunication(NFC) 348 10.11.1 Stateofstandardization 348 10.11.2 NFCprotocol 349 10.11.3 NFCapplications 350 10.11.3.1 Rapidaccesstoinformationregardingservices 350 10.11.3.2 Peer-to-peerinformationexchange 350 10.11.3.3 Mobilepayment 350 10.11.3.4 SecureNFC 351 10.12 FeliCa 352 10.13 Mifare 352 11 SmartCardCommands 353 11.1 Fileselectioncommands 356 11.2 Readandwritecommands 358 11.3 Searchcommands 366 11.4 Fileoperationcommands 368 11.5 Commandsforauthenticatingpersons 370 11.6 Commandsforauthenticatingdevices 374 11.7 Commandsforcryptographicalgorithms 378 11.8 Filemanagementcommands 384 11.9 Applicationmanagementcommands 389 11.10 Completioncommands 391 11.11 Commandsforhardwaretesting 395 11.12 Commandsfordatatransmission 398 11.13 Databasecommands(SCQL) 399 11.14 Commandsforelectronicpurses 402 11.15 Commandsforcreditanddebitcards 405 11.16 Application-specificcommands 406 11.17 Commandprocessingtimes 407 11.17.1 Processingtimeestimation 407 11.17.1.1 Commandprocessing 408 11.17.1.2 Proportionalityfactorforpredefinedfunctions 409 11.17.1.3 NVMoperations 409 11.17.1.4 Datatransfer 410 11.17.1.5 Calculatedexample:READBINARYcommand 411 11.17.1.6 Calculatedexample:smartcardinitialization 413 11.17.2 Processingtimesoftypicalsmartcardcommands 415 11.17.3 Typicalcommandprocessingtimes 417 12 SmartCardFileManagement 421 12.1 Filestructure 421 12.2 Thelifecycleoffiles 422 12.3 Filetypes 423 12.3.1 Masterfile(MF) 424 12.3.2 Dedicatedfile(DF) 424 12.3.3 Applicationdedicatedfile(ADF) 425