() Special Topic IC Card vs. RFID

superfluitysmackoverSécurité

23 févr. 2014 (il y a 3 années et 8 mois)

85 vue(s)


1








資訊科技
(

)



Special Topic



IC Card vs. RFID





4/27/2006





93EMBA
資管組


P93747017
李駿達

P93747011
顏世坤




2

Smart Cards Technology
Definition:

在塑膠卡片上裝置積體電路(
IC
),並在卡上外接接點,使讀寫裝置可以傳輸資料。
IC

內的積體電路可包含微處理器(
MCU


和記憶體,只有記憶體的稱為記憶卡(
Memory Card
),
只能儲存資料;具微處理器的則有運算和資料處理
能力,被稱為智慧卡(
Smart Card
)。

IC
卡的特色有:記憶容量大,資料可重複多次寫入或更新;資料控管功能;安全性高不
易偽造,防止卡片犯罪的損失;可採離線(
off
-
line
)作業,減少通訊成本。國內目前在金融、
醫療、電信方面,已陸續導入
IC
卡的應用。

Plastic Cards
Visual identity application

:
Plain plastic card is enough

Magnetic strip (e.g. credit cards)

Visual data also
available in machine readable form

No security of data

Electronic memory cards

Machine readable data

Some security (vendor specific)

Smart cards definition, function and Characteristic
Processor cards
(and therefore memory too)

2.

Credit card size


3

3.

With or wit
hout contacts.

4.

Cards have an operating system too.

5.

The OS provides

6.

A standard way of interchanging information

7.

An interpretation of the commands and data.

8.

Cards must interface to a computer or terminal through a standard card reader.

9.

Loosely defined
, a sma
rt card is any card with a capability to relate information to a
particular application such as:



Magnetic Stripe Cards



Optical Cards



Memory Cards



Microprocessor Cards
Smart Card Specification

Typical Smartcard at time of our research



8
-
bit CPU, 384
bytes

R
AM, 3

5 Mhz clock rate



256 bytes to 4KB RAM.



8KB to 32KB ROM.



1KB to 32KB EEPROM.



Crypto
-
coprocessors (implementing 3DES, RSA etc., in hardware) are optional.



8
-
bit to 16
-
bit CPU. 8051 based designs are common.

The price of a mid
-
level chip when produced

in bulk is less than US$1.

Upcoming

1.

32
-
bit RISC CPU, 4 Kbytes RAM, 50 Mhz clock

Smart Card Readers
Computer based readers

:
Connect through USB or COM
(Serial) ports

(2)

Dedicated terminals

Usually with a small screen, keypad, printer, often also
have biometr
ic devices such as thumb print scanner.

Communication mechanisms
Communication between smart card and reader is
standardized

ISO 7816
-
4 standard

Commands are initiated by the terminal

Interpreted by the card OS

Card state is updated

Response is given by
the card.

Commands have the following structure
Response from the card include 1..Le bytes followed
by Response Code
Security Mechanisms
Password

Card holder

s protection


4

Cryptographic challenge Response Entity authentication

Biometric information Person

s

identification

A combination of one or more
Data storage

Data is stored in smart cards in E
2
PROM

Card OS provides a file structure mechanism

Access control on the files

Applications may specify the access controls

A password (PIN) on the MF selection (Fo
r example SIM password in mobiles)

Multiple passwords can be used and levels of security access may be given

Applications may also use cryptographic authentication

How are Smart Cards Used?

Commercial Applications

Banking/payment

Identification

Parking a
nd toll collection

Universities use smart cards for ID purposes and at the the library, vending machines,
copy machines, and other services on campus.


By 2007 end all credit cards will be smart.

EMV standard

Mobile Telecommunications

SIM cards used on ce
ll phones

Over 300,000,000 GSM phones with smart cards

Contains mobile phone security, subscription information, phone number on the network,
billing information, and frequently called numbers.

Information Technology

Secure logon and authentication of us
ers to PCs and networks

Encryption of sensitive data
Other Applications

Over 4 million small dish TV satellite receivers in the US use a smart card as its
removable security element and subscription information.

Pre
-
paid, reloadable telephone cards

Healt
h Care, stores the history of a patient

Fast ticketing in public transport, parking, and road tolling in many countries

JAVA cards

E
-
Government Smart Card Specification

ISO 7816, 1,2,3 compliant


5

FIPS 140
-
2, level 3

Java Applications



PKI Applet



ID PIN
Verification and Management Applet



GCA Applet



Authentication Applet



Biometric Authentication Applet



Stake Holder applets (future)

JavaCard 2.1

Global Platform 2 Compliant

64 K RAM (42K available for applets)

DES/3DES/AES(when available)

RSA asymmet
ric 1024 / 2048

PTS speed in access of 9600 bps

EEPROM endurance > 250,000 r/w cycles

MIFARE Proximity (contactless) chip



DESFire (ISO 14443
-
A)



4 k NV memory

Advantages

In comparison to it’s predecessor,
the magnetic strip card
, smart

cards have many
a
dvantages including:



Life of a smart card is longer



A single smart card can house
multiple applications
. Just one card can be used
as your license, passport, credit card, ATM card, ID Card, etc.



Smart cards cannot be easily replicated and are, as a gene
ral rule much
more
secure

than magnetic stripe cards. it has relatively powerful processing
capabilities that allow it to do more than a magnetic stripe card (e.g., data
encryption).
Data on a smart card can be protected against unauthorized viewing.
As
a result of this confidential data, PINs and passwords can be stored on a smart
card. This means, merchants do not have to go online every time to authenticate
a transaction.
Disadvantages
NOT tamper proof



Can be lost/stolen



Lack of user mobility


onl
y possible if user has smart card reader every he goes



Has to use the same reader technology



Can be expensive



Working from PC


software based token will be better



No benefits to using a token on multiple PCs to using a smart card


6



Still working on bugs

Int
ernational Standardization
Mobile Telecom Standards

ETSI: GSM 03.48, TS 23.048

ETSI & 3G Smart Card Platform (SCP): TS 102.225, 102.226

Government Standards

US Federal Government: GSC
-
IS

Under review (US): FIPS 201, PIV

ISO: new part 13 of 7816 series

New
Work Item from Japan: approved by ISO SC17

Work assigned to ISO SC17/WG4, editor: Japan

Scope: commands for application management in multi application environment

Contribution: a subset of GlobalPlatform Card Specification, endorsed by ANSI

US official co
ntribution to ISO

Global Deployment

(1)

Over 70 million GlobalPlatform cards deployed worldwide

(2)

Additional 450+ million GSM cards globally use GlobalPlatform technology for
over
-
the
-
air (OTA) application download

(3)

Over 30 implementations across the financial, I
D/security, government, mobile telecom,
healthcare, retail, and transit markets

(4)

Estimates predict these figures to increase dramatically in 2005 and 2006

IC Card Comparison

$3,500
-
$4,000
$7
-
$1 2
None
4.9 Mbytes
Optical Memory
Cards
$500
$7
-
$1 5
8
-
bit
cpu
,
moving to
1 6
-
and 32
-
bit
8 Kbytes
Integrated Circuit
Proces s or Cards
$500
$1
-
$2.50
None
1
Kbyte
Integrated Circuit
Memory Cards
$750
$0.20
-
$0.75
None
1 40 bytes
Magnetic S tripe
Cards
Cos t of
Reader and
Connection
Cos t of
Card
Proces s ing
Power
Maximum Data
Capacity
$3,500
-
$4,000
$7
-
$1 2
None
4.9 Mbytes
Optical Memory
Cards
$500
$7
-
$1 5
8
-
bit
cpu
,
moving to
1 6
-
and 32
-
bit
8 Kbytes
Integrated Circuit
Proces s or Cards
$500
$1
-
$2.50
None
1
Kbyte
Integrated Circuit
Memory Cards
$750
$0.20
-
$0.75
None
1 40 bytes
Magnetic S tripe
Cards
Cos t of
Reader and
Connection
Cos t of
Card
Proces s ing
Power
Maximum Data
Capacity

7

Radio Frequency Identification (RFID)
Overview

What is RFID?

R
FID combines t
he features of traditional IDs


Barcodes : used to identify and track objects


OCR and biometrics : enables automatic ID and verification


Smart cards/IC card : store information and provide interactive processing

How RFID different?

Used to identify obje
cts and store information about the object

Used to locate and identify objects from a distance using RF signals

Used to detect and read things that are not in line of sight

Data can be interactively managed and processed by the RFID chip and RFID system
We
b
service vs RFID service













8


RFID Operation



RFIDs Unique Capabilities
No “line of sight” required to read tags



Simultaneous communication with multiple tags



Each Item is unique; prevents double counting



Bulk reading capability



Can store inform
ation directly on tags



High memory capacity



Long read ranges



Performance not limited by harsh environments versus bar codes

Type of RFID Tag (Passive v.s. Active)

RESPONSES
COMMANDS
Tag Physical Memory
APPLICATION
RESPONSES
APPLICATION
INTERROGATOR
RF TAG
APPLICATION
COMMANDS
Command /
Response
Unit
PHYSICAL
INTERROGATOR
DATA PROTOCOL
PROCESSOR
ISO/IEC 15961
ISO/IEC 18000
Encoder
Logical Memory
AIR
INTERFACE
ISO/IEC 15962
ISO/IEC 15962
Annexes
Logical
Memory
Map
Note: The Logical Memory Map in the
Tag Physical Memory is given by the
Tag architecture and the mapping rules
in the Tag Driver. All the information in
the Logical Memory is represented in
the Logical Memory Map
Decoder
Tag
Driver
and
Mapping
Rules
Application Program Interface
Application Program Interface
DEVICE
COMMANDS
DEVICE
RESPONSES

9


Comparison of different frequency band system



Minimum Requirements of RFID system


10


Application Standards
ISO 10374
-

Freight containers


Automatic identification

ISO 18185
-

Freight Containers
-

Radio
-
frequency communication protocol for electronic
seal
ISO 11784


Radio
-
Frequency Identification of Animals
-

Code Structure

ISO 11785


Radio
-
Frequency Identification of Animals
-

Technical Concept

ISO 14223
-
1


Radio
-
Frequency Identification of Animals
-

Advanced Transponders
-

Part 1:
Air Interface
ISO 21007
-
1


Gas Cylinders
-

Identification and Marking Using Radio
Frequency Identifica
tion Technology
-

Part 1: Reference Architecture and Terminology

ISO 21007
-
2


Gas Cylinders
-

Identification and Marking Using Radio Frequency
Identification Technology
-

Part 2: Numbering Schemes for Radio Frequency
ANSI MH10.8.4
-

RFID for Returnable Co
ntainers

AIAG B
-
11
-

Tire & Wheel Identification Standard

ISO 122/104 JWG
-

Supply Chain Applications of RFID
ISO 17363
-

Freight containers

ISO 17364
-

Returnable transport items

ISO 17365
-

Transport units

ISO 17366
-

Product packaging

ISO 17367
-

Produc
t tagging
Standards Organizations

433 MHz
IS O/IEC 1 8000
-
7
EPC Clas s IV
Technology
860
-
960 MHz
IS O/IEC 1 8000
-
6
UHF Gen 2 (Type C)
EPC Clas s I, II, III
Technology
500 tags/minute
How many
500 tags/s econd
How many
256
bytes
Note
How much
256
bits
Note
How much
35 mph
How fas t
1 0 mph
How fas t
1 00 meters
How far
3 meters
How far
Active Technology
Pas s ive Technology
433 MHz
IS O/IEC 1 8000
-
7
EPC Clas s IV
Technology
860
-
960 MHz
IS O/IEC 1 8000
-
6
UHF Gen 2 (Type C)
EPC Clas s I, II, III
Technology
500 tags/minute
How many
500 tags/s econd
How many
256
bytes
Note
How much
256
bits
Note
How much
35 mph
How fas t
1 0 mph
How fas t
1 00 meters
How far
3 meters
How far
Active Technology
Pas s ive Technology

11

RFID Components and Standardization


RFID Scenario(1)


12

RFID Scenario(2)



13

RFID vs Smart Card



One at a time
S imultaneous communication
with multiple tags
Communication
EEPROM: 8K
-
1 28K bit.
64

1 28 bits
S torage
Credit Card s ize
S ize

a grain of rice
S ize
Contact and
C
o
ntactles s
(s hort
dis tance)
No need for contact
or line
-
of
-
s ight
S mart Card
RFID
Need to is s ue command for
res pons e for data reques t
Can s can entire pallets at once
D
ata
retrive
Typical cos ts range from $2.00 to
$1 0.00.
2005: $0.05 per tag; hundreds of
dollars per reader
2008: $0.01 per tag; s everal
dollars per reader (?)
Cos t
Lack of us er mobility
Greater s peed
s peed
One at a time
S imultaneous communication
with multiple tags
Communication
EEPROM: 8K
-
1 28K bit.
64

1 28 bits
S torage
Credit Card s ize
S ize

a grain of rice
S ize
Contact and
C
o
ntactles s
(s hort
dis tance)
No need for contact
or line
-
of
-
s ight
S mart Card
RFID
Need to is s ue command for
res pons e for data reques t
Can s can entire pallets at once
D
ata
retrive
Typical cos ts range from $2.00 to
$1 0.00.
2005: $0.05 per tag; hundreds of
dollars per reader
2008: $0.01 per tag; s everal
dollars per reader (?)
Cos t
Lack of us er mobility
Greater s peed
s peed
Capable of proces s ing, not jus t
s toring information
-
S mart cards can communicate with
computing devices through a s mart
card reader
-
information and applications on a
card can be updated
Little computational power
-
A few thous and gates
-
S tatic keys for read/write permis s ion
-
No real cryptographic functions
available
Proces s ing
Power
Chip microproces s or and Co
-
proces s or s upports DES, 3
-
DES,
RS A or ECC s tandards for
encryption, authentication, and digital
s ignature for non
-
repudiation.
EPC tags, no computing power for
bas ic cryptographic
More expens ive tags can perform
bas ic cryptographic algorithms, s uch
as s ymmetric
-
key encryption and
challenge
-
res pons e identification
protocols
S ecurity
Rewritable
EPC tags, are read
-
only
Als o have
rewritable
tags (containing
EEPROM)
rewrite
multiple applications
-
Jus t one card
can be us ed as your licens e, pas s port,
credit card, ATM card, ID Card, etc.
Multiple data s torage, but no applet.
Application
S mart Card
RFID
Capable of proces s ing, not jus t
s toring information
-
S mart cards can communicate with
computing devices through a s mart
card reader
-
information and applications on a
card can be updated
Little computational power
-
A few thous and gates
-
S tatic keys for read/write permis s ion
-
No real cryptographic functions
available
Proces s ing
Power
Chip microproces s or and Co
-
proces s or s upports DES, 3
-
DES,
RS A or ECC s tandards for
encryption, authentication, and digital
s ignature for non
-
repudiation.
EPC tags, no computing power for
bas ic cryptographic
More expens ive tags can perform
bas ic cryptographic algorithms, s uch
as s ymmetric
-
key encryption and
challenge
-
res pons e identification
protocols
S ecurity
Rewritable
EPC tags, are read
-
only
Als o have
rewritable
tags (containing
EEPROM)
rewrite
multiple applications
-
Jus t one card
can be us ed as your licens e, pas s port,
credit card, ATM card, ID Card, etc.
Multiple data s torage, but no applet.
Application
S mart Card
RFID