Smart-Card
Smart-ID Ltd. offers in the field of smart-cards consulting as well as design and development of sophisticated concepts and solutions, potential analysis, training, patent inquiry and technology consulting.
Smart-ID supports the following smart-card applications: loyalty cards, company cards, health card solutions, ID-card solutions, payment solutions, secure ticket, digital signature applications, theft and brand protection, university-cards, e-passport, e-driver license, tourism cards, ……
Operating System
An important targeted business field of Smart-ID is the development of software for independent Smart Card Operating Systems (COS). With an own COS you will be able to grant interoperability in multiple applications over many years, because one major key will be in your hands. Furthermore, developing a COS provides greater flexibility, increases the reputation and competence, offers a strategic significance for a smart card manufacturer or integrator and allows for greater customer retention by using proprietary COS commands.
There are many other good reasons to develop an own COS like:
• Development of an own smart card family which grants interoperability for national programs
• Option to implement specific security standards
• Market protection by implementing proprietary commends for certain application like banking, tourism etc.
• Extended supply chain in IT and smart card projects
• Access to the latest state-of the art technology
The basic features of a Smart-ID based own smart-card operating system could be:
- Completely modular system: all customers can launch their smart card projects fast and efficiently
- ISO 7816 and ISO 14443 compliant
- Protocols T=0, T=1, T=CL
- Support for multi application smart cards
- High performance commands
- Secure Digital Signature application (RSA, DSA, ECDSA)
- DES and 3DES cryptography
- RSA cryptography with 1024 to 2048 bit
- ECC (Elliptic curves) cryptography with 160 to 256 bit
- Tamper resistance and tamper proof features. Resistance against SPA/DPA and DFA attacks
- Secure messaging
- Biometric authentication on chip (on-chip matching)
- Proprietary commands for special applications
Besides alternative hardware platforms, the COS could be implemented on micro¬controllers of NXP, Infineon or Samsung with ISO 7816 contact and/or ISO 14443 contactless interface, 8 Bit CPU, 96 to 200 kByte ROM, 6 to 144 kByte E2Prom, 2.5 to 6kByte RAM and PKI Crypto Engine. The chips feature a guaranteed data-retention time of 10 years and more than 500.000 Write/Erase Cycles. Due to the extensive functionality and the requirement for highest security of government and bank applications on the one hand and low cost require¬ments of public transport applications on the other hand, this comprehen¬sive chip offer includes always the best suitable microcontroller chip.
Cryptography
State-of the art cryptography algorithms are RSA, ECC (Elliptic curves), DSA and ECDSA. Smart cards shall perform the longest possible lifetime. As such, there is no compromise in the length of cryptographic keys.
Overview about Smart-Card Systems
Different to most other operating systems a smart card operating system (COS) has no need for a graphical user interface. Also an access to external memory is not demanded and mainly COS have other needs. The security has to be at the highest level possible. The stability of the running application has to be warranted. But also, access to the data on the smart card has to be protected. Due to lack of memory space, COS have a small size and the program code is also rather brief. Usually the size allocated is between 64 and 128 Kbytes.
A COS is stored in the Read Only Memory (ROM) which implies that neither changes nor updates can be performed after the production (except smaller software parts like software patches during the initialization process can be loaded into the EEPROM). After production debugging is expensive and if the smart card has reached the end-user there is no way around a call-back which implies even more costs. This fact signifies that the main priority is not the programming but the testing of the final program. A native smart card operating system (COS) has to have no errors / bugs. Also, crashes or errors in the EEPROM shouldn’t have any impact on the system. Another very important aspect is the performance because a COS has to be fast. Summarizing, a COS has mainly the tasks: “Data transfer from and to the smart card”, “Command handling”, “Executing and management of cryptographic algorithm” and “Data administration”.
The entire behaviour and interaction of the COS with the outside world is standardised and unified globally by ISO standards, regardless of the market. This standardization applies to many internal mechanisms of the COS, such as the security critical finite state machine, the cryptographic functions, the data structure and file system, the global management and allocation of file and application identifiers, the life cycle management etc. Hence, all smart card applications can be carried out by a native COS, since the only requirements are suitable data structures, cryptographic functions and keys and a complex access permission system in combination with a correctly configured finite state machine.