Security Principles

There are several reasons one requires security in a smart card system. The principles being enforced are:

• Privacy

• Non-repudiation

• Authentication

• Integrity

• Verification

Smart cards use different encryption algorithms to implement these principles.

In the following sections, we will describe the mechanisms use in smart cards to enforce these principles.

2.3.1 Privacy

Privacy is the act of ensuring the nondisclosure of information between two parties from casual third-party intrusion. There are two cryptographic techniques used to assure privacy — symmetrical cryptography and

asymmetrical cryptography — and each cryptographic technique has different application areas in smart cards.

2.3.2 Symmetrical Cryptography

Symmetrical cryptography uses a single key to encrypt plain text into enciphered text and decrypt enciphered text back into plain text. Symmetrical cryptography is termed symmetrical because the same key is used to encrypt and decrypt the message. Figure 2 on page 16 shows the process. The most popular

symmetrical algorithm is Data Encryption Standard (DES) because it is fast, reasonably secure and simple to implement in hardware. DES is a

block-encryption algorithm developed by IBM and standardized in 1977 by the American National Standards Institute (ANSI) as Federal Information Processing Standard (FIPS) 46-2, otherwise known as the Data Encryption Algorithm (DEA).

The reader is encouraged to go to the ANSI Web site at http://www.ansi.org/ for more information about ANSI and the FIPS standards.

Figure 2. Symmetric Encryption using Single DES

DES can use different key lengths. The longer the key, the more difficult is to break it. A 40 bits key can be broken with a few CPU hours, while a 56 bits key would take considerably longer. These brute force attacks are benefiting from the dramatic increase of the processing power of the CPUs, so this

″considerable longer time″ that we mentioned is a relative term.

The key length makes an encryption weak or strong. There are some legal issues with the use of strong encryption; see Chapter 14, “Export and Import” on page 163 for details.

Data is encrypted in blocks of 8 bytes and results in cipher text of the same size.

This is a ″noiseless″ algorithm because the enciphered text size and encryption time is constant and independent of size of the supplied plain text. A noiseless encryption algorithm is more difficult to attack because it is not possible to deduce the encryption mechanics based upon the time differences between encrypting large quantities of plain text input and small quantities.

DES can be implemented on smart card software, as it is a relatively fast algorithm. The time it takes to encrypt one 8-byte block of plain text is in the order of 10 milliseconds. As a comparison, the same text could be encrypted in about 60 nanoseconds with specialized DES hardware. The majority of data on a smart card is stored in EEPROM in clear-text form. However, certain confidential data is stored on the smart card in encrypted form. DES is used to generate that encrypted data.

Figure 3. Symmetric Encryption using Triple DES

In cases requiring greater security, for example in the transmission of encryption keys, Triple-DES is used. Figure 3 shows the process. Plain text data in blocks of 8 bytes is enciphered three times using a 16-byte key (which, after accounting for the 16 parity bits, results in an effective key length of 112 bits).

Needless to say, this is strong encryption.

At the present time, nearly all smart cards perform DES encryption in software.

All IBM′s MFC cards have DES cryptographic algorithms implemented in software in the card operating system.

The disadvantage of symmetrical encryption is that both partners need to know the key. The transfer of the key from one partner to the other can compromise the security that otherwise the encryption provides. Writing a DES key at card personalization time is the typical method of safely transfering keys to

cardholders. If this is not possible, asymmetrical cryptography must be used, which is described below.

2.3.3 Asymmetrical Cryptography

In 1976, the idea of splitting the encryption/decryption key instead of sharing a common key was first proposed in an article by W. Diffie and M.E. Hellman entitled ″New Directions in Cryptography.″ This idea has since become known as asymmetrical cryptography. Asymmetrical cryptography uses two keys: one to encrypt the plain text and another to decrypt the enciphered text. The keys are mathematically related. Only messages encrypted with one key can be decrypted with the other key. The best-known asymmetrical cryptographic algorithm is RSA (named after its inventors Rivest, Shamir, and Adleman). The algorithm is defined in the PKCS-1 specification published by RSA Ltd. (see http://ftp.rsa.com/pub/pkcs/doc/).

Figure 4. Asymmetric Encryption

Let′s give an example of Bob sending an encrypted message to Alice using RSA.

Figure 4 shows the encrypting process. The two RSA keys are called the private key and public key. Alice would distribute her RSA public key and keep her RSA private key private. To start the process, Bob would first obtain Alice′s public key. Bob would encrypt the plain text using Alice′s public key and send the enciphered text to Alice. Alice would use her private key to decrypt the enciphered text. Because of the relationship between the public and private keys, Bob can be assured that only Alice can decrypt the message. It is not necessary for Bob or Alice to share any secret between themselves and thus there is no risk of inadvertently disclosing such a secret to a third person.

Asymmetrical cryptography is used in smart cards but rarely to perform general data encryption. Symmetrical cryptography such as DES is used for that

purpose. Instead, asymmetrical cryptography is used in smart cards for authentication purposes such as digital signatures. The private key of the key pair of a digital certificate is normally stored on the smart card for example.

This is because it can be safely protected by the card operating system and not disclosed outside the smart card.

As in the case of symmetrical encryption, the keys can have different lengths.

The three most common values are 512, 768 and 1024 bits. The last two values are considered strong encryption.

The disadvantage of the RSA algorithm is that it is slow, much slower than the DES algorithm. Due to the limited speed of the smart card CPU, it is not practical to implement the key generation algorithm in software. There are special smart cards that have crypto-processors for that purpose. The MFCs 4.0 and 4.21 are examples of such cards.

The symmetrical and asymmetrical encryptions usually complement each other.

The asymmetrical encryption is often used to send the DES key safely from one partner to the other. Once both partners know the DES key, the data is

transmitted symmetrically encrypted, which significantly improves the performance.