Classic Electronics Smart 4F Dokumentacja

SMART CARDS LABUCL M.Sc. in Information Security 2011Nicolas T. COURTOISRoom 7.06a., Computer Science, University College London,Gower Street, WC1E 6B

Smart Cards Lab COMPGA12 University College LondonSome Application Independent Error MessagesThese or similar codes will be used in bank cards, GSM et

Smart Cards Lab COMPGA12 University College London8 How to Identify a Smart CardHere there is no command. The command is to physically RESET the card(

Smart Cards Lab COMPGA12 University College LondonThis displays the ATR values and decodes them. This works well onlyfor contactless cards, and a few

Smart Cards Lab COMPGA12 University College London0C 12 bytes followRID: A000000306 PC/SC WorkgroupPIX: 03000100000000SS: 03 ISO 14443 A, part 3Name:

Smart Cards Lab COMPGA12 University College LondonIn fact with an RFID reader there is no serial communication betweenthe card and the reader at all.

Smart Cards Lab COMPGA12 University College LondonExample 4: You SIM card ATR (with a USB SIM reader, or with anormal reader such as Omnikey 5321 and

Smart Cards Lab COMPGA12 University College Londonthat powers the passport (if the passport is continuously powered, the ATRstays the same).Your own p

Smart Cards Lab COMPGA12 University College London9 Unique ID for RFID Tags:It is fixed, usually stored in the first block, that is read-only, and can n

Smart Cards Lab COMPGA12 University College Londonbecause though the functionality implemented may seem the same, the se-curity will usually be degrad

Smart Cards Lab COMPGA12 University College London11 Exploring an Electronic PassportWe are going to implement (with high-level standard APDUs) the fir

Smart Cards Lab COMPGA12 University College London2 Structure of the Smart Cards LabStudents may skip some parts or do them in a different order.• Sect

Smart Cards Lab COMPGA12 University College London11.1 Basic Access ControlNow the reader and the passport do a mutual cryptographic authenticationas

Smart Cards Lab COMPGA12 University College LondonHere we will implement only the first step.GET CHALLENGECLA INS P1 P2 Le00 84 00 00 08Where Le is the

Smart Cards Lab COMPGA12 University College London12 High-Level Exploration of RFID Memory Cardson the Example of MiFare ClassicWe will be further exp

Smart Cards Lab COMPGA12 University College LondonQuiz The MiFare Classic card energy comes from:a tiny battery radio transmission magnetic fieldQuiz T

Smart Cards Lab COMPGA12 University College LondonSee mifare.pdf that is distributed with rfidiot library. Depending oninstallation directory it could

Smart Cards Lab COMPGA12 University College London12.6 Which Key to UsePlease enter the key A for block of your card (or leave the defaultvalue):13 Ac

Smart Cards Lab COMPGA12 University College LondonCLA INS P1 Kt Le KeyFF 82 20 00 06Here P2=Kt is the key number, should be 0.The answer should be:13.

Smart Cards Lab COMPGA12 University College LondonAssuming that we know the key for a given Oyster card, how can weknow how much money there is curren

Smart Cards Lab COMPGA12 University College London13.7 Writing One BlockWe use the following command:MIFARE CLASSIC WRITECLA INS P1 P2 Lc DataFF D6 00

Smart Cards Lab COMPGA12 University College Londonand compare to the data written:13.11 Reading ScriptTo read several blocks at once with one key we c

Smart Cards Lab COMPGA12 University College London4 Hardware and Software Setup4.1 PC/SC Interface for Smart Card ReadersPC/SC Interface in WindowsSma

Smart Cards Lab COMPGA12 University College London13.12 Ready Software - EasyKeyA ready Windows program to explore MiFare Classic cards is provided by

Smart Cards Lab COMPGA12 University College LondonIt is a tool which allows to do arbitrary operations on MiFare Classiccards. In particular it allows

Smart Cards Lab COMPGA12 University College London14 GSM SIM Card ExplorationWe mean a classical (2G) SIM card, what we present here also works onmany

Smart Cards Lab COMPGA12 University College LondonGET RESPONSECLA INS P1 P2 LeA0 C0 00 00The answer is the FCI of the DFGSMdirectory.Handling ErrorsAl

Smart Cards Lab COMPGA12 University College LondonHowever if the PIN is correct, the counter for the number of CHV at-tempts will be reset to 3.14.4 C

Smart Cards Lab COMPGA12 University College London14.5 An Embarrassing DiscoveryIf we do the above steps and are able to run RUN GSM ALGORITHM fora SI

Smart Cards Lab COMPGA12 University College London15 Bank Card Magnetic Stripe ExplorationWarning: your bank card belongs to your bank, not to you. It

Smart Cards Lab COMPGA12 University College London15.3 Decoding Service Code - 3 DigitsD1: Interchange and technology.D2: Authorization processing.D3:

Smart Cards Lab COMPGA12 University College London16 Bank Card Chip ExplorationWarning: your bank card belongs to your bank, not to you. It is specific

Smart Cards Lab COMPGA12 University College Londonwhich means FILE NOT FOUND. For example certain cards from Mas-terCard. For these at least, all is n

Smart Cards Lab COMPGA12 University College London4.3 DriversFor Windows:For ACR122, and for Windows XP, drivers are in\Smart Cards Lab docs and free

Smart Cards Lab COMPGA12 University College London16.5 Select The ApplicationTypically a bank card supports several applications. Applications are ide

Smart Cards Lab COMPGA12 University College LondonSELECT FILE by an AIDCLA INS P1 P2 Lc DataIn00 A4 04 00Answer obtained:SW1 SW261If the answer was in

Smart Cards Lab COMPGA12 University College LondonAnswer obtained:SW1 SW261If the answer was indeed of form ’61 Le’, we will be able to recover theans

Smart Cards Lab COMPGA12 University College London16.10 Cardholder VerificationIn EMV many cardholder authentication methods are supported. But bydefau

Smart Cards Lab COMPGA12 University College LondonOne needs also to know how to encode the PIN and the special paddingthat extends it to 8 bytes.The e

Smart Cards Lab COMPGA12 University College London16.11 Further Exploration: chap.pyAdam Laurie wrote an open-source program to explore a bank card. I

Smart Cards Lab COMPGA12 University College London17 How to Become a Smart Card DeveloperAny student vaguely familiar with Microsoft Visual Studio sho

Smart Cards Lab COMPGA12 University College London{ \printf(text ": OK\n\n"); \}void print_hex(const byte*pbtData, const ui32 uiBytes){ui32

Smart Cards Lab COMPGA12 University College LondonbSend[i]=ReadHex(Text[j]);j++;};i++;};};return i;};int PCSCExample(int readernb){SCARDCONTEXT hConte

Smart Cards Lab COMPGA12 University College London// Display the value./*sprintf(CurrReader,"%S", AReader );if(strnicmp(CurrReader,WantReade

Smart Cards Lab COMPGA12 University College Londonhttp://linux.die.net/man/1/opensc-toolProbably requires to install some packages such as openct and

Smart Cards Lab COMPGA12 University College Londonbreak;case SCARD_PROTOCOL_UNDEFINED:default:printf("Active protocol unnegotiated or unknown\n&q

Smart Cards Lab COMPGA12 University College Londoncase SCARD_POWERED:printf("Card has power.\n");break;case SCARD_NEGOTIABLE:printf("Ca

Smart Cards Lab COMPGA12 University College Londonprintf("APDU: ");print_hex_nocr(bSend,dwSend);printf("\n");lReturn = SCardTransm

Smart Cards Lab COMPGA12 University College Londonchar*pcsc_stringify_error(const long pcscError){static char strError[75];switch (pcscError){case SCA

Smart Cards Lab COMPGA12 University College London(void)strncpy(strError, "Internal error.", sizeof(strError));break;case SCARD_F_UNKNOWN_ER

Smart Cards Lab COMPGA12 University College Londonbreak;case SCARD_W_UNRESPONSIVE_CARD:(void)strncpy(strError, "Card is unresponsive.", size

Smart Cards Lab COMPGA12 University College Londondefault:/*(void)snprintf(strError, sizeof(strError)-1, "Unkown error: 0x%08lX",pcscError);

Smart Cards Lab COMPGA12 University College London17.2 More ExamplesMany ready Visual Studio and other development projects examples are pro-vided wit

Smart Cards Lab COMPGA12 University College London18.1 A Simple Timing Attack ProjectFor this we use the following program provided to students on a fl

Smart Cards Lab COMPGA12 University College LondonT ms: 31.210APDU: FF8800006000Resp: (90 00)T ms: 62.759In contrast, if the key is wrong, the second

Smart Cards Lab COMPGA12 University College London5 rfidiot libraryThe rfidiot library is developed by Adam Laurie, a well-known English se-curity resea

Smart Cards Lab COMPGA12 University College London1. Install Python Imaging http://www.pythonware.com/products/pil/2. Install pyscard, http://pyscard.

Smart Cards Lab COMPGA12 University College London5.0.5 Installation DirectoryFiles from the rfidiot installation can be for example copied toC:\Progra

Smart Cards Lab COMPGA12 University College London7 APDUsSmart Card commands are called APDUs (Application Protocol Data Unit).They are strings of byt