Previous Table of Contents Next


Coprocessors

A typical smart card processor is an 8-bit microprocessor. Such a processor is capable of manipulating only 1 byte of information at a time. This manifests itself in the support of 8-bit integer arithmetic as the primary computational facility of the computer. Handling larger-integer arithmetic or floating-point arithmetic operations requires significant additional programming beyond the basic instruction set of the processor. This presents something of a problem when you need to support public key cryptography on a smart card chip.

Public key cryptography is predicated on the use of integer arithmetic on a scale which severely taxes the capabilities of a typical smart card processor. Performing encryption or decryption operations can be extremely time-consuming, taking several seconds or even minutes. Since these delays are not acceptable given the time it should take to conduct a typical transaction, enhancements to smart card processors are needed. This enhancement has been accomplished by adding to the chip a second processor that is capable of enhanced performance for selected integer arithmetic operations, such as fast integer multiply operations. This greatly speeds up the public key cryptography operations; however, it affects the overall size of the chip (slightly) and the cost of the chip (more significantly).

Security Features

Physical security of information stored in a smart card starts with the combination of computer memory and processor in the same small package. It is difficult, though not impossible, to physically examine the contents of memory cells within the chip. It is also difficult, though not impossible, to intercept the electrical signals passing between the processor and memory or between processor elements during selected computations. To examine or intercept such information requires the use of fairly expensive equipment and unfettered access to the smart card itself, usually without the smart card’s owner being aware of it.

Security features are sometimes enhanced by randomizing the sequence of memory cells accessed by the processor. That is, the address lines for various memory cells don’t proceed in a linear sequence, but rather are varied from one cell to the next through some complex algorithm. The net result is that an external observer is less likely to be able to discern any information about where data is stored or how it is being used by simply watching the sequencing of access to individual memory cells.

As the use of smart cards has grown, the number of attempts to thwart the security features of smart cards has grown. Several techniques to coax information out of a card have been identified. Some of these involve manipulation of the power supplied to a card. Defenses against these techniques have been developed as well. Some chips have additional sensors which monitor characteristics of the power supplied to the chip. This information can be used by programs within the chip and allow it to lock down the card when it detects that it is under attack. In extreme circumstances, the card can destroy sensitive information in such cases in order to prevent it from being extracted by the attacker.


Previous Table of Contents Next