The main results of the development of Russian smart maps and the prospects for their application in information security systems and tools.
The main results of the development
Russian intellectual
cards and prospects for their
application in information
security systems and tools
Since the conference «Intelligent Cards of Russia-98», positive results have been achieved. The development of the first domestic protected microcontroller crystal for the Russian intelligent card (RIC) has been completed, all the necessary software and hardware tools for developers of RIC-based systems have been created, and work is being systematically carried out to organize the production of such cards in Russia. A decree of the Government of the Russian Federation on measures to regulate the use of intelligent cards in automated systems is being prepared. The next issue is the development of infrastructure and technical means for Russian systems using intelligent cards for various applications, providing for the achievement of high compatibility with the systems and means of the world's largest manufacturers.
Experience in developing the Russian intellectual map (RIC-1) and general regulatory documentation
The need to develop systems using modern information technologies based on microprocessor plastic cards is beyond doubt today. For a number of years, FAPSI specialists have been working with a number of Western manufacturers of microprocessors and cards, such as Gemplus Card International, Siemens AG, Motorola, Giesecke& Devrient, on the possibility of creating a Russian version of smart cards using foreign crystals with domestic cryptographic algorithms. It should be noted that foreign manufacturers of crystals and cards, while publishing a detailed list of consumer characteristics, nevertheless classify special characteristics as confidential information. And although some of them can be provided to a partner under a non-disclosure agreement (for example, some parameters of algorithmic and physical security), a significant part of the special characteristics, as a rule, is not disclosed, making it virtually impossible to justify the reliability of card protection and their certification according to FAPSI requirements.
Thus, the state policy in the field of informatization required the creation and organization of serial production of Russian smart cards, provided with reliable protection and a cryptographic component based on domestic standards. There was a need to create a card that could be used in application systems of various levels, from local to national systems.
Within the framework of a tripartite agreement between the enterprises «Angstrem», NTC «Atlas», the company «Union Card» and with scientific and technical support from FAPSI, the development of a domestic microcontroller and preparation for serial production of a card based on it has been completed. At present, this card is already being used in several pilot areas of the payment system «Union Card».
The created RIC has sufficient technical and special characteristics for most applications. It is built on the basis of the original RISC-architecture processor core, the performance of which allows achieving encryption speeds of up to 5 kilobytes per second when implementing the encryption algorithm GOST 28147-89 in a secure design. The microcontroller contains 2 kilobytes of non-volatile memory (EEPROM), 8 kilobytes of program memory (ROM) and 256 bytes of random access memory (RAM).
Creation of a protected crystal and the information security system of the RIC operating system
The RIC information security system is based on the physical security system of the microcontroller crystal and is supplemented by software and algorithmic security measures implemented as part of the cryptographic module and the operating system.
The RIC operating system implements algorithmic security measures, such as test checks when the card is powered on, cryptographic data protection, integrity control, etc.
The cryptographic component of the operating system, in addition to GOST 28147-89, also includes the DES and TripleDES algorithms. The card has a built-in software and hardware random number generator, which ensures that RIC supports reliable cryptographic protocols for mutual authentication and generates one-time session keys for data encryption for interaction with terminal equipment.
The RIC security system is fully consistent with the “Concept for Ensuring Information Security of a Payment System Based on Intelligent Cards” developed by FAPSI in 1998 (see No. 7 (19) of the journal “Security, Communications and Telecommunications Systems”).
Development of Domestic RIC Production: Problems and Prospects
The large-scale penetration of foreign card technologies into the Russian banking sector leads to an outflow of funds from commercial issuing banks to foreign settlement banks and processing companies. For the normal development of domestic technologies in this area, it is extremely necessary to organize serial production of Russian smart cards for various applications. At present, the Federal Agency has completed preparations for the production of smart plastic cards using a microcontroller developed in Russia at the Atlas Scientific and Technical Center. STC specialists, together with representatives of a number of foreign companies with experience in card production, have developed a technological process for manufacturing RICs, installed a production line, and trained operator and maintenance personnel.
Areas of application of RICs in information security systems and tools
In terms of its functionality and level of protection against unauthorized access to stored information, RIC is generally not inferior to its foreign counterparts. The technical characteristics of the Russian card determine a very wide range of areas of its possible use. Let us briefly consider the prospects for using RIC in systems for solving information security problems.
Integration of the RIC as a carrier of identification information into the means of access control to information system resources in addition to or instead of a password entered from the terminal keyboard will significantly increase the level of resource protection, since, unlike a password, the information stored in the RIC is reliably protected from unauthorized access in the event of accidental or malicious actions of the person using the RIC. At the same time, the RIC hardware and software guarantee the transfer of identification information from the RIC to the terminal (off-line mode) or to the remote server of the system (on-line mode) only in the case of a positive result of their mutual authentication in accordance with the reliable cryptographic protocols supported by the RIC operating system. The use of personal cards for access to resources allows for dynamic control over the user's work and, in the event of his/her absence or interruption in work (i.e. when the card is removed by the user from the receiving device), blocking access.
To implement RIC in existing, developed and prospective means of access control, it is necessary to solve a number of technical issues, develop standard and specific solutions for devices for interfacing equipment and RIC.
The use of microprocessor cards allows, among others, to provide the following significant capabilities:
— mutual reliable authentication (recognition) of the card user and the control device (electronic lock, access terminal or turnstile, etc.);
— encryption of information transmitted between the card and the control device, so that the most confidential part of the data never leaves the card memory in clear text and cannot be intercepted by an intruder;
— absolutely reliable registration by the system security administrator of all entries and exits to the protected area. At the same time, all card user data and the exact time of passage, etc. are recorded in the control logs (files or device memory);
— automatic transmission of «alarm» signals in case of unauthorized attempts to enter the protected areas;
— hidden signaling mode about «passing under a gun», which means that the person with the right of access is acting on the orders of the intruder;
— hidden remote blocking mode (deactivation) of a user card that has been deprived of access rights;
— access control systems based on smart cards make it possible to introduce various access hierarchies to protected objects and territories, allowing selected groups of users to pass only to the zones authorized for them and only at certain intervals of time during a given period (day, week, month, holidays, years, etc.);
— secure storage of passwords and secret keys on the card, which makes the loss of a user card safe for the system as a whole.
Implementation of the above capabilities by using other means of control (not smart cards) requires the presence of significantly more expensive and complex electronic devices and communication lines.
The use of RIC as a key information carrier is associated with the development of network and telecommunication technologies. Currently, data transmission systems tend to switch to the subscriber encryption principle or «point-to-point», in which the encoder and key carriers are directly at the subscriber's disposal. Under these conditions, the circle of people allowed to access key documents is significantly expanded, and the use of unprotected key carriers such as magnetic disks or magnetic stripe cards can lead to the compromise of confidential information due to the loss of such keys or their illegal copying. One solution to the problem is the use of key carriers that are algorithmically and physically protected from unauthorized access.
Research conducted by FAPSI specialists has shown that the security measures developed and integrated into the RIC hardware and software environment, as well as the special properties of the crystal, will ensure reliable protection of key carriers based on RIC.
Electronic documents based on RIC
The use of new pass documents created on the basis of plastic cards with a built-in microcontroller allows the use of modern information and cryptographic technologies that provide a high level of protection against counterfeiting of such passes and additional security functions, in particular, the creation of zones of different levels of access and monitoring of persons in them.
The card is printed with the details of the pass holder, access rights, and his photograph. The card memory also stores the details, access rights, and a digital photograph signed with an electronic digital signature.
Requirements for information security of RICs used as electronic documents are similar to the use of RICs as a means of payment. At the same time, during the development of specific systems using electronic documents, organizational security measures similar to those used in payment systems must be taken.
Promising areas of application of RICs
One of the promising solutions in the field of electronic documents is electronic enterprise passports — special smart cards that allow identifying an organization by the digital code assigned to it. This will significantly simplify the interaction of official representatives of an enterprise or organization with administrative, financial and tax authorities, customs, etc. The electronic enterprise passport contains the address, name, names of managers, bank details and other necessary information. The use of RIC can reduce unnecessary duplication of fiscal information in various agencies and limit access to it by persons who do not have the right to receive this information.
The issues of integrating RIC as identification carriers into means of access control to resources of the most important information systems are a dynamically developing area of applications. In the framework of some experimental design developments since 2000, additional biometric characteristics of the user, in particular fingerprints, are supposed to be used to make a decision on access to computing resources. Samples of these characteristics signed with an electronic digital signature are supposed to be stored in the memory of the user RIC.
Plans and Prospects for Improving RIC
Prospects for the development of RIC are currently largely associated with the progress of processes to improve the technology of microelectronic production at the Angstrem enterprise. In particular, issues of introducing a new technological process with technological standards improved to 0.5 microns are currently being worked out.
A special place in the prospects for the development of RIC is occupied by work on introducing software and hardware into the RIC microcontroller, allowing for the effective implementation of asymmetric cryptographic algorithms, in particular the standard of electronic digital signature GOST R-34.10. The use of such microcontrollers can be one of the technical solutions to the problem of creating personal media for a digital certificate system based on domestic cryptography, will increase the level of security of information exchange over the INTERNET and offer reliable solutions in the field of electronic commerce.
A reasonable combination of symmetric and open cryptography in the development of specific protection systems based on RIC will provide a cryptographically stable and effective in administration security system. First of all, this will improve the special and operational properties of access control systems and payment systems — will allow to significantly shift the center of gravity of electronic payment protection from the physical protection of the security module to its cryptographic protection.
As expected, subject to the implementation of the planned 0.5 micron technology, it will be possible to combine a cryptographic coprocessor for modular arithmetic on a single crystal with the already developed microcontroller for RIC.
Conclusion and findings. Main tasks for 2000
1. The Russian Intellectual Map (RIC), developed with scientific and technical support from FAPSI within the framework of a tripartite agreement between the enterprises Angstrem, Union Card and NTC Atlas, has been prepared for serial production. The necessary software and hardware tools have been created for developers of systems using RIC.
2. The regulatory framework currently available in FAPSI is sufficient for conducting certification according to information security requirements for means, systems and complexes using RIC.
3. On the basis of RIC, key carriers can be created that can be used in cryptographic protection of confidential information. The security measures developed and integrated into RIC, as well as the special properties of RIC, will ensure reliable protection against unauthorized access for such key carriers.
4. On the basis of RIC, carriers can be created that are intended in addition to or instead of a password entered from the keyboard to restrict access to confidential information.
5. FAPSI is ready to carry out work on expert support for the development and certification studies of cryptographic protection tools based on RIC for the purpose of their use in payment systems. Customers of such development should be economically significant structures. The corresponding areas should be supported by the development of security modules for terminal equipment.
6. In order to implement RIC as electronic documents, for example, electronic identity cards, medical records, it is necessary to carry out work to create an open unified identification system based on RIC.
7. A special place in the prospects for the development of RIC for 2000 is occupied by work on the introduction of software and hardware into the RIC microcontroller, allowing for the effective implementation of asymmetric cryptographic algorithms and verification of an electronic digital signature in accordance with the Russian standard. The introduction of a cryptographic coprocessor will allow us to offer reliable solutions for the transfer of information and electronic commerce in Internet networks.