Overview

Like most computer hardware, the price of smart cards is steadily decreasing, while performance and capacity are improving all the time. You can now buy a fully-functional computer, the size of your thumb-nail, for just a euro or two. However, before the BasicCard arrived, the cost of developing software for smart cards was out of all proportion to the cost of the hardware. A typical development project might take six months and cost a quarter of a million euros. This was a major barrier to the widespread use and acceptance of smart cards.

But now you can program your own smart card in an afternoon, with no previous experience required. If you can program in Basic, you can design and implement a custom smart card application. With ZeitControl’s BasicCard, the development cycle of writing code, downloading, and testing takes a few minutes instead of weeks.

The Smart Card Environment

Obviously, programming a smart card is not the same as programming a desktop computer. It has no keyboard or screen, for a start. So how does a smart card receive its input and communicate its output? It talks to the outside world through its bi-directional I/O contact. Communication takes place at 9600 baud or more, according to the T=0 and T=1 protocols defined in ISO/IEC standards 7816-3 and 7816-4. (The latest cards also implement the contactless ISO14443 protocol.) But this is completely invisible to the Basic programmer – all you have to do is define a command in the card, and program it like an ordinary Basic procedure. Then you can call this command from a ZC-Basic program running on the PC. Again, the command is called as if it was an ordinary procedure.

The BasicCard operating system takes care of all the communications for you. It will even encrypt and decrypt the commands and responds if you ask it to. All you have to do is specify a different two-byte ID for each command that you define. (If you are familiar with ISO/IEC 7816-4: Interindustry commands for interchange, you will know these two bytes as CLA and INS, for Class and Instruction.)

Here is a simple example. Suppose you run a discount warehouse, and you are issuing the BasicCard to members to store pre-paid credits. You will want a command that returns the number of credits left in the card. So you might define the command GetCustomerCredits, and give it an ID of &H20 &H01 (&H is the hexadecimal prefix):

Eeprom CustomerCredits ' Declare a permanent Integer variable

Command &H20 &H01 GetCustomerCredits (Credits)

Credits = CustomerCredits

End Command

You can call this command from the PC with the following code:

Const swCommandOK = &H9000

Declare Command &H20 &H01 GetCustomerCredits (Credits)

Status = GetCustomerCredits (Credits)

If Status <> swCommandOK Then GoTo CancelTransaction

The value &H9000 is defined in ISO/IEC 7816-4 as the status code for a successful command. This value is automatically returned to the caller unless the ZC-Basic code specifies otherwise. The return value from a command should always be checked, even if the command itself has no error conditions – for instance, the card may have been removed from the reader.

It’s as simple as that. Of course, there is a lot more going on below the surface, but you don’t have to know about it to write a BasicCard application.

Technical Summary

All BasicCard families (Enhanced, Professional, and MultiApplication) contain:

  • a full implementation of the T=1 block-level communication protocol defined in ISO/IEC 7816-3: Electronic signals and transmission protocols, including chaining, retries, and WTX requests;

  • a command dispatcher built around the structures defined in ISO/IEC 7816-4: Interindustry commands for interchange (CLA INS P1 P2 [Lc IDATA] [Le] );

  • built-in commands for loading EEPROM, enabling encryption, etc.;

  • a Virtual Machine for the execution of ZeitControl’s P-Code;

  • code for the automatic encryption and decryption of commands and responses, using the AES or DES symmetric-key algorithm;

  • a directory-based, PC-like file system;

  • IEEE-compatible floating-point arithmetic.

The functionality of the Enhanced BasicCard family can be further extended using Plug-In Libraries.

Professional BasicCards contain all the above, plus:

  • a Public-Key algorithm (RSA or EC);

  • a full implementation of the T=0 byte-level communication protocol defined in ISO/IEC 7816-3: Electronic signals and transmission protocols;

  • the SHA-1 Secure Hash Algorithm;

  • support for extended Lc/Le, allowing commands and responses up to 2048 bytes long (Series 7 Professional BasicCards only);

  • T=CL Type A contactless protocol, as defined in ISO/IEC 14443: Proximity Cards (Series 7 Professional BasicCards only).

The MultiApplication BasicCard (and most Professional BasicCards) contain all the above, plus cryptographic algorithms EAX (for Authenticated Encryption) and OMAC (for Message Authentication) and the SHA-256 Secure Hash Algorithm.

The following text contains details of all currently available BasicCards versions, and the cryptographic algorithms that they support.

Development Software

The ZeitControl MultiDebugger software support package consists of:

  • ZCPDE, the Professional Development Environment;
  • ZCMDTERM and ZCMDCARD, debuggers for Terminal programs and BasicCard programs;
  • ZCMBASIC, the compiler for the ZC-Basic language;
  • ZCMSIM, for low-level simulation of Terminal and BasicCard programs;
  • BCLOAD, for downloading P-Code to the BasicCard;
  • KEYGEN, a program that generates random keys for use in encryption;
  • BCKEYS, for downloading cryptographic keys to the Compact and Enhanced BasicCards.

Enhanced BasicCard

Version

EEPROM

RAM

Protocol

Encryption

ZC3.14

2K

256 bytes

T=1

DES1

ZC3.34

8K

256 bytes

T=1

DES1

ZC3.44

16K

256 bytes

T=1

DES1

ZC3.54

32K

256 bytes

T=1

DES1

Plug-In Libraries for the Enhanced BasicCard: EC-161, AES, SHA-1

1 DES with 56 or 112 bit key size only, 168 bit key size is not supported in Enhanced BasicCard

Professional BasicCard

Version

PK Algorithm

EEPROM

RAM

Protocol

Encryption

Extras

ZC5.4

EC-167, EC-211

16K

1.8K

T=0, T=1

EAX/OMAC/
AES/ DES

SHA-256

ZC5.5

EC-167, EC-211

32K

1.8K

T=0, T=1

EAX/OMAC/
AES/ DES

SHA-256
ZC5.6 EC-167, EC-211 60.5K 1.8K

T=0, T=1

 EAX/OMAC/
AES/ DES		 SHA-256
ZC7.5 RSA, EC-p 32K 4K

T=0, T=1, T=CL2

 EAX/OMAC/
AES/ DES		 SHA-256
ZC7.6 RSA, EC-p 72K 4K

T=0, T=1, T=CL2

EAX/OMAC/
AES/ DES		SHA-256

2 T=CL is supported in ZC7.5 Combi or RFID subtype only

MultiApplication BasicCard

Version

PK Algorithm

EEPROM

RAM

Protocol

Encryption

Extras

ZC6.5

EC-167, EC-211

31K

1.5K

T=0, T=1

EAX/OMAC/
AES/ DES

SHA-256
ZC8.5 RSA, EC-p 32K 4K

T=0, T=1, T=CL2

 EAX/OMAC/
AES/ DES		 SHA-256
ZC8.6 RSA, EC-p 72K 4K

T=0, T=1, T=CL2

 EAX/OMAC/
AES/ DES		 SHA-256

Public-Key Algorithms

Name Description Key size Reference
RSA Rivest-Shamir-Adleman algorithm up to 4096 bits IEEE P1363: Standard Specifications for Public Key Cryptography
EC-p Elliptic Curve Cryptography over the field
GF(p)		 up to
512 bits
EC-211 Elliptic Curve Cryptography over the field
GF(2211 )		 211 bits
EC-167 Elliptic Curve Cryptography over the field
GF(2167 )		 167 bits
EC-161 Elliptic Curve Cryptography over the field
GF(2168 )		 161 bits

Symmetric-Key Algorithms

Name Description Key size Reference
EAX Encryption with Authentication for Transfer (using AES) 128/192/
256 bits		 EAX: A Conventional Authenticated-Encryption Mode1
M. Bellare, P. Rogaway, D. Wagner
OMAC One-Key CBC-MAC (using AES) 128/192/
256 bits		 OMAC: One-Key CBC MAC1
Tetsu Iwata and Kaoru Kurosawa
Department of Computer and Information Sciences, Ibaraki University
4–12–1 Nakanarusawa, Hitachi,
Ibaraki 316-8511, Japan
AES Advanced Encryption Standard 128/192/
256 bits		 Federal Information Processing Standard FIPS 197
DES Data Encryption Standard 56/112/168 bits ANSI X3.92-1981: Data Encryption Algorithm

1 These documents are available at http://csrc.nist.gov/CryptoToolkit/modes/proposedmodes/

Data Hashing Algorithms

Name Description Reference
SHA-256 Secure Hash Standard Federal Information Processing Standard FIPS 180-1
SHA-1 Secure Hash Algorithm,
revision 1

Communication Protocols

Name Description Reference
T=0 Byte-level transmission protocol ISO/IEC 7816-3: Electronic signals and transmission protocols
T=1 Block-level transmission protocol
T=CL Contactless transmission protocol ISO/IEC 14443-4: Transmission protocol

Download Development Software

mailtoContact: Sales@basiccard.com

This page was last changed on: 2013-04-29
PDF Get the FREE Adobe® Acrobat Reader for PDF-Documents