发表新帖
发表新帖

How to get a unique smart card ID?

后端 未结
关注
2 1263
遥遥无期
遥遥无期 2021-01-06 18:29

I\'m searching for a way to find a unique number for every smart card I work with. I have heard there are IC Fabrication date, IC Serial Number and IC Batch Identifier that

相关标签:
2条回答
  • 攒了一身酷
    2021-01-06 19:12

    Surely every hardware supplier integrates information like the mentioned into the chip. This unfortunately leaves the following problems:

    • The information may or may not be made available by the operating system
    • There is little in common between several hardware suppliers beneath the one byte manufacturer ID, which is maintained globally (see e.g. chip manufacturer byte); so x and y coordinates on the wafer may be on different offsets depending on manufacturer and the length of this block may even vary depending on the chip. In any case the hardware reference manual is required.

    Summary: If you need an unique information, the specification must have stated this at the very beginning, most likely via a specified instruction to retrieve it. In a multi-supplier environment everything else is likely to fail. The only remaining choice is, to add a sort of ID as user data under your own management.

    Appended by Abraham:

    As the question is tagged with javacard, we conclude that your card is a GlobalPlatform compatible card.

    1: For GP cards, the SD (Security Domain: A mandatory applet that is installed on the card by default) is responsible for returning card specific data including IC Fabrication date, IC Serial Number and IC Batch Identifier, etc. As long as you didn't use a secure channel between the card and the off-card entity, you can't trust the SD response. But why? Because any malicious user can write a simple applet with AID equal to your card SD's AID that returns his/her arbitrary data to your command and install it on a smart card and make it default selected. In this case when he/she put the card on your readers, his applet answers to your off-card application command and you can't detect fake cards.

    2: As dear guidot mentioned above, different card may or may not support equal commands to return these card specific data.

    So, I suggest you to add a pair of setSerialNumber() and getSerialNumber() methods to your applet and implement a secure channel between your offcard and your applet to be sure about uniqueness of your cards.

    0 讨论(0)
  • 甜味超标
    2021-01-06 19:17

    For most usecases the PC/SC UID should be sufficient. This is a 4 to 7 byte identifier that is read anyway when building the contactless communication with the card. Although some cards may be configured to return random UIDs, however this is not a problem if you have the cards for your project under control

    0 讨论(0)
 看不清?
提交回复
热议问题