Brother
Professional
- Messages
- 2,590
- Reaction score
- 506
- Points
- 83
In fact, the chip on the card is a full-fledged microcomputer, and at times quite complex.
I once wrote about this briefly, when I said that the card even installed its own operating system. And today we'll talk about what devices and capabilities are on the chip of a bank (and not only) card.
Well, no computer can run without a CPU. Therefore, this device comes first. By the way, just in case, I'll explain what this centipede does in general. The very heart of a microprocessor is its Arithmetic Logic Unit (ALU). More precisely, not the heart, but his "thinker". Another organ may be more important than the heart. It is at this point that the processor performs a specific operation on numbers (operands). And what kind of operation is determined by the current command of the program. The processor with this ALU is able to perform a strictly limited set of operations. "Strictly limited" does not mean "small", it means "nothing else beyond what is in this set." And it is precisely this variety (in some cases very large) of commands that ensures the universality of the microprocessor device. Before the invention of the processor, devices could only perform a strictly specified operation (even if it was a very complex one). And with the advent of the processor, it became possible to perform different operations on the same device, and even defined without changing the structure of the device, by writing a program.
So, I apologize for graphomaniac spasms, I will try to avoid them further.
The microchip of a plastic card contains a microprocessor with a capacity of 8, 16, or even 32 bits. That is, as we can see, this is quite a serious thing. Usually these are RISC processors, which have established themselves as devices with more predictable execution times for different instructions (the same "strictly limited set of operations"). This is because each instruction is executed in one processor cycle. The opposite approach, with a larger set of instructions that are executed in a different number of clock cycles, is in the CISC architecture.
The frequencies at which the microprocessors of the cards operate are in the range of 1-33 MHz, but among the record holders the indicators reach 66 MHz with a bit depth of 32 bits. And maybe even higher now.
Incidentally, chip cards are called "microprocessor-based", although this term is not entirely accurate. The fact is that, in fact, a card chip is more likely a microcontroller, or even more so, a SoC (System-On-Chip), a whole system. Whereas a microprocessor is simply the main unit of a microcontroller (or system on a chip). I say this because a very large number of other devices are present in the card's chip. Let's move on to them.
There is also memory on the chip of the card, and there are as many as three types. These are ROM (read-only memory), RAM (random access memory, for reading and writing) and EEPROM (electrically programmable memory, non-volatile; for simplicity - something like a flash drive, but not flash, there is a slightly different technology).
Before talking about the capacity of this memory, we need a little digression. As you know, all elements of the microchip are "deposited" on the surface of the silicon crystal. Moreover, they occupy some area on it. The more complex the device that we form on the crystal, the larger the required area of the crystal (with the same non-damping technology). So, the least amount of space is required by ROM. This is due to its simple device. When writing ("flashing") the ROM, the "jumpers" are actually burned out there with the help of an increased current. There is no way back, that's why it is read-only. But the state of the jumpers does not depend on the power supply or its absence.
About 4 times more space on the chip is taken up by 1 bit of EEPROM memory. Additional space goes into adding memory cell management structures. The contents of this memory are independent of the presence of power.
And the maximum space, 16 times (!) More, is occupied by RAM. This is because a cell of such a memory is implemented using triggers, and these are devices for which you need to use several transistors (plus passive elements), which requires an appropriate place.
So, the ROM size is usually 16-196 Kb, although there are cards with a ROM size of more than 256 Kb. The operating system and system applications are stitched into this memory.
RAM usually holds from 256 bytes to 4 KB. For Java cards, the size usually ranges from 4 to 8 KB, although there are offers up to 16 KB on the market. Small, right? This is where program variables, buffers, and so on are stored. With a power outage, this memory turns into a pumpkin.
EEPROM usually contains from 2 to 72 KB, but cards with sizes up to 1 MB are known. Almost a whole flash drive in the wallet is straight. What is good about this memory - when the power is turned off, it saves everything. Keys, logs, settings, and indeed any files in general are stored here.
There may be a crypto processor on the chip. On the one hand, this is a more "dumb" device that can do much less than a central processor. But he knows how to do it much better! The point is that cryptographic operations are a very resource-intensive task. Especially when it comes to asymmetric cryptography. With the same cryptographic strength, calculations for asymmetric cryptography take two orders of magnitude (100 times!) More time. And this is already quite noticeable. For example, encryption with a public key on a central 8-bit processor of a plastic card can take 10-20 seconds (!), While a normal crypto processor performs this operation in a couple of tens of milliseconds. Taking into account the fact that the total processing time of a transaction should not exceed 3 seconds, the option with a central processor is eliminated. Therefore, for cards without a crypto processor, some types of authentication are simply not available. As a result, the transaction takes place with a much lower level of security (SDA authentication). It seems that why such chips then? And the fact is that the cryptoprocessor significantly increases the cost of the chip, and given that the card business for the bank is mostly unprofitable, cryptoprocessors are no longer found in the cheapest cards, after all, not Visa Electron, but something more serious.
Of the more or less exotic devices, perhaps we also mention the random number generator. The fact is that random numbers are widely used in cryptographic calculations. From generating keys to adding a random number to a signed request. But there is a nuance here. In ordinary computers, there is no special device that would be a source of random numbers. They use a pseudo-random number generator. To form the number, a variety of information is used, mainly the current readings (in micro-ticks) of the real time clock. But the numbers that this generator generates are not completely random, and in such sensitive things as cryptographic calculations, they should not be used. By the way, I remembered that one criminal group had developed a way to beat slot machines, because they used a pseudo-random number generator. There was some kind of complicated algorithm there ... An interesting scheme where a player through a phone (a specially developed application) recorded the reaction time of the program at some point in time, this value was used by the accomplices to calculate the rate ... Actually, the main thing is that of this follows - if there is "pseudo" in chance, then security is sharply reduced. Therefore, there may be a special device on the card that generates a truly random value. what follows from this - if there is a "pseudo" in randomness, then security is sharply reduced. Therefore, there may be a special device on the card that generates a truly random value. what follows from this - if there is a "pseudo" in randomness, then security is sharply reduced. Therefore, there may be a special device on the card that generates a truly random value.
To interact with the outside world, there is also such a thing on the chip - UART, an asynchronous transceiver. It is his paws that are brought out to the contact pads of the card. The card has neither a monitor nor a terminal, but somehow it needs to interact with the outside world. This is what this device does.
Besides him, there may be more on the card .... Ta-dam! ... USB-interface!
If there are not six sites on the card, but eight, then with a high probability the lower two, which are designated as "reserved for future use" in the standard, imply a USB v1.1 connection (up to 12 Mb / s, just in case).
Well, so that all these devices on the chip could interact with each other, there are also all sorts of controllers such as a memory access controller, a bus controller, a clock generator (up to some point, by the way, there was no clock generator on the cards, the clock signal was used, supplied by the terminal) and many other service devices.
As you can see, a rather complicated piece of silicon is in your wallet.
