CardOS V5.5 Dual Interface

CardOS V5.5

CardOS (DI) V5.5 is a multifunctional native smart card operating system that can be extended with customized packages to modify or enhance its functionality. Additionally, its authentication framework offers a flexible option for implementing authentication protocols using configuration data.

With NFC support, CardOS DI V5.5 is well-suited for logical access with mobile devices. It also includes MIFARE Classic emulation of a 4K MIFARE chip, enabling compatibility with legacy physical access solutions.

CardOS (DI) V5.5 provides strong security with state-of-the-art cryptographic algorithms, including AES, SHA-2, and elliptic curves. All operating system functions are available via both contact-based and optional contactless interfaces, ensuring high usability and convenience.

Eviden CardOS API middleware is available separately, providing seamless integration with standard applications on Windows, Linux, and macOS.

CardOS V5.5 Datasheet

Categories: , Tags: ,

Description

Basic Features

    • Contact-based interface according to ISO/IEC 7816,
    • Contactless interfaces in accordance with ISO/IEC 14443 Type A (default) or B,
    • ISO/IEC 7816 compatible commands,
    • Compatibility with major international standards, ensuring long-term security for integration in standardized environments (readers, applications, etc.),
    • Expandability of the operating system with the addition of software packages,
    • Integrity protection of all active software packages to prevent the use of corrupt software,
    • “Command chaining” in accordance with ISO/IEC 7816-4,
    • A dynamic, flexible file system based on ISO/IEC 7816-4 with the following characteristics:

      – Number of files and folders with any depth of nesting, limited only by the chip’s storage capacity,
      – Support for Short File IDs,
      – Dynamic memory management for optimal EEPROM utilization,
      – Protection mechanisms against EEPROM defects, power failure, and card tearing,
      – Flexible memory management for RAM and EEPROM,

    • Support for CV (card verifiable) certificates:

      – Extraction and use of the public key directly from the certificate,
      – Verification of certificates and certificate chains.

Cryptographic Functions

    • Symmetric Algorithms:

      – Triple DES (CBC) with ISO padding,
      – Triple DES MAC (also called Retail MAC) with ISO or ANSI padding,
      – AES (CBC) with key lengths of 128, 192, and 256 bit,
      – AES CMAC with ISO padding.

    • Asymmetric Algorithms:

      – RSA based on CRT with and without a specified public exponent, with key length up to 4096 bit,
      – PKCS#1-BT1 or PKCS#1-BT2 padding,
      – PSS and OAEP padding according to PKCS#1 V2.1,
      – Elliptic Curve Cryptography based on GF(p) with key length up to 521 bit.

    • Calculation of cryptographic hash values with SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512,
    • Creation and verification of digital signatures with RSA and ECDSA,
    • Internal and external key generation for RSA and EC keys,
    • Secured key import with Secure Messaging,
    • EC Key Agreement of ElGamal Type (ECKA-EG) and support of EC Key Agreement with Diffie-Hellman (ECKA-DH),
    • Flexible derivation of session keys,
    • True random number generator with AIS31 class DRG.4 or PTG.3.

Communication Protocols
CardOS (DI) V5.5 supports transmission protocols according to ISO/IEC, including:

    • T=1 (ISO/IEC 7816-3) and T=CL (ISO/IEC 14443-4 protocol Type A or B),
    • Support for extended length APDUs according to ISO/IEC 7816-4,
    • Up to four logical channels,
    • Support for protocol parameter selection (PPS),
    • Support for WTX (Waiting Time eXtension),
    • Fast, selectable card communication:

      – Contact-based with up to 446 kbaud as per ISO/IEC 7816-3,
      – Contactless with up to 848 kbaud.

    • Pseudo-Unique PICC Identifier (PUPI),
    • Card Identifier (CID) Handling,
    • NFC Tag Type 4.

Hardware Platform
CardOS (DI) V5.5 is based on the innovative digital security technology ‘Integrity Guard’ from Infineon and is implemented on the SLE78 security controller platform using SOLID FLASHTM*. SOLID FLASHTM products offer significant value add like increased logistic flexibility and faster time to market.

CardOS (DI) V5.5 is available on the chip SLE78CLFX408APHM and provides about 112 kByte user memory.

CardOS (DI) V5.5 is available in wafer form, as COM10.6 module with Coil on Module technology (DI) or as a smart card in ID-1 format. CardOS V5.5 as a pure contact-based product is available in wafer form, as M4.8 module or as a smart card in ID-1, ID-000, or Micro-SIM format.

Initialization and Personalization
The personalization and initialization procedures facilitate cost-efficient mass production of the CardOS (DI) V5.5 cards as well as high performance, highly secure modification of existing applications and the addition of new applications in the field.

    • Support of independent personalization for individual applications,
    • Integrated security concept for initialization and personalization.

ICAO and eID Support
CardOS (DI) V5.5 provides support of ePassport and eID features according to ICAO Doc 9303 and BSI TR-03110:

    • Basic Access Control (BAC),
    • Extended Access Control (EACv1): Chip Authentication (CA) with ECDH, Terminal Authentication (TA) with RSA and ECDSA,
    • Password Authenticated Connection Establishment (PACEv2) with DH and ECDH,
    • Active Authentication with RSA and ECDSA,
    • Restricted Identification (RI) with ECDH.

You may also like…