Transponders with microprocessors will become increasingly common in applications using contactless smart cards in the near future. Instead of the inflexible state machine, the transponder in these cards incorporates a microprocessor.

Industry-standard microprocessors, such as the familiar 8051 or 6805, are used as the microprocessor at the heart of the chip. In addition, some manufacturers offer simple mathematical coprocessors (cryptological unit) on the same chip, which permit the rapid performance of the calculations required for encryption procedures (Figure 10.24).

Contactless smart cards with microprocessors incorporate their own operating system,ashas long been the case in contact-based cards. The tasks of the operating system in a contactless smart card are data transfer from and to the smart card, command sequence control, file management and the execution of cryptographic algorithms (e.g. encryption, authentication).

The programme modules are written in ROM code and are incorporated into the chip at the chip manufacturing stage by an additional exposure mask (mask programming).

The typical command processing sequence within a smart card operating system is as follows: commands sent from the reader to the contactless smart card are received by the smart card via the RF interface. Error recognition and correction mechanisms are performed by the I/O manager irrespective of higher-level procedures. An error-free command received by the secure messaging manager is decrypted or checked for integrity. After decryption the higher-level command interpreter attempts to decode the command. If this is not possible, then the return code manager is called, which generates the appropriate return code and sends it back to the reader via the I/O manager (Figure 10.25).

If a valid command is received, then the actual programme code associated with this application command is executed. If access to the application data in the EEPROM is necessary, this is performed exclusively by the file management system and the memory manager, which convert all symbolic addresses into the corresponding physical addresses of the memory area. The file manager also checks access conditions (authorisation) for the data in question.

Dual Interface Card
The traditional key markets for contact smart cards are payment applications (cash card, electronic purse) and mobile telephones (SIM card for GSM mobile telephone), applications that necessitate a high degree of security in the processing and transmission of data. The resulting necessity of being able to quickly and simply calculate complex cryptographic algorithms led to the development of powerful cryptographic coprocessors on the card chips.

Contactless smart cards, on the other hand, are traditionally used in applications that require a combination of user-friendliness (access control) and short transaction times (ticketing). The trend towards combining payment applications with typical contactless applications (cash card with ticketing function) finally led to the development of the dual interface card, in which both a contact and a contactless interface are available on one chip. A dual interface card can thus be addressed either via the contactless or the contact interface.

The philosophy underlying the dual interface card is that the smart card interface is completely independent of the smart card logic or smart card software. The interface, whether contact or contactless, is completely transparent to the transmitted application data so that, from the point of view of the application software, the interface used is unimportant. The interface is thus exchangeable at will, and interface and logic components can be combined as desired. The greatest advantage of the dual interface card for the user and system operator is the option of being able to draw upon existing infrastructure (generally contact readers) when introducing new applications. Also, from the point of view of the security requirements of a smart card, there is no difference between a contact and a contactless smart card. Due to the transparency of the interface, the replay and fraud of security-related data that has been transmitted is effectively ruled out by the methods defined in ISO/IEC 7816 (e.g. ‘secure messaging’), regardless of the interface used.

The greatest difference between a contactless and a contact smart card is the power available. A contactless smart card in accordance with ISO 14443 has only around 5 mW available for operation at the maximum distance from the reader (Hmin = 1.5A/m) (M¨

uhlberger, 2001). A contact smart card, on the other hand, may have 7.2 mW (GSM 11.13), 50 mW (GSM 11.11) or even up to 300 mW (ISO 7816-3 Class A: 5 V, 60 mA) available, depending upon its specification (Philipp, 2001). This calls for completely new concepts in the development of contactless microprocessor chips. For example, the use of a PMU (power management unit) on the chip, which can automatically separate inactive circuit parts of the chip from the power supply to save energy, is recommended. Furthermore, ultra-low-power and low-voltage technology is used in all dual interface chips so that the available power can be optimally exploited.

An explicit switching between contactless and contact operation on the chip is not necessary. In the simplest case it is sufficient to use the validity of the data received via one of the two interfaces as the evaluation criterion for further operation. Some chips provide the programmer with status flags that allow the currently active operating mode to be interrogated. Moreover, the signals (frequency, voltage) present at the RF interface or the chip contacts are evaluated.

The block diagram in Figure 10.28 shows a very early approach to the dual interface card. This chip was developed jointly by Philips Semiconductors Gratkorn and Siemens HL (now Infineon AG) as early as 1997. Since it was not possible using the semiconductor technologies available at the time to reliably operate a microprocessor with the power available via the contactless interface, an unconventional solution was selected.

At the heart of this chip is an 8 Kbyte EEPROM memory, the Common EEPROM, in which the application data was stored. In a similar manner to a dual port RAM, this common EEPROM can be accessed via two interfaces that are completely separate from each other from the point of view of circuitry. The inactive interface at any time is completely separated from the power supply of the chip, so that the power available in contactless operation is used optimally.

The contactless interface is based upon a state machine, which forms a contactless MIFARE ® memory card. From the point of view of a contactless reader this dual interface card thus behaves like a memory card with a segmented EEPROM memory, in which the arrangement of the individual segments and memory blocks are identical to that of a conventional MIFARE® card (see Section

The contact interface, on the other hand, is based upon a microprocessor with its own smart card operating system. The above-mentioned memory segmentation is once again present when the microprocessor accesses the common EEPROM. The operating system can therefore only read and write the common EEPROM in blocks within the corresponding sectors.

Sector access µC proprietary MIFARE® proprietary common use for µC and MIFARE.

Block diagram of the MIFARE®-plus ‘dual interface card’ chip. In contactless operating mode the common EEPROM is accessed via a MIFARE®-compatible state machine. When operating via the contact interface a microprocessor with its own operating system accesses the same memory (reproduced by permission of SLE 44R42, Infineon AG, Munich)

In addition, the write and read rights for individual memory blocks of the common EEPROM can be configured separately for the contactless and contact interface. These access rights are set and monitored by the Access Configuration Matrix. This also facilitates the realisation of hierarchical security concepts.

Modern Concepts for the Dual Interface Card
Figure 10.29 shows the block diagram of a modern dual interface card. This card is based upon a 8051 microprocessor with a smart card operating system. The contactless interface is formed by a CIU (contactless interface unit), which can be configured by the CPU via register addresses or can also facilitate a status interrogation of the CIU.

A modern CIU automatically performs the transfer of a data block from and to a reader and thereby automatically performs the necessary coding or decoding of the data stream according to the specifications in the standard ISO/I EC14443-2 and ISO/I EC14443-3. Often it also performs the automatic calculation and verification of the transmitted CRCs.

To send a data block, the operating system only needs to store the data block to be sent in the RAM memory of the chip and load the corresponding memory address and block length into the configuration register of the CIU. The CPU is no longer actively involved in the initiated data transfer and can thus be switched into power-down mode (power-saving mode) for the duration of thedatatransfer(M¨uhlberger, 2001). When a data block is received, the data from the CIU is then automatically stored in the chip’s RAM and the CRC of the received block is verified.

Short transaction times represent a particularly important requirement for contactless applications. For ticketing applications a maximum transaction time of 100 ms is a generally accepted value. In order to facilitate the calculation of cryptographic functions within this short time interval, many dual interface chips have cryptographic coprocessors. In banking applications, symmetrical encryption algorithms such as DES (data encryption standard) and triple DES are normally used Encryption and decryption by software is time-consuming and therefore not practical in a contactless application. DES encryption can be calculated several hundreds of times quicker using a coprocessor than is possible with the software solution (M¨uhlberger, 2001). The CPU need only enter the data to be encrypted and the key in the correct register (DDAT and DKEY in Figure 10.31) and start the calculation by means of a control register (DCNTRL).

Asymmetric key algorithms (‘public key’ procedures such as RSA) will become increasingly important in future. Typical applications are electronic signatures (digital signature) or the validity  Block diagram of a DES coprocessor. The CPU key and data can be transferred to the coprocessor by means of its own SFR (special function register) (reproduced by permission of Philips Semiconductors Gratkorn, A-Gratkorn)

testing of electronic documents (certification). Therefore, the first dual interface chips already have coprocessors for asymmetric algorithms (e.g. Fame PKI in Figure 10.29).

Memory Technology
After the state machine or microprocessor, the most important component of a data carrier is the memory that user data is read from or written to. Read-only data is defined at the manufacturing stage by the chip mask (exposure mask) or permanently burnt into the memory by a laser. The use of a laser also makes it possible to programme unique numbers (serial numbers that are issued only once) or consecutive numbers into the data carrier.

If data is to be written to the data carrier, then RAM, EEPROM or FRAM cells are also incorporated into the chip. However, only EEPROM and FRAM cells can store the written data for long periods (typical retention periods are 10 years) without a power supply.

RAM is memory that can be used for the storage of temporary data. When the power supply is removed, the stored data is lost forever. In transponders, RAM is mainly used for the temporary storage of data that exists briefly during operation in the interrogation zone of a reader. In active transponders that have their own battery, RAMs with battery backups are sometimes used for the long-term storage of data.

The main component of the (S)RAM memory cell is a D-flip-flop. Figure 10.32 shows the block diagram for a single memory cell. Each memory cell has the connections DI (data input), WE (write enable) and DO (data out). If data is only to be read from the memory cell, it is sufficient to activate the selected cell with logic 1 levels at the allocated address connections Yi and Xi.