Giesecke and Devrient BT31 USB Electronic Key User Manual 3 1 external

Giesecke & Devrient GmbH USB Electronic Key 3 1 external

Users Manual

StarSign® Bio Token 3.1USB TokenReference ManualEdition 07.2007
ID No. 30023685© Copyright 2007 byGiesecke & Devrient GmbHPrinzregentenstr. 159Postfach 80 07 29D-81607 MünchenThis document as well as the information or material contained is copyrighted. Any use not explicitly per-mitted by copyright law requires prior consent of Giesecke & Devrient GmbH. This applies to any repro-duction, revision, translation, storage on microfilm as well as its import and processing in electronical systems, in particular.Subject to technical changes.StarSign® Bio Token is a registered trademark of Giesecke & Devrient GmbH.
© Copyright 2007 by Giesecke & Devrient GmbH - Germany – Prinzregentenstr. 159, P.O. Box 80 07 29, D-81607 München © 2007 Giesecke & Devrient GmbH. All rights reserved The names of the other products mentioned are trademarks of their respective owners. This hardware key is in compliance with the following test specification: CEI EN 61000-4-2; CEI EN 61000-4-3; CISPR22 as required by: CEI EN 61000-6-1, CEI EN 61000-6-2, CEI EN 61000-6-3, CEI EN 61000-6-4 which are specified for the following test: • “ESD Immunity test” • “Radiated radio-frequency and electromagnetic field immunity test” • “Radiated Emission Verification” In compliance with the “Essential Requisites” for the EMC Directives 89/336/EEC & 2004/108/EEC. FCC ID: TIJ-BT31 Giesecke & Devrient GmbH StarSign® Bio Token 3.1 Supply: 5V DC Absorption: 250 mA This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. NOTE: This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures: - Reorient or relocate the receiving antenna. - Increase the separation between the equipment and receiver. - Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. - Consult the dealer or an experienced radio/TV technician for help. Caution: changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment. IMPORTANT REMARKS Due to the limited space o n the product shell, all FCC certification references are on this technical manual Changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment.
ContentsReference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685ContentsAbout StarSign Bio Token 3.1 .............................................................................................. 1About the Document ........................................................................................................... 21Basics 31.1 General Introduction to Biometrics............................................................................. 41.2 Biometrics, Smart Cards and Tokens .......................................................................... 51.3 LED Status ................................................................................................................. 62 Commands 92.1 ENROLL FINGERPRINT............................................................................................... 102.2 VERIFY FINGERPRINT ................................................................................................ 122.3 VERSION INFO.......................................................................................................... 14Appendix 15A Overview of Status Bytes.......................................................................................... 16B Technical Specifications............................................................................................ 18C Reference Literature................................................................................................. 19D Glossary................................................................................................................... 20Index ............................................................................................................................... 23
ContentsReference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685
About StarSign Bio Token 3.1Reference Manual StarSign Bio Token 3.1/Edition 07.2007 1 of 23ID No. 30023685About StarSign Bio Token 3.1Characteristics StarSign Bio Token 3.1 is a USB-PKI token based on the STARCOS 3.0 op-erating system. The token comprises a fingerprint sensor and on-token fingerprint verification functionality. The biometric data never leaves the token.StarSign Bio Token 3.1 is supported by StarSign middleware and can therefore be used for all public key applications supporting MS CAPI (CSP) or PKCS#11.Fingerprint verification can be used instead of – or in addition to – PIN verification, granting a higher user convenience and a real tie between user and token. This is particularly of interest in applications that require non-repudiation.Features StarSign Bio Token 3.1 features:– Based on STARCOS 3.0 operating system– On-token sensor, image processing and biometric verification (on-card matching)– Supported by StarSign middleware; use with all public key applica-tions supporting MS CAPI (CSP) or PKCS#11– Security system according to 7816-4; secure writing and messaging– Cryptographic authentication and key management– Encryption– Symmetric encryption: DES, 3DES– Asymmetric encryption: RSA-CRT with up to 2048 bits– Support of up to 4 logical channels– Biometric enrollment and verification functionality– G&D match-on-card– LED status indicationRelated Standards StarSign Bio Token 3.1 adheres to the following standards:– ISO/IEC 7816-3– ISO/IEC 7816-4– ISO/IEC 7816-11– ISO/IEC 19794-2 More information on the relevant standards may be found in the appen-dix (see ’C Reference Literature’ on page 19).
About the Document2 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685About the DocumentTarget Group This manual addresses developers and specialists of smart card applica-tions.Required Knowledge In order to use StarSign Bio Token 3.1, you should be familiar with:– Smart card hardware/software– Related ISO/IEC standards– Experience in biometric user authentication and cryptographic serv-icesThis document assumes that you have a basic understanding of Micro-soft Windows terminology and actions. Should you feel that this is not the case, it is suggested that you refer to your Windows manuals first.Notation In order to facilitate access to required information and to provide quick orientation, the following graphical aids and notations have been used: Notes comprise hints and recommendations useful when working with StarSign Bio Token 3.1. Please read warnings carefully - they are specified to prevent se-vere malfunctions and loss of data!The header page of each chapter features an overview of the topics cov-ered in the chapter. All technical terms and abbreviations used are ex-plained in a glossary at the end of the manual.This convention IndicatesItalic Operating system command or mode
BasicsReference Manual StarSign Bio Token 3.1/Edition 07.2007 3 of 23ID No. 300236851BasicsThis chapter provides you with background information on StarSign Bio Token 3.1.Contents 1.1 General Introduction to Biometrics ............................................ 41.2 Biometrics, Smart Cards and Tokens.......................................... 51.3 LED Status................................................................................. 6
BasicsGeneral Introduction to Biometrics4 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 300236851.1 General Introduction to BiometricsScope Biometrics is the science of measuring physical or behavioral characteris-tics unique to an individual such as face, voice or fingerprint to verify a person's identity. Biometric characteristics can be described as some-thing we are. Biometrics and other Types of User AuthenticationUnlike user authentication based on something the user knows, such as a PIN or password, or something he or she has, e.g. a smart card or other token, biometric systems work by relying on a biometric characteristic - something that is both unique and inseparably tied to the person. While PINs, passwords and keys can be forgotten, lost, lent or stolen, biomet-rics cannot. The user himself becomes the means of identification, the bi-ological password.Biometric user authentication can elevate overall system security and en-hance ease of use, as users no longer have to remember PINs and pass-words.Enrollment and VerificationBefore biometric authentication can be used to verify the identity of a user, a biometric enrollment has to be performed beforehand. This means that the characteristic data of the biometric trait has to be cap-tured and saved as a reference in a separate process in advance to verifi-cation. During verification, the characteristic data of the biometric trait is captured again and compared to the previously stored reference data. If both data sets coincide to a sufficient level, access is granted.Biometric Error Rates In contrast to a PIN or password comparison, two different photos or characteristic data sets captured of the same biometric trait will always differ a bit due to positioning, background lighting, etc. Thus, biometric comparison returns a figure which represents a level of coincidence, i.e. the probability that two presented data sets belong to the same person. Depending on a threshold value, access is granted or denied. As a con-sequence, a slight possibility remains that an unauthorized user be granted access to a protected system or that a legitimate user will be de-nied access. The threshold value responsible for the error rates can be set by the system administrator. These error rates are characteristic for all bi-ometric systems and are called false acceptance rates (FAR) and false re-jection rates (FRR).Fingerprint VerificationFingerprint verification is not only the most prominent but also one of the most secure and well-understood biometric measures. Software con-verts the image of a fingerprint into digital form and extracts a set of characteristics, i.e. a template, unique to the user's fingerprint. The char-acteristic information from one fingerprint contains up to 60 key points. Crucial key points where finger-ridges end or split up are local features called minutiae. They provide unique, identifiable information.
BasicsBiometrics, Smart Cards and TokensReference Manual StarSign Bio Token 3.1/Edition 07.2007 5 of 23ID No. 300236851.2 Biometrics, Smart Cards and TokensOn-Card Matching In on-card matching biometric templates, i.e. data sets, are compared with a previously stored biometric reference template in the smart card processor itself. This happens in full analogy to the PIN verification where the entered PIN is sent to the smart card processor and compared on-card with a previously stored PIN. The advantage of this method is that the reference template is stored exclusively in the secure smart card proc-essor environment, reliably protecting sensitive personal data against un-authorized access.Access Rules An individual access rule is assigned to each elementary file on the smart card processor. As a consequence, elementary files can be accessed (read/write/update) by cryptographic authentication, PIN verification, bi-ometric authentication or a combination of all three.Applications The paramount application for biometrics in combination with cards and tokens is the use in public key infrastructures, where biometric user au-thentication can be used to enable the cryptographic functions or serv-ices offered by the smart card processor. Thus, for example, StarSign Bio Token can be used as a secure signature creating device, that can be le-gally tied to the token holder with on-card fingerprint verification.
BasicsLED Status6 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 300236851.3 LED StatusLED Arrangement StarSign Bio Token 3.1 has two bicolor LEDs at the base of the USB plug to signalize its current status and operation to the user:– Left LEDIlluminates in either green or yellow– Right LEDIlluminates in either red or yellowFig. 1 StarSign Bio Token
BasicsLED StatusReference Manual StarSign Bio Token 3.1/Edition 07.2007 7 of 23ID No. 30023685LED Status/Mode The LED states listed in the table signalize the current status and opera-tion to the user:Fig. 2 LED status/modeStatus/Mode LED indication DescriptionIdle Green and red LEDs flash Waiting for commandPlace finger Left yellow LED blinks Wait for fingerBusy Red LED blinks quickly StarSign Bio Token is busySuccess Green LED illuminated Enrollment/verification suc-cessfulReject Red LED illuminated Enrollment/verification failedBoot Green and red LED illumi-natedBooting deviceTEST mode Both yellow LEDs flash Allow diagnostic com-mandsADMIN mode Left yellow LED flashes, red LED illuminatedAllows parameter configu-ration and firmware updateFirmware up-dateBoth yellow LEDs illumi-natedSignal firmware update sta-tus
BasicsLED Status8 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685
CommandsReference Manual StarSign Bio Token 3.1/Edition 07.2007 9 of 23ID No. 300236852CommandsThis chapter describes StarSign Bio Token 3.1 commands listed in alpha-betical order.Contents 2.1 ENROLL FINGERPRINT.............................................................. 102.2 VERIFY FINGERPRINT ............................................................... 122.3 VERSION INFO......................................................................... 14
CommandsENROLL FINGERPRINT10 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 300236852.1 ENROLL FINGERPRINTScope ENROLL FINGERPRINT is used to collect a reference data set from the user and store it on the smart card processor. This command can only be carried out after a file for the reference data has been created on the smart card operating system. For details see STARCOS 3.0 reference manual edition 06/2005 or later.In addition, a template file must be selected before carrying out this command.The command performs the following:– Scans an image– Generates a template– Transmits the template to the smart card processor, where it is stored via the UPDATE BINARY command In order to enhance the quality of the reference template, two or more templates can be merged to one large template. CommandP2 Specifies the merge parameter. Several templates can be merged into one large template before sending the master template to the smart card processor.’00’Final enroll command ’01’Non-final enroll command Non-final enroll commands grab images, but extracted characteristic fea-tures are stored in the internal RAM of StarSign Bio Token 3.1 and not on the smart card processor. The final enroll command grabs a final image, extracts features, assem-bles or merges these features with the features in the internal RAM of StarSign Bio Token 3.1 and finally stores them on the smart card proces-sor.ResponseCLA INS P1 P2’A0’ '10' ’00’SW1 SW2'90' '00'
CommandsENROLL FINGERPRINTReference Manual StarSign Bio Token 3.1/Edition 07.2007 11 of 23ID No. 30023685Status Bytes This command may return one of the following status bytes.Code Description'65 81' Memory failure'69 82' Security status not satisfied'69 86' Command not allowed (no current EF)'6A 84' Not enough memory space'90 00' Successful operation'A7 00' General ARM7 error'A7 01' Unknown instruction'A7 02' Length error'A7 11' Timeout error'A7 12' Sweep too slow'A7 13' Sweep too fast'A7 14' Sweep not straight'A7 15' Sweep too short'A7 16' Too many defect lines on sensor'A7 17' Image quality too bad'A7 18' Too few features'A7 19' Merge failed'A7 1A' Try again error'A7 1B' Resync error'A7 1C' Maximum number of merges exceeded'A7 1D' Sweep not smooth'A7 81' Invalid parameter
CommandsVERIFY FINGERPRINT12 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 300236852.2 VERIFY FINGERPRINTScope VERIFY FINGERPRINT is used to verify a user’s fingerprint. It initiates fin-gerprint image acquisition, processing and feature extraction. The features are sent to the smart card processor for on-card verification and the outcome is reported in the response APDU to the host.The command performs the following:– Scans an image– Generates a template and transmits it to the smart card processor, where it is compared with the reference template via the VERIFY command (see ’2.1 ENROLL FINGERPRINT’ on page 10). Biometric threshold, retry counter and access rules have to be configured in the file system of STARCOS. For details see STARCOS 3.0 reference manual edition 06/2005 or later.CommandP2 Specifies the Key Identifier (KID) used to reference the biometric data stored in the smart card processor during the enrollment phase (see ’2.1 ENROLL FINGERPRINT’ on page 10). ResponseStatus Bytes This command may return one of the following status bytes.CLA INS P1 P2’A0’ '20' ’00’SW1 SW2’90’ ’00’Code Description'63 Cx' Verification failed (x represents the number of remaining retries)'64 00' File or data missing; enrollment file corrupt'69 82' Security status not satisfied'69 83' Authentication method blocked'69 85' Conditions of use not satisfied'6A 82' File not found'6A 88' Referenced data not found'90 00' Successful operation'A7 00' General ARM7 error'A7 01' Unknown instruction
CommandsVERIFY FINGERPRINTReference Manual StarSign Bio Token 3.1/Edition 07.2007 13 of 23ID No. 30023685'A7 02' Length error'A7 11' Timeout error'A7 12' Sweep too slow'A7 13' Sweep too fast'A7 14' Sweep not straight'A7 15' Sweep too short'A7 16' Too many defect lines on sensor'A7 17' Image quality too bad'A7 18' Too few features'A7 19' Merge failed'A7 1A' Try again error'A7 1B' Resync error'A7 1D' Sweep not smooth'A7 20' General verify fingerprint error'A7 81' Invalid parameterCode Description
CommandsVERSION INFO14 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 300236852.3 VERSION INFOScope VERSION INFO is used to request public information on StarSign Bio To-ken 3.1 from the host. Parameter P2 of the command APDU specifies the item tag of the version information to be retrieved. The response data returns the requested ver-sion information.CommandP2 Specifies the item tag of the version information’01’StarSign Bio Token 3.1 firmware version, build date and time’02’Key info: CRC of currently valid authentication keyLeSpecifies the expected length: ’00’ ≤ length ≤ ’80’’00’Returns the maximum available dataResponseStatus Bytes This command may return one of the following status bytes.CLA INS P1 P2 Le’A0’ '8A' ’00’DATA SW1 SW2Response string’90’ ’00’Code Description'90 00' Successful operation'A7 00' General ARM7 error'A7 01' Unknown instruction'A7 02' Length error'A7 81' Invalid parameter'A7 8A' General version info error
AppendixReference Manual StarSign Bio Token 3.1/Edition 07.2007 15 of 23ID No. 30023685AppendixThe appendix contains additional information on StarSign Bio Token 3.1.Contents A Overview of Status Bytes ......................................................... 16B Technical Specifications........................................................... 18C Reference Literature ................................................................ 19D Glossary .................................................................................. 20Index ............................................................................................... 23
AppendixOverview of Status Bytes16 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685A Overview of Status BytesReturn Codes For error codes not defined in the following see the STARCOS 3.0 refer-ence manual.The following error codes are defined.Status BytesError code Description’63 Cx’ Counter provided by ’X’ (valued from 0 to 15); ex-act meaning depending on the command’64 00’ State of non-volatile memory unchanged (SW2 = ’00’, other values are RFU)’65 81’ Memory failure’69 82’ Security status not satis-fied’69 85’ Conditions of use not sat-isfied’69 86’ Command not allowed (no current EF)’6A 84’ Not enough memory space in the file’A7 00’ SW_ARM7 General error’A7 01’ SW_UNKNOWN_INSTRUCTION Unknown instruction’A7 02’ SW_LENGTH_ERROR Length error’A7 11’ SW_TIMEOUT Timeout error’A7 12’ SW_SWEEP_TOO_SLOW Sweep too slow’A7 13’ SW_SWEEP_TOO_FAST Sweep too fast’A7 14’ SW_SWEEP_NOT_STRAIGHT Sweep not straight’A7 15’ SW_SWEEP_TOO_SHORT Sweep too short’A7 16’ SW_SENSOR_DEFECT Too many defect lines on sensor’A7 17’ SW_IMG_QUALITY_TOO_BAD Image quality too bad’A7 18’ SW_TOO_FEW_FEATURES Too few features’A7 19’ SW_MERGE_FAILED Merge failed’A7 1A’ SW_TRY_AGAIN Try again error
AppendixOverview of Status BytesReference Manual StarSign Bio Token 3.1/Edition 07.2007 17 of 23ID No. 30023685’A7 1B’ SW_IO_ERROR Resync error’A7 1C’ SW_MAX_MERGE Maximum number of merges exceeded’A7 20’ SW_VERIFY_FP General verify fingerprint error’A7 81’ SW_INVALID_PARAMETER Invalid parameter’A7 84’ SW_GET_CHALLENGE_FAILED General get challenge er-rorStatus BytesError code Description
AppendixTechnical Specifications18 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685B Technical SpecificationsScope This section lists the technical specifications of StarSign Bio Token 3.1Token Housing StarSign Bio Token 3.1 housing has the following characteristics.– dimensions closed: 80 x 17 mm– dimensions open: 107 x 17 mm– mechanism to protect sensor and USB interface from wearPower Consumption 250 mAInterfaces StarSign Bio Token 3.1 supports the following interfaces:– USB 1.1– PKCS#11 (with middleware)– MS CAPI 1.0 (CSP) (with middleware)– CCIDSensor Atmel swipe sensorOperating System StarSign Bio Token 3.1 uses the following operating system with listed characteristics.– STARCOS 3.0– 72 kB EEPROM– symmetric encryption: DES, 3DES– asymmetric encryption: RSA-CRT with up to 2048 bits– security system in accordance with ISO 7816-4– up to 8 DF levels– up to 4 logical channels– secure write– secure messaging– memory management– several authentication optionsSystem Requirements StarSign Bio Token 3.1 has the following system requirements.– IBM PC with Pentium 90 MHz processor or higher– 32 MB RAM for Windows 2000, 2003 and XP– free USB port
AppendixReference LiteratureReference Manual StarSign Bio Token 3.1/Edition 07.2007 19 of 23ID No. 30023685C Reference LiteratureISO ISO/IEC 7816-3Information technology -- Identification cards -- Integrated circuit(s) cards with contacts -- Part 3: Electronic signals and transmission pro-tocolsISO/IEC, 1997 (http://www.iso.org)ISO/IEC 7816-4Information technology -- Identification cards -- Integrated circuit(s) cards with contacts -- Part 4: Interindustry commands for interchangeISO/IEC, 1995 (http://www.iso.org)ISO/IEC 7816-11Identification cards - Integrated circuit cards - Part 11: Personal verifi-cation through biometric methodsISO/IEC, 2004 (http://www.iso.org)ISO/IEC FDIS 19794-2Information technology - Biometric data interchange formats - Part 2: Finger minutiae data ISO/IEC, 2005 (http://www.iso.org)Other STARCOS 3.0 Reference ManualSmart Card Operating SystemG&D, ID No. 30017784, 11/2005
AppendixGlossary20 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685DGlossary3DESThe triple-DES algorithm is a modified DES encryption. It consists of calling the DES algorithm three times in succession, with alternating encryption and decryption. If the same key is used for all three DES calls, triple-DES encryption corresponds to a normal DES encryption. However, if two or three different keys are used, triple-DES encryp-tion is significantly stronger than a single DES encryption.CAPICryptographic Application Programming IntefaceCRCCyclic Redundancy CheckA simple and widely used form of EDC (Error Detection Code) for the protection of data. The CRC must be computed using an initial value and a divider polynomial before it can be used.CSPCryptographic Service ProviderCryptographic support for Microsoft and other CryptoAPI products.DESData Encryption StandardA standard cryptographic algorithm specified as DEA in ISO 873-1. An algorithm for symmetric cryptography. Now used as triple DES (see 3DES) in EMV operations, e.g., ARQC generation, where data is encrypted using the first half of a double length key, is decrypted us-ing the second half, then re-encrypted using the first half again.EFElementary FileEFs represent the actual data storage in the file tree of a smart card. EFs contain one of the following internal file structures: Transparent, Linear Fixed, Linear Variable or Cyclic. FARFalse Acceptance RateDue to the nature of biometrics there is a slight possibility that an un-authorized user is granted access to a system protected by biomet-rics.FRRFalse Rejection RateDue to the nature of biometrics there is a slight possibility that a le-gitimate user is denied access to a system protected by biometrics.KIDKey and algorithm identifier for authentication (C/CC/DS).PKCSPublic Key Cryptography StandardsKey component in public key cryptosystems; used to verify digital sig-natures.PKIPublic Key InfrastructureA series of procedures established by a Certification Authority for the generation, signing, distribution and revocation of the keys used in an asymmetric cryptography scheme.
AppendixGlossaryReference Manual StarSign Bio Token 3.1/Edition 07.2007 21 of 23ID No. 30023685RFUReserved for Future UseRSA-CRTRSA - Chinese Remainder TheoremSpecial parameter setting for asymmetric cryptographic algorithm.STARCOSSmart Card Chip Card Operating SystemForms the basis of multifunctional smart card applications. STARCOS enables the implementation of various applications (e.g., electronic purse, access control to data networks, and digital signatures).Smart card operating systems control the data transfer, the storage areas, and process information; they manage the resources and supply all necessary functions for the operation and administration of a random number of applications.USBUniversal Serial BusPort not only for connecting external peripheral devices such as key-board, mouse, scanner, etc., but also USB hubs. These devices can be added during active operation.
AppendixGlossary22 of 23 Reference Manual StarSign Bio Token 3.1/Edition 07.2007ID No. 30023685
IndexReference Manual StarSign Bio Token 3.1/Edition 07.2007 23 of 23ID No. 30023685IndexAaccess rules 5Bbiometricsintroduction 4Ccharacteristics 1conventions 2EENROLL FINGERPRINT 10enrollment 4error rates 4Ffeatures 1fingerprint verification 4LLED status 6Nnotational conventions 2Oon-card matching 5operating system 18Rrequired knowledge 2return codes 16Sstandards 1status bytes 16system requirements 18Ttarget group 2Vverification 4VERIFY FINGERPRINT 12VERSION INFO 14

Navigation menu