Smart Card
Handbook
Third Edition
Wolfgang Rankl and Wolfgang Effing
Giesecke & Devrient GmbH, Munich, Germany
Translated by
Kenneth Cox
Kenneth Cox Technical Translations, Wassenaar, The Netherlands

Smart Card
Handbook
Third Edition

Smart Card
Handbook
Third Edition
Wolfgang Rankl and Wolfgang Effing
Giesecke & Devrient GmbH, Munich, Germany
Translated by
Kenneth Cox
Kenneth Cox Technical Translations, Wassenaar, The Netherlands
First published under the title Handbuch der Chipkarten by Carl Hanser Verlag
C

Carl Hanser Verlag, Munich/FRG, 2002
All rights reserved.
Authorized translation from the 4th edition in the original German language
published by Carl Hanser Verlag, Munich/FRG.
Copyright
C


2003 John Wiley & Sons Ltd, Baffins Lane, Chichester
West Sussex, PO19 1UD, England
National 01243 779777
International (+44) 1243 779777
Email (for orders and customer service enquiries):
Visit our Home Page on www.wileyeurope.com or www.wiley.com
All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any
means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs
and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road,
London W1T 4LP, UK, without the permission in writing of the Publisher. Requests to the Publisher should be addressed to the
Permissions Department,
John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England, or emailed to
, or faxed to (+44) 1243 770571.
This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold on the
understanding that the Publisher is not engaged in rendering professional services. If professional advice or other expert assistance is
required, the services of a competent professional should be sought.
Other Wiley Editorial Offices
John Wiley & Sons Inc., 111 River Street, Hoboken, NJ 07030, USA
Jossey-Bass, 989 Market Street, San Francisco, CA 94103-1741, USA
Wiley-VCH Verlag GmbH, Boschstr. 12, D-69469 Weinheim, Germany
John Wiley & Sons Australia Ltd, 33 Park Road, Milton, Queensland 4064, Australia
John Wiley & Sons (Asia) Pte Ltd, 2 Clementi Loop #02-01, Jin Xing Distripark, Singapore 129809
John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W 1L1
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic
books.
Library of Congress Cataloging-in-Publication Data
Rankl, W. (Wolfgang)
[Handbuch der Chipkarten. English]
Smart card handbook / Wolfgang Rankl and Wolfgang Effing. – 3rd ed.

p. cm.
Includes bibliographical references and index.
ISBN 0-470-85668-8 (alk. paper)
1. Smart cards–Handbooks, manuals, etc. I. Effing, W. (Wolfgang) II. Title.
TK7895.S62R3613 2003
006 – dc22 2003062750
British Library Cataloguing in Publication Data
A catalogue record for this book is available from the British Library
ISBN 0-470-85668-8
Typeset in 10/12pt Times by TechBooks, New Delhi, India
Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham Wiltshire
This book is printed on acid-free paper responsibly manufactured from sustainable forestry
in which at least two trees are planted for each one used for paper production.
Contents
Preface to the Third Edition xiii
Symbols and Notation xv
Program Code Conventions xvii
Abbreviations xix
1 Introduction 1
1.1 The History of Smart Cards 2
1.2 Application Areas 5
1.2.1 Memory cards 6
1.2.2 Microprocessor cards 6
1.2.3 Contactless cards 8
1.3 Standardization 9
2 Types of Cards 15
2.1 Embossed Cards 15
2.2 Magnetic-stripe Cards 16
2.3 Smart Cards 18
2.3.1 Memory cards 19

2.3.2 Microprocessor cards 20
2.3.3 Contactless smart cards 21
2.4 Optical Memory Cards 23
3 Physical and Electrical Properties 27
3.1 Physical Properties 27
3.1.1 Card formats 28
3.1.2 Card components and security features 31
3.2 The Card Body 38
3.2.1 Card materials 40
3.2.2 Chip modules 42
3.3 Electrical Properties 52
3.3.1 Electrical connections 53
3.3.2 Supply voltage 55
vi Contents
3.3.3 Supply current 58
3.3.4 External clock 60
3.3.5 Data transmission 60
3.3.6 Activation and deactivation sequences 61
3.4 Smart Card Microcontrollers 62
3.4.1 Processor types 66
3.4.2 Memory types 70
3.4.3 Supplementary hardware 80
3.5 Contact-type Cards 91
3.6 Contactless Cards 93
3.6.1 Close-coupling cards: ISO/IEC 10536 101
3.6.2 Remote-coupling cards 107
3.6.3 Proximity integrated circuit(s) cards: ISO/IEC 14 443 108
3.6.4 Vicinity integrated circuits cards (ISO/IEC 15 693) 153
3.6.5 Test methods for contactless smart cards 153
4 Informatic Foundations 155

4.1 Structuring Data 156
4.2 Coding Alphanumeric Data 161
4.2.1 7-bit code 161
4.2.2 8-bit code 161
4.2.3 16-bit code (Unicode) 163
4.2.4 32-bit code (UCS) 163
4.3 SDL Notation 164
4.4 State Machines 165
4.4.1 Basic theory of state machines 166
4.4.2 Practical applications 166
4.5 Error Detection and Correction Codes 169
4.5.1 XOR checksums 171
4.5.2 CRC checksums 172
4.5.3 Reed–Solomon codes 174
4.5.4 Error correction 174
4.6 Data Compression 176
4.7 Cryptology 177
4.7.1 Symmetric cryptographic algorithms 182
4.7.2 Asymmetric cryptographic algorithms 189
4.7.3 Padding 199
4.7.4 Message authentication code and cryptographic checksum 201
4.8 Key Management 202
4.8.1 Derived keys 202
4.8.2 Key diversification 203
4.8.3 Key versions 203
4.8.4 Dynamic keys 203
4.8.5 Key parameters 204
4.8.6 Key management example 206
4.9 Hash Functions 208
Contents vii

4.10 Random Numbers 210
4.10.1 Generating random numbers 211
4.10.2 Testing random numbers 213
4.11 Authentication 216
4.11.1 Symmetric unilateral authentication 218
4.11.2 Symmetric mutual authentication 219
4.11.3 Static asymmetric authentication 222
4.11.4 Dynamic asymmetric authentication 223
4.12 Digital Signatures 225
4.13 Certificates 229
5 Smart Card Operating Systems 233
5.1 Historical Evolution of Smart Card
Operating Systems 234
5.2 Fundamentals 237
5.3 Design and Implementation Principles 242
5.4 Completion 245
5.5 Memory Organization 249
5.6 Smart Card Files 252
5.6.1 File types 254
5.6.2 File names 257
5.6.3 File selection 261
5.6.4 EF file structures 263
5.6.5 File access conditions 267
5.6.6 File attributes 270
5.7 File Management 271
5.8 Sequential Control 279
5.9 Access to Resources in Accordance with
ISO/IEC 7816-9 280
5.10 Atomic Operations 288
5.11 Open Platform 290

5.12 Downloadable Program Code 293
5.13 Executable Native Code 296
5.14 Open Platforms 302
5.14.1 Java Card 303
5.14.2 Multos 322
5.14.3 Basic Card 323
5.14.4 Windows for Smart Cards 323
5.14.5 Linux 324
5.15 The Small-OS Smart Card Operating System 326
6 Smart Card Data Transmission 371
6.1 The Physical Transmission Layer 373
6.2 Answer to Reset (ATR) 377
6.2.1 ATR characters 379
6.2.2 Practical examples of ATRs 389
viii Contents
6.3 Protocol Parameter Selection (PPS) 392
6.4 Data Transmission Protocols 396
6.4.1 Synchronous data transmission 397
6.4.2 The T = 0 transmission protocol 403
6.4.3 The T = 1 transmission protocol 409
6.4.4 The T = 14 transmission protocol (Germany) 419
6.4.5 The USB transmission protocol 420
6.4.6 Comparison of asynchronous transmission protocols 421
6.5 Message Structure: APDU
s
421
6.5.1 Structure of the command APDU 422
6.5.2 Structure of the response APDU 424
6.6 Securing Data Transmissions 425
6.6.1 The authentic mode procedure 429

6.6.2 The combined mode procedure 430
6.6.3 Send sequence counter 432
6.7 Logical Channels 434
7 Smart Card Commands 435
7.1 File Selection Commands 439
7.2 Read and Write Commands 442
7.3 Search Commands 450
7.4 File Manipulation Commands 452
7.5 Identification Commands 453
7.6 Authentication Commands 457
7.7 Commands for Cryptographic Algorithms 462
7.8 File Management Commands 468
7.9 Commands for Managing Applets 474
7.10 Commands for Completing the Operating System 474
7.11 Commands for Hardware Testing 477
7.12 Commands for Data Transmission Protocols 481
7.13 Database Commands: SCQL 482
7.14 Commands for Electronic Purses 486
7.15 Commands for Credit and Debit Cards 489
7.16 Application-Specific Commands 490
8 Security Techniques 491
8.1 User Identification 491
8.1.1 Testing a secret number 493
8.1.2 Biometric methods 498
8.2 Smart Card Security 510
8.2.1 A classification of attacks and attackers 511
8.2.2 Attacks and defensive measures during development 517
8.2.3 Attacks and defensive measures during production 520
8.2.4 Attacks and defense measures while the card is in use 521
9 Quality Assurance and Testing 565

9.1 Card Body Tests 566
Contents ix
9.2 Microcontroller Hardware Tests 573
9.3 Evaluating and Testing Software 574
9.3.1 Evaluation 575
9.3.2 Test methods for software 581
9.3.3 Dynamic testing of operating systems and applications 589
10 The Smart Card Life Cycle 597
10.1 The Five Phases of the Smart Card Life Cycle 598
10.2 Phase 1 of the Life Cycle in Detail 600
10.2.1 Generating the operating system and producing the chip 600
10.2.2 Producing card bodies without integrated coils 612
10.2.3 Producing card bodies containing integrated coils 621
10.2.4 Combining the card body and the chip 628
10.3 Phase 2 of the Life Cycle in Detail 630
10.4 Phase 3 of the Life Cycle in Detail 638
10.5 Phase 4 of the Life Cycle in Detail 650
10.6 Phase 5 of the Life Cycle in Detail 652
11 Smart Card Terminals 655
11.1 Mechanical Properties 660
11.2 Electrical Properties 663
11.3 Security Technology 665
11.4 Connecting Terminals to Higher-Level Systems 667
11.4.1 PC/SC 667
11.4.2 OCF 671
11.4.3 MKT 672
11.4.4 MUSCLE 672
12 Smart Cards in Payment Systems 673
12.1 Payment Transactions using Cards 674
12.1.1 Electronic payments with smart cards 674

12.1.2 Electronic money 679
12.1.3 Basic system architecture options 681
12.2 Prepaid Memory Cards 684
12.3 Electronic Purses 685
12.3.1 The CEN EN 1546 standard 685
12.3.2 Common Electronic Purse Specifications (CEPS) 701
12.3.3 Proton 702
12.3.4 The Mondex system 703
12.4 The EMV Application 708
12.5 The Eurocheque System in Germany 714
13 Smart Cards in Telecommunications 723
13.1 Survey of Mobile Telecommunication Systems 727
13.1.1 Multiple-access methods 727
13.1.2 Cellular technology 730
x Contents
13.1.3 Cell types 732
13.1.4 Bearer services 733
13.2 The GSM System 735
13.2.1 Specifications 737
13.2.2 System architecture and components 740
13.2.3 Important data elements 741
13.2.4 The subscriber identity module (SIM) 745
13.2.5 General Packet Radio System (GPRS) 786
13.2.6 Future developments 787
13.3 The UMTS System 789
13.4 Microbrowsers 794
13.5 The Wireless Identification Module (WIM) 802
13.6 Public Card Phones in Germany 804
14 Sample Applications 811
14.1 Contactless Memory Cards for Air Travel 811

14.2 Health Insurance Cards 814
14.3 Electronic Toll Systems 819
14.4 Digital Signatures 822
14.5 The PKCS #15 Signature Application 833
14.6 The FINEID Personal Identification Card 840
14.7 Tachosmart 840
15 Application Design 843
15.1 General Information and Characteristic Data 843
15.1.1 Microcontrollers 843
15.1.2 Applications 846
15.1.3 System considerations 848
15.1.4 Compliance with standards 850
15.2 Formulas for Estimating Processing Times 850
15.3 Timing Formulas for Typical Smart Card Commands 858
15.4 Typical Command Processing Times 860
15.5 Application Development Tools 864
15.6 Analyzing an Unknown Smart Card 868
15.7 Life-Cycle Models and Process Maturity 870
15.7.1 Life-cycle models 874
15.7.2 Process maturity 882
15.8 The Course of a Smart Card Project 885
15.9 Design Examples for Smart Card Applications 886
15.9.1 An electronic purse system for arcade games 888
15.9.2 Access control system 890
15.9.3 Testing the genuineness of a terminal 894
16 Appendix 897
16.1 Glossary 897
16.2 Related Reading 985
Contents xi
16.3 Literature 985

16.4 Annotated Directory of Standards and Specifications 994
16.5 Coding of Data Objects 1030
16.5.1 Data objects compliant with ISO/IEC 7816-4 1030
16.5.2 Data objects compliant with ISO/IEC 7816-6 1031
16.5.3 Data objects for chip manufacturers as specified by ISO/IEC 7816-6 1032
16.6 Registration Authorities for RID
s 1032
16.7 Selected RIDs 1032
16.8 Trade Fairs, Conferences and Conventions 1033
16.9 World Wide Web Addresses 1034
16.10 Characteristic Data and Tables 1044
16.10.1 ATR interval 1044
16.10.2 ATR parameter conversion tables 1044
16.10.3 Determining the data transmission rate 1046
16.10.4 Sampling times for serial data 1046
16.10.5 The most important smart card commands 1047
16.10.6 Summary of utilized instruction bytes 1051
16.10.7 Smart card command coding 1053
16.10.8 Smart card return codes 1056
16.10.9 Selected chips for memory cards 1058
16.10.10 Selected microcontrollers for smart cards 1060
Index 1067

Preface to the Third Edition
The English version of the Smart Card Handbook has now reached its third edition. In com-
parison with the previous edition, it has been considerably expanded and thoroughly updated
to represent the current state of the technology. In this book, we attempt to cover all aspects
of smart card technology, with the term ‘technology’ intentionally being understood in a very
broad sense.
As in previous editions, we have remained true to our motto, ‘better one sentence too many

than one word too few’. We have described this ever-expanding subject in as much detail as
possible. Even more examples, drawings and photographs have been added to make it easier
to understand complicated relationships. The glossary has been enlarged to include many new
terms covering all essential concepts related to smart cards, and it has been enhanced with
cross-references. In many cases, it can provide a quick introduction to a particular subject.
Altogether, these additions, extensions and improvements have resulted in a book that is more
than three times as large as the first edition.
Here we can make a small comparison. Modern smart card operating systems currently
comprise 120,000 lines of source code, which roughly corresponds to two books the size of
the present edition. Even if you are not familiar with programming, you can readily appreciate
how sophisticated these operating systems have become.
These small, colorful plastic cards with their semiconductor chips continue to spread from
their original countries, Germany and France, throughout the world. In the coming years, this
technology can be expected to outstrip all others, especially since it is still in its infancy and
there is no end or consolidation in sight.
Smart card technology progresses in leaps and bounds, and we attempt to keep pace by
publishing a new edition of the Smart Card Handbook every two to three years. The Smart
Card Handbook represents the present state of technical knowledge, and in areas that are
presently undergoing rapid change, we indicate possible paths of evolution. If certain things
come to be seen differently at a later date, we can only remark that no one knows what the
future will bring. Despite this, or perhaps just because of this, we welcome all comments,
suggestions and proposed improvements, so that this book can continue to cover the subject of
smart cards as completely as possible. Here we would like to explicitly thank the many attentive
and interested readers who have pointed out unclear or ambiguous passages and errors. Once
again, an errata list for this edition will be made available at www.wiley.co.uk/commstech/.
We would also like to thank our many friends and colleagues who have repeatedly offered
valuable (and occasionally somewhat uncomfortable) suggestions for making this book better
xiv Preface
and more complete. We would particularly like to thank Hermann Altsch¨afl, Peter van Elst,
Klaus Finkenzeller, Thomas Graßl, Michael Schnellinger, Harald Vater and Dieter Weiß, as

well as Kathryn Sharples at Wiley for her helpful support and Kenneth Cox for the translation.
Munich, June 2002
Wolfgang Rankl
[], [www.wiley.co.uk/commstech/]
Wolfgang Effing
[WEffi]
Symbols and Notation
General
r
In accordance with ISO standards, the least-significant bit is always designated 1, rather
than 0.
r
In accordance with common usage, the term ‘byte’ refers to a sequence of eight bits and is
equivalent to the term ‘octet’, which is often used in international standards.
r
Length specifications for data, objects and all countable quantities are shown in decimal
form, in agreement with the usual practice in smart card standards. All other values are
usually shown as hexadecimal numbers and identified as such.
r
The prefixes ‘kilo’ and ‘mega’ have the values of 1024 (2
10
) and 1,048,576 (2
20
), respectively,
as is customary in the field of information technology.
r
Depending on the context, binary values may not be explicitly identified as such.
r
Commands used with smartcardsareprinted in upper-case characters (for example: SELECT
FILE).

Representation of characters and numbers
42 decimal value
'00' hexadecimal value
◦
0
◦
,
◦
1
◦
binary values
''ABC'' ASCII value
Bn byte number n (for example: B1)
bn bit number n (for example: b2)
Dn digit number n (for example: D3)
Logical functions
|| concatenation (of data elements or objects)
⊕ logical XOR operation
xvi Symbols and Notation
∧ logical AND operation
∨ logical OR operation
a ∈ Mais an element of the set M
a /∈ Mais not an element of the set M
{a, b, c } the set of elements a, b, c
Cryptographic functions
enc
Xn
(K; D) encryption using the algorithm X and an n-bit key, with the key
K and the data D [for example: enc
DES56

('1 0'; 42)]
dec
Xn
(K; D) decryption using the algorithm X and an n-bit key, with the key
K and the data D [for example: dec
IDEA128
('1 0'; 42)]
S:= sign
Xn
(K; D) generating the signature S using the algorithm X and an n -bit key,
with the key K and the data D [for example: sign
RSA512
('1 0';
''Wolf'')]
R:= verify
Xn
(K; S) verifying the signature S using the algorithm X and an n-bit key,
with the key K [for example: verify
RSA512
('1 9'; 42)]
Result = OK/NOK
References
See: ‘. . . ’ This is a cross-reference to another location in the book.
See also: ‘. . . ’ This is a cross-reference to another location in the book where
more information on the subject can be found.
[. . . ] This is a reference to a World Wide Web site listed in the
Appendix.
[X Y] This is a cross-reference to additional literature or standards listed
in the Appendix. The format is:
X ∈ {surname of the first-named author}

Y ∈ {last two digits of the year of publication}
Program Code Conventions
The syntax and semantics of the program code used in this book are based on the standard
dialects of Basic. However, the use of explanations in natural language within a program
listing is allowed, in order to promote the understandability of the code. Naturally, although
this makes it easier for the reader to understand the code, it means that it is not possible
to automatically convert the code into machine code. This compromise is justified by the
significant improvement in readability that it provides.
:= assignment operator
::= definition operator
=, !=,<,<=,>,=> comparison operators
+, −, ×,/ arithmetic operators
NOT logical not
AND logical and
OR logical or
|| concatenation operator (e.g., coupling two byte strings)
end-of-line marker for multiline instructions
// . . . comment
IO
Buffer variable (printed in italics)
Label: jump or call location (printed in bold)
GOTO . . . jump
CALL . . . function call (subroutine call)
RETURN return from a function (subroutine)
IF . . . THEN . . . decision, type 1
IF . . . THEN . . . ELSE . . . decision, type 2
SEARCH (. . . ) search in a list; search string in parentheses
STATUS query the result of a previously executed function call
STOP terminate a process
LENGTH (. . . ) calculate the length

EXIST test for presence (for example: an object or data element)
WITH . . . starts the definition of a variable or object as a reference
END WITH ends the definition of a variable or object as a reference

Abbreviations
3DES triple DES (see glossary)
3GPP Third Generation Partnership Project (see glossary)
3GPP2 Third Generation Partnership Project 2 (see glossary)
A3, A5, A8 GSM algorithm 3, 5, 8 (see glossary)
AAM application abstract machine
ABA American Bankers’ Association
ABS acrylonitrile butadiene styrene
AC access conditions (see glossary)
ACD access control descriptor
ACK acknowledge
ACM accumulated call meter
ADF application dedicated file
ADN abbreviated dialing number
AES Advanced Encryption Standard (see glossary)
AFI application family identifier
AFNOR Association Franc¸aise de Normalisation (see glossary)
AGE Autobahngeb
¨
uhrenerfassung [motorway toll collection]
AGE automatische Geb
¨
uhrenerfassung [automatic toll collection]
AID application identifier (see glossary)
AM access mode
Amd. Amendment

AMPS Advanced Mobile Phone Service (see glossary)
AND logical AND operation
ANSI American National Standards Institute (see glossary)
AoC Advice of Charge
AODF authentication object directory file
APACS Association for Payment Clearing Services
APDU application protocol data unit (see glossary)
A-PET amorphous polyethylene terephthalate
API application programming interface (see glossary)
AR access rules
ARM advanced RISC machine
xx Abbreviations
ARR access rule reference
ASC application-specific command
ASCII American Standard Code for Information Interchange
ASIC application-specific integrated circuit
ASK amplitude shift keying (see glossary)
ASN.1 Abstract Syntax Notation 1 (see glossary)
AT attention
ATM automated teller machine
ATQA answer to request, type A
ATQB answer to request, type B
ATR answer to reset (see glossary)
ATS answer to select
ATTRIB PICC selection command, type B
AUX auxiliary
B2A business-to-administration (see glossary)
B2B business-to-business (see glossary)
B2C business-to-consumer (see glossary)
Basic Beginners All Purpose Symbolic Instruction Code

BCD binary-coded digit
Bellcore Bell Communications Research Laboratories
BER Basic Encoding Rules (see glossary)
BER-TLV Basic Encoding Rules – tag, length, value
BEZ B
¨
orsenevidenzzentrale [electronic purse clearing center for
Geldkarte]
BGT block guard time
BIN bank identification number
bit binary digit
BPF basic processor functions
BPSK binary phase-shift keying (see glossary)
BS base station
BWT block waiting time
CA certification authority (see glossary)
CAD chip accepting device (see glossary)
CAFE Conditional Access for Europe (EU project)
CAMEL Customized Applications for Mobile Enhanced Logic
CAP card application (see glossary)
C-APDU command APDU (see glossary)
CAPI crypto API (application programming interface)
CASCADE Chip Architecture for Smart Card and Portable Intelligent
Devices
CASE computer-aided software engineering
CAT card application toolkit
CAVE Cellular Authentication, Voice Privacy and Encryption
CBC cipher block chaining
Abbreviations xxi
CC Common Criteria (see glossary)

CCD card-coupling device
CCD charge-coupled device
CCITT Comit
´
e Consultatif International T
´
el
´
egraphique et T
´
el
´
ephonique
(now ITU) (see glossary)
CCR chip-card reader
CCS cryptographic checksum (see glossary)
CD committee draft
CDF certificate directory file
CDM card-dispensing machine
CDMA code division multiple access (see glossary)
CEN Comit
´
e Europ
´
een de Normalisation (see glossary)
CENELEC Comit
´
e Europ
´
een de Normalisation El

´
ectrotechnique [European
Committee for Electronics Standardization]
CEPS Common Electronic Purse Specifications, (previously: Common
European Purse System) (see glossary)
CEPT Conf
´
erence Europ
´
eenne des Postes et T
´
el
´
ecommunications (see
glossary)
CFB cipher feedback
CGI common gateway interface
CHV cardholder verification
CICC contactless integrated circuit card
CID card identifier
CISC complex instruction set computer
CLA class
CLK clock
CLn cascade level n, type A
CMM capability maturity model (see glossary)
CMOS complementary metal-oxide semiconductor
CMS card management system
COS chip operating system (see glossary)
COT chip-on-tape (see glossary)
CRC cyclic redundancy check (see glossary)

CRCF clock rate conversion factor
CRT Chinese remainder theorem
CRT control reference template
Cryptoki cryptographic token interface
CSD circuit-switched data
C-SET Chip-SET (secure electronic transaction)
CT chipcard terminal
CT card terminal
CT cascade tag, type A
CT cordless telephone
CT-API chipcard terminal (CT) API (see glossary)
CTDE cryptographic token data element
CTI cryptographic token information
xxii Abbreviations
CTIO cryptographic token information object
CVM cardholder verification method
CWT character waiting time
D divisor
DAD destination address
DAM DECT authentication module (see glossary)
DAM draft amendment
D-AMPS Digital Advanced Mobile Phone Service (see glossary)
DAP data authentication pattern
DB database
DBF database file
DBMS database management system
DC/SC Digital Certificates on Smart Cards
DCODF data container object directory file
DCS digital cellular system
DEA data encryption algorithm (see glossary)

DECT Digital Enhanced Cordless Telecommunications (previously:
Digital European Cordless Telecommunications) (see glossary)
DER Distinguished Encoding rules (see glossary)
DES Data Encryption Standard (see glossary)
DF dedicated file (also often: directory file) (see glossary)
DFA differential fault analysis (see glossary)
DF
¨
U Datenfern
¨
ubertragung [data telecommunications]
DIL dual in-line
DIN Deutsche Industrienorm [German industrial standard]
DIS draft international standard
DLL dynamic link library
DMA direct memory access
DO data object
DoD US Department of Defense
DOM document object model
DOV data over voice
DPA differential power analysis (see glossary)
dpi dots per inch
DR divisor receive (PCD to PICC)
DRAM dynamic random-access memory (see glossary)
DRI divisor receive integer (PCD to PICC)
DS divisor send (PICC to PCD)
DSA digital signature algorithm
DSI divisor send integer (PICC to PCD)
DTAUS Datentr
¨

ageraustausch [data storage medium exchange]
DTD document type definition
DTMF dual-tone multiple-frequency
DVD digital versatile disc
DVS Dateiverwaltungssystem [file management system]