[Pcsclite-muscle] HELP! Any experience on smart card chip wearing?

Ludovic Rousseau ludovic.rousseau
Mon Sep 8 01:03:42 PDT 2014


2014-09-08 9:30 GMT+02:00 Umberto Rustichelli <umberto.rustichelli at gt50.org>:
> Dear all, I do not know if this is the right place to ask but I think it is
> the only place where the best experience with smart cards is shared.

Hello,
Maybe the best would be to contact the smart card manufacturer or reseller.

> I'm recently struggling with some issues when using smart cards for massive
> signatures production where massive means a few millions consecutive
> signatures for each card (what you wouldn't do to meet the absurd customers'
> demand!)...
>
> I think it is irrelevant but let me point out that this applies to cards
> from two different vendors and with 2 different (USB) card readers; the
> environment can handle up to 98 smart cards (yes, I changed a few parameters
> in header files) but just 14 are connected. In production, only one card
> type (InCard 34v2 common used in Italy) and only one reader type are used.
>
> To make it short, does anybody know of any predictable limit that can cause
> failures (after "many" signatures the *cards disconnect*, one by one) among
> the following:
>
> - cards cannot reliably work for more than N signatures
>   ...I know that RAM in cards should work well for N * 10^5
>   write operations, considering that some writing operations
>   may be involved when signing, that can be an issue and
>   would point to chip wearing?
>
> - some counters in the PCSC / CCID code that may be
>   troublesome after a number of operations (honestly,
>   I found none but I'm not an expert here)?
>
> - any known issue with smart card drivers, in the specific case
>   the proprietary InCard driver? The SW involved is
>   pcsc-lite, cccid, (OpenSC) pkcs11_engine for OpenSSL
>   and, of course, the driver itself
>
> Did anybody try such massive use of cards?
> Please help if you have any experience to share on this or point me to some
> documents or forum that can be more appropriate.

I guess the problem is more with EEPROM [1] and not RAM of the smart card.

Accordiong to Wikipedia a typical EEPROM supports 1 million of
read/write/erase cycles. So I am not surprised that you get errors
after a few millions signatures.

pcsc-lite and the libccid driver do not have counters that could
produce an error.
The smart card may have a signature counter and certainly have a
ratification counter for the PIN code. If the PIN needs to be
presented before each signature then the PIN counter will be updated
twice for each signature.

Do you get an error message from the smart card?
Do the smart card just become mute?

Bye

[1] https://en.wikipedia.org/wiki/EEPROM

-- 
 Dr. Ludovic Rousseau




More information about the pcsclite-muscle mailing list