Engineering, Technology & Applied Science Research Vol. 13, No.

1, 2023, 10100-10107 10100

Building an Application that reads Secure

Information Stored on the Chip of the Citizen
Identity Card in Vietnam
Van-Hoan Le
Weapon Institute, Vietnam
[email protected]

Nhu-Quynh Luc
Academy of Cryptography Techniques, Vietnam
[email protected]
(corresponding author)

Toan Thanh Dao

University of Transport and Communications, Vietnam
[email protected]

Quang-Trung Do
Academy of Cryptography Techniques, Vietnam
[email protected]

Received: 29 November 2022 | Revised: 24 December 2022 | Accepted: 31 December 2022

ABSTRACT
Reading the information on the CIC/passport is very meaningful in serving the life activities of citizens in
Vietnam and of foreign citizens visiting Vietnam. This research is based on the operating modes, such as
BAC, FACE, and EAC to read the data contained in the chip put on the Citizen Identity Card (CIC) out
securely. Specifically, the authors used the BAC mode to perform safe data reading from the CIC’s chip.
BAC mode uses 3DES and SHA1 algorithms to encrypt data to ensure security, so when the data are
transmitted from the chip they are encrypted and decryption is performed by the application. In this
paper, a complete application has been built for reading personal information stored securely on CIC. This
application is built based on the BAC reading mode corresponding to CIC in Vietnam and meets the
requirements of the ICAO 9303 standard, so it is able to read passports or CICs of other countries that use
this standard. The performance of this application when reading data stored on fields DG1, DG2, and
DG13 is improved with a speed of about 1.2s - 1.3s for all 3 data fields.

Keywords-BAC; EAC; PACE; 3DES; MRZ; SHA; digital signature

I. INTRODUCTION range wireless connection such as radio frequency

identification (Contactless Smartcard) [8-10]. Operating
Smart card technology was first proposed in 1977 [1]. systems designed for smart cards can provide personal
During the '90s, there was an explosion in smart card identification, authentication, data storage, and application
technology in Europe with the appearance of SIMs (in GSM processing [9, 11, 12]. Smart cards using chips have very high
devices) and the international payment systems MasterCard, reliability and safety for practical applications because some
Visa, and Euro-pay [2-4]. In 1994, the EMV system (Euro-pay, security algorithms and biometric features are installed [13-15].
MasterCard, Visa) was widely used in many countries [5, 6]. Smart card technology with security is applied to digital ID
Currently, smart cards are applied in many fields [7]. cards (e-passport) as legal proof for different services in many
Physically, the smart card is compact in size and embedded countries [13, 16-18].
with an integrated circuit to control access to resources [4, 8].
Communication between the smart card and the card reader is In Vietnam, the Government promulgated the Decree 577
direct physical contact (Contact Smartcard) or through short- on ID cards and regulations on issuance of ID cards in 1957, to

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10101

help citizens facilitate daily transactions [19]. After a while, chip is in charge of receiving power and making the connection
this ID card showed some disadvantages: it can be faked, many with the antenna. The data will be transmitted through the
people share the same number of ID cards, and the information antenna and if encryption or decryption is needed, the RFID
on the ID card is lost after a period of use. Currently, with the chip will make the connection and perform encryption and
trend of global digital transformation, the Government of decryption with the CIC chip. The CIC chip performs the main
Vietnam has launched a chip-based CIC to store and secure job of executing cryptographic algorithms and communicating
user information [20], in which, if the data retrieved in the chip with the RFID chip to transmit information securely and store
are exactly the same as the data recorded on the card, the user encrypted personal information. The CIC chip is connected to
information is valid [21]. Moreover, CIC with chips have many the power source to ensure the energy used to store the
other advantages such as making international, online, and password key and ID of the card when the power is not directly
digital transactions [22]. supplied.
CICs with chip in Vietnam are manufactured based on
smart card technology in compliance with ICAO 9303 [22, 23].
In particular, the chip used in CIC has built-in cryptographic
solutions to secure personal data, ensuring that information is
safe and reliably authenticated. According to ICAO 9303, the
access process to read security information stored on the CIC’s
chip operates in three modes: BAC (Basic Access Control),
PACE (Password Authenticated Connection Establishment),
and EAC (Extended Access Control) [17, 22-23]. The Fig. 1. (a) Front side and (b) back side (b) of the CIC.
command architecture used is the APDU (Application Protocol
Data Unit) protocol [7, 21, 24]. Data are stored and organized B. File Organization on the Operating System in the Chip of
on the chip according to ICAO 9303 [22, 25], ISO/IEC 14443- the CIC
4 [26], and ISO/IEC 7816-4:2013 [27] standards. According to the ICAO standard [19, 20], the data in the
In Vietnam, a new chip-based CIC is going to be deployed chip of CIC are in a hierarchical form. First, there is the root
in the community in 2022. There are almost no studies related directory (Master File -MF) and then the dedicated directory
to the reading of the information contained in the CIC/passport (Dedicated File - DF), and finally the Elementary Files (EF).
chip. Almost every citizen's transactions related to finance The root directory of the CIC is divided into 2 DFs and 3 EFs,
(such as withdrawing money from an ATM, buying and selling in which Future Application is a dedicated directory for future
online, inter-bank financial transactions, etc.) and activities in development, EF.CardAccess is the elementary file used for
life are related to the CIC/passport. Therefore, reading the PACE mode access, EF.CardSecurity is the elementary file used
information on the CIC/passport will make the transaction for PACE mode access. EMRTD is a dedicated directory that
process between citizens, government agencies, and service stores the basic data files of each citizen. This is the most
providers much more convenient. In this article, an application important folder of the CIC because all user information will be
that can read security information stored on the DG1, DG2, and located in there. The EMRTD stores basic files, also known as
DG13 partitions of the CIC’s chip has been built and is data partitions and is described according to the international
discussed. standards ICAO 9303 for CIC/e-passport. Citizens' data are
stored in basic files in the EMRTD Application directory
II. RELATED WORK including EF.COM, EF.SOD, and DG1-16. EF.COM stores
Unicode version information and a list of data groups available
A. The Physical Surface of the CIC
in the CIC, DG1 stores individual basic details (MRZ), DG2
Figure 1 shows the physical surface (front and back) design stores citizens' facial images, DG3 stores the fingerprint, DG4
of the CIC. The information recorded on CIC includes full stores an iris picture, DG5 stores features of the face, DG6 is
name, date of birth, expiration date, gender, hometown, expanded to store information that will be added later, DG7
portrait, and country. The back side has the information on the stores citizen's signature, DG8, DG9, DG10, DG11 are currently
relevant characteristics of the citizen. The MRZ information not used, DG12 stores supporting information, DG13, DG16
area recorded on the back of the CIC is an area used to be read store citizen-related information, DG14 is used for the EAC
by a machine, facilitating inspection and reducing execution access mechanism, DG15 stores the public key, and EF.SOD
time in administrative procedures [25]. In addition, MRZ also stores the hash value of each field.
provides the ability to verify information in the VIZ. MRZ is
formatted according to ICAO 9303 standard to ensure machine C. Communication between CIC and the Computer
readability in different countries. Therefore, OCR-B font is The computer is connected to the card reader via a serial
used to store data in MRZ [25]. port, USB, or Bluetooth to read the card data through either
The hardware design of the chip ID card is organized into contact or contactless communication. After the CIC is inserted
two main parts: Power Reserve and Main Card. In particular, into the slot of the card reader, the computer connected to the
the Power Reserve helps CIC collect and reserve energy to card reader will detect the device through the ATR message sent
ensure that the chip on CIC works when performing transactions from the CIC. After receiving the card, the computer and the
related to the CIC. The Main Card part consists of the RFID card establish a connection and select the protocol for data
chip, the CIC chip, antenna, and integrated circuit. The RFID transmission (TAPDU). When the data transfer protocol is

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10102

selected, the process of sending and receiving data between the communication channel between the CIC and a terminal. In
computer and the card is done through APDU commands. contrast to ordinary personal data that can be protected by basic
When the computer sends the APDU command to the card, the mechanisms, more sensitive data (such as fingerprints or iris
card will receive the command and send a response back to the images) must have enhanced protection to prevent
computer. Finally, after the successful data exchange, the CIC is unauthorized access. To access this mode, users need to
removed from the slot. The computer will detect the discarded establish a secure connection based on either BAC or PACE
device through the card reader. mode. EAC access mode is implemented through two parts:
Chip Authentication that uses the Diffie-Hellman key exchange
algorithm to exchange new session keys and Terminal
Authentication that uses RSA digital signature algorithm or
digital signature on an elliptic curve. Figure 2 describes in
detail the process of reading data when combining the three
modes. To retrieve the data in CIC, we first need to get the
MRZ information contained on the CIC that can be entered or
scanned. Then, we proceed to access with two modes, BAC or
PACE. When either of these two modes is successfully set up,
the individual can access the partitions DG1 and DG2 to get
information, portraits and some information in the related data
partition (if permitted). That information is then compared with
the personal information contained on the CIC to check
whether the user information is valid. After successful data
retrieval, EAC advanced access mode can be selected to read
data in partitions DG3 and DG4 to get information about
fingerprint and iris images and compare them with other
personal information. In this study, we aim to use BAC mode
to read information stored on the CIC chip. The data read
include: information of citizens themselves stored on the DG1,
portrait information stored on the DG2, and citizen-related
information such as parents, special identities, etc. that are
stored on DG13.
III. DESIGNING AND BUILDING AN APPLICATION
TO READ INFORMATION SAFELY FROM CIC WITH
CHIP IN VIETNAM
A. Setting Up the BAC Mode to Read Data
Figure 3 shows the details of the four stages needed to be
performed when the application connects to the CIC with chip,
including: First, get information from the MRZ on the CIC as a
key seed. Second, establish session key pair (KENC, KMAC)
from the key seed. Third, authenticate and exchange new
Fig. 2. Reading CIC data with BAC, FACE, and EAC modes. session keys with CIC. Finally, proceed to read the data on the
chip using the new session key pair to encrypt and authenticate
D. Data Reading Modes each other. BAC mode is the access mode to the CIC using
3DES symmetric encryption in CBC mode to encrypt as well
The read access process of the CIC chip includes three
as generate the token authentication code. Figure 3 presents
secure access modes, each of them determining the data
details of the test execution procedure for the CIC with chip to
partitions allowed to be accessed. The CIC access modes are
connect to the card reader with BAC mode.
BAC, PACE, and EAC [22, 24, 25]. The BAC mode ensures
that only authorized parties have access to read the data. The
PACE mode implements password-based access and Diffie-
Hellman key agreement. The password used for PACE depends
on the digital certificate of the CIC, using AES or 3DES
algorithms to encrypt and authenticate the data [28, 29]. This Fig. 3. Software read stages with the BAC mode.
mode allows reading, similar to BAC mode, the user's
information data including name, date of birth, card number, First, the PC will get the MRZ information contained on the
portrait, relative information, and other personal characteristics. CIC either manually or by scanning. The PC receiving the
EAC mode is an access mode that combines advanced security MRZ will generate a key encryption code and a key message
features between the terminal and the CIC to protect and authentication code (KENC, KMAC). Next, the PC requests a
restrict access to sensitive personal data contained on the chip. notification from the CIC via the APDU command sent to the
It enables mutual authentication and establishes a secure CIC. CIC generates a response message M sending a response

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10103

back to the PC. The PC receives the message M from the CIC After successful session key setup, a key pair consisting of
and then generates a message M' and the derived key Kifd. It an encryption key (KENC) and a key message authentication
calculates S = M || M’ || Kifd, encrypts S using a Kenc key, and key (KMAC) will be generated for secure exchange with the
generates message authentication code with ciphertext using CIC.
the Kmac key. Next, the PC constructs the APDU instruction
with the data E || MAC sent to the CIC. CIC’s chip will receive 2) Authenticating and Exchanging the New Session Key
decryption and authentication data with Kenc and Kmac keys This process is done after the session key pair has been
and check if the message M sent before is correct. If it is previously established. The application will request a message
correct, the CIC will generate the derived key Kic and a new from the CIC, then proceed to use the previously set session
key seed by xor-ing Kic with the key derived from the key pair to encrypt and generate an authentication code for that
incoming PC code (Kifd). Finally, the CIC generates a new message, and then send it to the CIC. The CIC decodes and
session key pair, i.e. Kenc(new) and Kmac(new), generates a authenticates the incoming data. If successful, the card will
new message M2 = M || M’ || Kik, encrypts message M2 with proceed to generate a new session key pair consisting of
the Kenc key, generates the token authentication code, KENC(new) and KMAC(new) and then send it back to the
constructs the APDU instruction with the data E || MAC, and application. The two sides of the application and the CIC will
sends a response back to the PC. At this point, the PC receives, be accessed through this new session key pair [25]. First,
decrypts, and authenticates the data to check if it is the message during the process of authentication and exchange, a new
M' sent before. If it is correct, the PC will generate the key seed session key is performed, an RND.IC message (8 bytes) is
by xor-ing Kifd and the incoming CIC derived key (Kic), and randomly requested from the CIC. The application performs
will generate a new session key pair Kenc(new), Kmac(new). the following operations: Generate random RND.IFD (8 bytes),
generate a random K.IFD (16 bytes) key, Join S = RND.IFD ||
When both the chip and the card reader complete the RND.IC || K.IFD (RND.IC sends request to CIC), encode EIFD
connection tests successfully, the two sides will communicate = E (KEnc, S), calculate the message authentication code
using the new session key pair to encrypt and authenticate data, MIFD = MAC(KMAC, EIFD), build command APDU(EIFD ||
with the following process: the PC sends the APDU command MIFD), and send the APDU command to the CIC. Then, CIC
read data to CIC, CIC encrypts data and sends the APDU receives the data sent to the APDU(EIFD || MIFD). EIFD
commands back to the PC. Then, the PC receives the decoded conducts decryption and authentication with application via
data, validates the data, and checks the received information. MAC, extracts RND.IC from S and checks if it returns the
This is demonstrated in the application by the following steps: correct value, generates K.IC key and generates Kseed(new) =
First, the application will proceed to get the MRZ information K.IC XOR K.IFD, generates a new session key pair
data as the key seed, then will calculate and set up a session KEnc(new), KMac(new), joins R = RND.IC || RND.IFD ||
key pair including KENC and KMAC. The application then K.IC, encrypts EIC = E(KEnc, R) and computes the message
sends a connection to the CIC and the CIC authenticates and authentication code MIC = MAC(KMAC, EIC), constructs the
initiates a new session key exchange. When the new session PDU(EIC || MIC) command, and sends the APDU command
key exchange is successful, the application will proceed to read back to the application. The application receives the response
the specified data partitions using the session key pair to data from the APDU tag(EIC || MIC), conducts EIC decryption
encrypt and authenticate the data. and authentication with the CIC via MAC, extracts the
1) Session Key Establishment RND.IFD from R and checks if the tag returns the correct
value, generates Kseed(new) = K.IC XOR K.IFD, and
Session Key Establishment is the process by which a user generates a new session key pair (KEnc(new), KMac(new)).
generates a session key pair based on the MRZ information Finally, the application and the CIC will generate a new session
provided by the CIC. The MRZ information serves as the key key pair that is used to encrypt, decrypt, and authenticate the
seed to generate the session key pair [25]. According to the data when reading the data file used for secure data reading.
ICAO 9303 standard, the process of establishing session key
[22, 25] consists of four main steps: 3) The Process of Reading Secure Data
 Step 1: Build MRZ information (organized with 24 It is done after the software and the CIC have authenticated
numbers according to the following structure: Document and set up the session key. During the reading process, the
Number - Consists of 9 digits of CIC from the end, Birth is application and the CIC encrypt, decrypt, and authenticate the
6 digits on the CIC, Expiry is 6 digits of the expiration date data based on a new session key pair to ensure that they are
on the CIC, Check is 1 byte calculated by the formula confidential and authenticated. Card reading is done through
Check = (Document Number + 7 + 3 +1 + 7 + 3 +1 + 7 + 3 properly constructed APDU commands sent to the chip [DO'85'
+1) mod 10). or DO'87'] [DO'97'] DO'8E'. The response to the APDU
command is [DO'85' or DO'87'] [DO'99'] DO'8E'. In this
 Step 2: Generate the key (here using SHA1 hash). module, the data on each partition are different, so the structure
of the APDU command sent to the card is also built differently
 Step 3: Generate KENC encryption key (using true random
and must follow the rules of sending access commands to that
source in chip).
partition. After sending a command to that partition, there will
 Step 4: Generate key message authentication key (using be response data with status bytes. If the returned data are
SHA1 and KMAC). This process is detailed in the ICAO correct and the status bytes return "9000", then the command
standard [19]. sent is correct. In the CICs in Vietnam, the data areas are: DG1

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10104

(MRZ information), DG2 (face image encoding), DG3 supplementary information reading module. First, users need a
(fingerprint encryption), DG4…DG12 (backup), DG13 password account to log in to the main module of the software.
(additional personal information), DG14 (read condition of The MRZ of CIC is then put into the session key setup module
EAC mode), DG15 (passive authentication), DG16 (backup). to generate a session key pair for the next process. The session
key exchange and authentication module receives the session
B. Analysis, Evaluation, and Design of the Application key pair, establishes a secure connection to the CIC, and
Figure 4 presents the details of the system and the operation exchanges a new session key pair. The personal information
of the reading data application. The application is built with the data read module retrieves the data from the DG1 partition. The
following devices: Scanner (gets MRZ information from the image data reading module will get the data from the DG2
card), card reader (communication device that transmits APDU partition. The additional information reading module retrieves
commands from the computer to the CIC and vice versa), and data from partition DG13.
software (retrieve and process data in CIC). The user will
provide a CIC chip and the scanner connected to the computer IV. RESULTS AND DISCUSSION
will take the MRZ information from the card as input. At the
A. Building and Designing Modules in CIC Reader Software
same time, a card reader is connected to the computer through
the built-in data reader software. After obtaining the MRZ Figure 6(a) describes in detail the operation flow of the
information as input to the data reader software, CIC will login module. At first, on the login interface of the software,
communicate with the software through the previously the user needs to enter the account/password. Next, when the
connected card reader. The application then processes and software's module works, if the information is valid, it will take
retrieves data from the card. the user to the main interface. In case of incorrect input, the
software will not allow login. Figure 6(b) details the operation
flow of the authentication module and session key
establishment. This module will process information according
to the following steps:
 Step 1: The user enters the MRZ on the CIC into the
software.
 Step 2: The entered MRZ information is processed in
accordance with the provisions of ICAO 9303 standard to
get the necessary information.
 Step 3: After obtaining the necessary information from the
MRZ, the module will proceed to generate the key.
 Step 4: After having the key seed, the processing software
generates a pair of session keys KENC (encryption) and
Fig. 4. Built-in system and program that reads the security information of the KMAC (key message authentication code).
CIC.

(a) (b)
Fig. 5. ID card security information reader program flow. Fig. 6. (a) Login module activity flow, (b) session key exchange and
authentication module activity flow.
Figure 5 shows that the software is built into many different
modules, each with different functions. The software is built The new session key exchange and authentication module
based on the BAC mode. The software is divided into the is operational:
following modules: Login module, module for setting session
key, authentication and session key exchange module, personal  Step 1: User generates a random plaintext block.
data reading module, image data reading module, and

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10105

 Step 2: Encrypt and generate token authentication code additional information. The module that reads image data
from plaintext block from KENC AND KMAC set up and reads additional information is basically the same as the
before. module that reads personal data, except for the method of
file selection and the processing of the received data.
 Step 3: Connect the cipher-text and the generated message
authentication code. B. Building and Perfecting the Functions of the CIC Reader
Software
 Step 4: Send S to the card for personal authentication.
In this study, the results of the readings from the CIC will
 Step 5: If it is legitimate, the card will respond and receive a be obscured, due to concerns regarding confidentiality and
resend notice. privacy. To build an application that reads security information
on a CIC, we used a number of devices and supporting tools: a
 Step 6: Decrypt the message and authenticate with the card. Duali DE-620 smart card reader, a PC with Visual Studio 2019
 Step 7: Get the key seed from the card's response message. installed, programming language: C/C++, OpenSSL library.
Figure 8(a) shows the designed login module interface. On this
 Step 8: Set up a new session key for encryption and token interface, citizens only need to enter the correct account and
authentication. The details of the operation flow of this password and then they can start working with the CIC reader
module are shown in Figure 7(a). software with the main interface of Figure 8(b). On this main
interface, if a citizen wants to read the information stored on
the CIC, it is only needed to enter the MRZ information string
(written on the back of the CIC).

(a) (b)
Fig. 8. (a) Login interface, (b) main interface.

(a) (b)
(a) (b)
Fig. 7. (a) New session key exchange and authentication module activity
flow, (b) operation flow of the data reading module (personal information).

Figure 7(b) shows the details of the operation flow of the

personal data reading module. When this module works, the
information stored on the CIC read out is processed through the (c) (d)
following steps: Fig. 9. (a) Results of reading personal information on the CCCD, (b)
results of reading data on DG1, (c) data reading results on DG13, (d) data
 Step 1: Send the file selection command to DG1 to read the reading results on DG2.
card's personal information.
 Step 2: Send the command to read the first 4 bytes of the Figure 9 shows the results by the software when reading
DG1 file. security information stored on the CIC's chip. Figure 9(a) is the
citizen's output displayed on the CIC reader software. Figures
 Step 3: Get a response from a valid check card and 9(b),(c) show the detailed results of personal information read
determine the length of data contained in the file. on DG1 and DG13. The read out results are saved on 2 separate
corresponding txt files. Figure 9(d) shows the result of a
 Step 4: Proceed to read the entire file.
detailed portrait of an individual read on the DG2 partition that
 Step 5: Get response from the data processing card from is saved on a txt file. The results obtained when reading
decoding, validating, and extracting valid information. In individual data on the chip CIC include: Document Type,
addition, there is a module to read image data and Issuing State, Full Name, CIC Number, Nationality, Date of

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10106

Birth, Expiration Date, Gender, Portrait Image, and other  There are two problems related to unused variables
personal data. (Variable Never Used: 2 issues). The error occurs because
two variables, num and lRetvalue have been declared
TABLE I. READING TIME RESULT OF SECURED DATA ON but not used. The fix is to delete these two variables.
THE CIC CHIP
End-to-end Reading Reading Reading  There is an issue related to integer to character conversion
Sum (Integer to Character: 1 issues). The error is that the
No authentication time of time of time of
(s)
time (s) DG1 (s) DG2 (s) DG13 (s) function returns an unsigned char to an int type, but the
1 0.1950 0.0260 0.9630 0.0360 1.22 return value is assigned to a char type. The fix is to
2 0.1960 0.0260 0.9640 0.0380 1.224 resynchronize the return value with the same type.
3 0.1960 0.0260 0.9570 0.0370 1.216
4 0.1950 0.0260 0.9430 0.0380 1.202  There is an issue with the signed to unsigned conversion
5 0.1950 0.0250 0.9640 0.0390 1.223 (Signed to Unsigned: 1 issues). The error occurs because
Average 0.1954 0.0258 0.9582 0.0376 1.217 the arrays ch[] (type char) and mrz_input[]
Finally, in order to evaluate the performance of the CIC (type unsigned char) are not of the same data type.
reader software, the time to read citizen information stored on The fix is to re-declare one of the two arrays with the same
each partition DG1, DG2, DG13 and end-to-end authentication data type char or unsigned char.
of chip CIC was determined. Table I gives the results of the
software's execution speed performance when reading data. It
is seen that the total time to read the entire data (end-to-end
authentication, DG1, DG2 and DG13) is approximately 1.217s.
So, the software reading data on the CIC has an average time of
about 1.2 to 1.3s, which is a relatively fast read speed, which is
suitable for real time applications.
C. Analyzing, Evaluating, and Testing the Source Code of the
CIC Reader Software Fig. 10. Unused variables.
The Fortify Static Code Analyzer toolkit (Version
22.1.0.0166) was used to analyze and evaluate the CIC reader
software source code. Table II gives the detailed results. There
are error issues related to Buffer Overflow, Variable Never
Used, Integer to Character, Signed to Unsigned, Unchecked
Return Value, but these problems are not of a serious nature
and don't affect the security of the software. Specifically, these
issues are analyzed below.
 There is a problem related to buffer overflow (Buffer
Overflow: 1 issue), which is warned in the memcpy Fig. 11. Integer to character conversion issue.
function (void *memcpy(void *str1, const void
*str2, size_t n) of the reader, occurring when the size
of the copied array is smaller than the data array size, which
does not guarantee program optimization according to [30-
33]. The Fortify Static Toolkit Code Analyzer showed how
to fix the source code (check the correct copy array length
and number of bytes to copy) according to [34].

TABLE II. RESULTS OF SOURCE CODE OF CIC SOFTWARE

TESTING WITH THE FORTIFY STATIC CODE ANALYZER
Fig. 12. Unchecked return value issue.
Fortify Priority (audited/total) Total
Category
Critical High Medium Low Issues  There is an issue with the unchecked return value
Buffer Overflow 0 0/1 0 0 0/1 (Unchecked Return Value: 1 issue). This error occurs when
Poor Style: Variable
Never Used
0 0 0 0/2 0/2 the InitInstance() function returns no value. Since
Type Mismatch: InitInstance() is an interface function of the MFC
0 0/1 0 0 0/1 available when creating the interface, it cannot be dropped.
Integer to Character
Type Mismatch: Signed
0 0/1 0 0 0/1 Analyzing, evaluating, and testing the problems in CIC
to Unsigned
Unchecked Return reader software with Fortify Static Code Analyzer toolkit
0 0 0 0/1 0/1
Value (Version 22.1.0.0166), shows that the developed and built
Weak Cryptographic
0 0 0 0/5 0/5 software is guaranteed source code-safe. This is enough to
Hash confirm that the CIC reader software will be secure against

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …
Engineering, Technology & Applied Science Research Vol. 13, No. 1, 2023, 10100-10107 10107

some types of attacks when deployed in real-world commercial [13] B. Robisson et al., "Smart security management in secure devices,"
applications. Journal of Cryptographic Engineering, vol. 7, no. 1, pp. 47–61, Apr.
2017, https://doi.org/10.1007/s13389-016-0143-4.
V. CONCLUSION [14] T. Rosteck, Connected Secure Systems (CSS) Division Call hosted by
Deutsche Bank. infineon, 2021.
Reading citizen information stored on a CIC with chip is [15] A. H. Al-Omari, "Lightweight Dynamic Crypto Algorithm for Next
practical for daily services, such as electronic payments, online Internet Generation," Engineering, Technology & Applied Science
money transfers, online public services, etc. In this paper, we Research, vol. 9, no. 3, pp. 4203–4208, Jun. 2019,
used the BAC mode to set up a secure channel in the process of https://doi.org/10.48084/etasr.2743.
reading citizen information stored on CIC. We used [16] P. A. Karger, D. C. Toll, E. R. Palmer, S. K. McIntosh, S. Weber, and J.
cryptographic algorithms such as 3DES, SHA1, and MAC, to W. Edwards, "Implementing a High-Assurance Smart-Card OS," in
Financial Cryptography and Data Security, Tenerife, Canary Islands,
ensure that during the authentication process between the chip Jan. 2010, pp. 51–65, https://doi.org/10.1007/978-3-642-14577-3_7.
and the terminal the communication in the process of reading [17] O. Dagdelen, "The Cryptographic Security of the German Electronic
citizen information from the chip on CIC is secure. As a result, Identity Card," Ph.D. dissertation, Technical University of Berlin,
the software reads the information stored on DG1, DG2, and Berlin, Germany, 2013.
DG3 fields with safety and security. The performance of the [18] U. Iftikhar, K. Asrar, M. Waqas, and S. A. Ali, "Evaluating the
software has a reading and data processing speed of Performance Parameters of Cryptographic Algorithms for IOT-based
approximately 1.2 s to 1.3 s. The CIC reader software source Devices," Engineering, Technology & Applied Science Research, vol.
11, no. 6, pp. 7867–7874, Dec. 2021, https://doi.org/10.48084/
code has been evaluated and tested with the Fortify Static Code etasr.4263.
Analyzer tool (Version 22.1.0.0166) to confirm the software its [19] Order of Identification and Regulations for Issue Issuance. 1957.
robustness and safety. [20] Circular No. 59/2021/TT-BCA detailing the implementation of the Law
on Citizen Identification. 2021.
ACKNOWLEDGMENT
[21] ISO/IEC 18013-3:2017, Information technology — Personal
The authors thank the Academy of Cryptography identification — ISO-compliant driving licence — Part 3: Access
Techniques and the Minister of Education and Training control, authentication and integrity validation. ISO, 2017.
(MOET) for supporting this work under grant number B2022- [22] Doc 9303: Machine Readable Travel Documents: Part 3: Specifications
GHA-10. Common to all MRTDs, 8th ed. ICAO, 2021.
[23] "Radio Frequency Protocol and Application Test Standard for eMRTD –
REFERENCES Part 3," ICAO, Technical Report, Mar. 2018.
[24] D. Cooper, H. Ferraiolo, K. Mehta, S. Francomacaro, R. Chandramouli,
[1] L. C. Guillou and M. Ugon, "Smart Card a Highly Reliable and Portable
and J. Mohler, NIST Special Publication 800-73-4: Interfaces for
Security Device," in Lecture Notes in Computer Science, New York,
Personal Identity Verification – Part 1: PIV Card Application
NY, USA: Springer, 1987, pp. 464–479.
Namespace, Data Model and Representation. Gaithersburg, MD, USA:
[2] K. Vedder, "GSM: Security, Services, and the SIM," in Lecture Notes in NIST, US Department of Commerce, 2015.
Computer Science, Berlin, Heidelberg: Springer, 1998, pp. 224–240.
[25] Advanced Security Mechanisms for Machine Readable Travel
[3] V. Guyot, "Smart card, the stealth leaker," Journal in Computer Documents and eIDAS Token – Part 1. Germany: Federal Office for
Virology, vol. 8, no. 1, pp. 29–36, May 2012, https://doi.org/ Information Security, 2015.
10.1007/s11416-012-0159-y.
[26] ISO/IEC 14443-4:2008, Identification cards — Contactless integrated
[4] W. Rankl and W. Effing, Smart Card Handbook, Fourth Edition. New circuit cards — Proximity cards — Part 4: Transmission protocol. ISO,
York, NY, USA: John Wiley & Sons, 2010. 2008.
[5] D. Basin, R. Sasse, and J. Toro-Pozo, "The EMV Standard: Break, Fix, [27] ISO/IEC 7816-4:2020(en), Identification cards — Integrated circuit
Verify," in IEEE Symposium on Security and Privacy (SP), San cards — Part 4: Organization, security and commands for interchange.
Francisco, CA, USA, Dec. 2021, pp. 1766–1781, ISO, 2020.
https://doi.org/10.1109/SP40001.2021.00037.
[28] H. Mestiri, I. Barraj, and M. Machhout, "AES High-Level SystemC
[6] M. E. Haykin and R. B. J. Warnar, Smart Card Technology: New Modeling using Aspect Oriented Programming Approach," Engineering,
Methods for Computer Access Control. Gaithersburg, MD, USA: Technology & Applied Science Research, vol. 11, no. 1, pp. 6719–6723,
National Institute of Standards and Technology, 1988. Feb. 2021, https://doi.org/10.48084/etasr.3971.
[7] K. Markantonakis, "Multi Application Smart Card Platforms and [29] A. S. Alshammari, "Comparison of a Chaotic Cryptosystem with Other
Operating Systems," in Smart Cards, Tokens, Security and Applications, Cryptography Systems," Engineering, Technology & Applied Science
K. E. Mayes and K. Markantonakis, Eds. Boston, MA, USA: Springer, Research, vol. 10, no. 5, pp. 6187–6190, Oct. 2020, https://doi.org/
2008, pp. 51–83. 10.48084/etasr.3745.
[8] W. Rankl and W. Effing, Smart Card Handbook, 1st Edition. Chichester, [30] G. McGraw, "Software Security: Building Security In," in 17th
WS, England: Wiley, 2010. International Symposium on Software Reliability Engineering, Raleigh,
[9] H. Guo, Smart Cards and their Operating Systems. Helsinki, Finland: NC, USA, Nov. 2006, https://doi.org/10.1109/ISSRE.2006.43.
Helsinki University of Technology, 2002. [31] A. Apvrille and M. Pourzandi, "Secure software development by
[10] K. Mekki, O. Necibi, C. Boussetta, and A. Gharsallah, "Miniaturization example," IEEE Security & Privacy, vol. 3, no. 4, pp. 10–17, Jul. 2005,
of Circularly Polarized Patch Antenna for RFID Reader Applications," https://doi.org/10.1109/MSP.2005.103.
Engineering, Technology & Applied Science Research, vol. 10, no. 3, [32] J. Koziol et al., The Shellcoder’s Handbook: Discovering and Exploiting
pp. 5655–5659, Jun. 2020, https://doi.org/10.48084/etasr.3445. Security Holes. New York, NY, USA: Wiley, 2004.
[11] K. R. Wilcox, "Multi-application smart cards: Card operating systems [33] M. Howard and D. LeBlanc, Writing Secure Code, Second Edition, 2nd
and application security," presented at the 21st Computer Science ed. Redmond, WA, USA: Microsoft Press, 2003.
Seminar, 2003.
[34] "About Strsafe.h - Win32 apps," Microsoft. https://learn.microsoft.com/
[12] E. Barker and N. Mouha, Recommendation for Triple Data Encryption en-us/windows/win32/menurc/strsafe-ovw.
Algorithm (TDEA) Block Cipher. Gaithersburg, MD, USA: National
Institute of Standards and Technology, 2017.

www.etasr.com Le et al.: Building an Application that reads Secure Information Stored on the Chip of the Citizen …