BS EN 419212-3:2017

$215.11

Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services – Device authentication protocols

Published By	Publication Date	Number of Pages
BSI	2017	120

Guaranteed Safe Checkout

Categories: 35.240.15 - Identification cards. Chip cards. Biometrics, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

This part specifies device authentication to be used for QSCDs in various context including Device authentication protocols Establishment of a secure channel Data structures CV-certificates Key management The device authentication protocols shall apply to sole-control signature mandated by the EU-regulation eIDAS.

PDF Catalog

PDF Pages	PDF Title
2	National foreword
9	1 Scope 2 Normative references 3 Device authentication 3.1 General
11	3.2 Asymmetric Authentication introduction 3.3 Certification authorities and certificates 3.3.1 Certificate chains
12	3.3.2 Usage of link certificates 3.4 Authentication environments
13	3.4.1 SCA in trusted environment 3.4.2 SCA in untrusted environment 3.4.3 Specification of the environment 3.4.4 Display message mechanism
14	3.4.5 Additional authentication environments 3.5 Key transport and key agreement mechanisms 3.6 Device authentication with privacy protection 3.6.1 General
15	3.6.2 Authentication steps 3.6.2.1 General
18	3.6.2.2 Step 1 — Read key exchange parameters
20	3.6.2.3 Step 2 — IFD selects the public key parameter set and sends KIFD 3.6.2.4 Step 3 — ICC computes KICC
23	3.6.2.5 Step 4 — Skip reading chain certificates 3.6.2.6 Step 5 — Selection of verification key PuK.(R)CAIFD.CS_AUT (conditional)
24	3.6.2.7 Step 6 — Verify Certificate C_CV.CAIFD.CS_AUT (conditional)
25	3.6.2.8 Step 7 — Selection of verification key PuK.CAIFD.AUT
26	3.6.2.9 Step 8 — Verify Certificate C_CV.IFD.AUT
27	3.6.2.10 Step 9 — Key Selection for external authentication
28	3.6.2.11 Step 10 — Get Challenge 3.6.2.12 Step 11 — External authentication
29	3.6.2.13 Step 12 — Read C.CAICC.AUT (conditional)
30	3.6.2.14 Step 13 — Read ICC’s certificate C.ICC.AUT
31	3.6.2.15 Step 14 — Key selection
32	3.6.2.16 Step 15 — Internal Authentication
33	3.7 Privacy constrained Modular EAC (mEAC) protocol with non-traceability feature 3.7.1 General 3.7.2 Example for traceability case
34	3.7.3 Notation 3.7.4 Authentication steps 3.7.4.1 General
37	3.7.4.2 Step 1 — Reading of the protocol relevant public parameters 3.7.4.3 Step 2 — User verification (conditional) 3.7.4.4 Step 3 — Selection of verification key PuK.(R)CAIFD.CS_AUT (conditional)
38	3.7.4.5 Step 4 — Verify Certificate C_CV.CAIFD.CS_AUT (conditional)
39	3.7.4.6 Step 5 — Selection of verification key PuK.CAIFD.AUT 3.7.4.7 Step 6 — Verify Certificate C_CV.IFD.AUT
40	3.7.4.8 Step 7 — Key Selection for external authentication
42	3.7.4.9 Step 8 — Get Challenge 3.7.4.10 Step 9 — External authentication
44	3.7.4.11 Step 10 — Reading of the public key PuK.ICC.KA (conditionally) 3.7.4.12 Step 11 — Selection of Algorithm and keys
46	3.7.4.13 Step 12 — Key agreement
47	3.7.4.14 Step 13 — Establishment of new secure channel 3.7.4.15 Step 14 — Read and verify ICC’s certificate 3.7.5 Unlinkablity Mechanism with individual private keys 3.7.5.1 General
49	3.7.5.2 Key derivation 3.7.5.3 Step X.1 – Request for randomization
50	3.7.5.4 Step 2.2 — GA: Get nonce
51	3.7.5.5 PCA mechanism
54	3.7.5.6 Step 7.1 — Key Selection for external authentication
55	3.7.5.7 Step 12.1 DH key agreement
56	3.8 Symmetric authentication scheme 3.8.1 General 3.8.2 Authentication steps 3.8.2.1 General
57	3.8.2.2 Step A — Read SN.ICC
58	3.8.2.3 Step B — Get Challenge
59	3.8.2.4 Step C — Mutual authentication
60	3.8.3 Session Key creation 3.9 Key transport protocol based on RSA 3.9.1 General
62	3.9.2 Authentication Steps 3.9.2.1 Step A — Skip to authentication (conditional) 3.9.2.2 Step B — Selection of verification key PuK.RCA.AUT (conditional)
63	3.9.2.3 Step C — Verify Certificate C_CV.CA.CS_AUT (conditional)
64	3.9.2.4 Step D — Selection of verification key PuK.CAIFDAUT
65	3.9.2.5 Step E — Verify Certificate C_CV.IFD.AUT 3.9.2.6 Step F — Skip reading chain certificates 3.9.2.7 Step G — Read C.CAICC.AUT (conditional)
66	3.9.2.8 Step H — Read ICC’s certificate C.ICC.AUT
67	3.9.2.9 Step I — Key selection 3.9.2.10 Step J — Internal Authentication
68	3.9.2.11 Step K — Get Challenge
69	3.9.2.12 Step L — External authentication
70	3.9.3 Session Key creation 3.10 Compute Session keys from key seed KIFD/ICC 3.10.1 General
71	3.10.2 Generation of key data 3.10.3 Partitioning of the key data 3.10.4 Algorithm and method specific definition for key derivation 3.10.4.1 TDES
72	3.10.4.2 AES-128 using EMAC (SHA-1 version)
73	3.10.4.3 AES-128 using CMAC (SHA-1 version) 3.10.4.4 AES using EMAC (SHA-256 version) 3.10.4.5 AES using CMAC (SHA–256 version)
74	3.10.5 Key derivation from passwords 3.10.5.1 General 3.10.5.2 3DES Key derivation 3.10.5.3 AES-128 Key derivation 3.10.5.4 AES-192 Key derivation
75	3.10.5.5 AES-256 Key derivation 3.11 Compute send sequence counter SSC 3.12 Post-authentication phase
76	3.13 Ending the secure session 3.13.1 General 3.13.2 Example for ending a secure session 3.13.3 Rules for ending a secure session
77	3.14 Reading the Display Message
79	3.15 Updating the Display Message
80	4 Data structures 4.1 General 4.2 CRTs 4.2.1 General 4.2.2 CRT AT for the selection of internal private authentication keys 4.2.3 CRT AT for selection of internal authentication keys
81	4.2.4 CRT for selection of IFD’s PuK.CAIFD.CS_AUT 4.2.5 CRT for selection of IFD’s PuK.IFD.AUT
82	4.2.6 CRT AT for selection of the public DH / ECDH key parameters 4.2.7 GENERAL AUTHENTICATE DH key parameters used by the Privacy Protocol 4.2.8 CRT AT for selection of ICC’s private authentication key
83	4.2.9 CRT for selection of IFD’s PuK.IFD.AUT 4.2.10 CRT for selection of PrK.ICC.KA
84	4.3 Key transport device authentication protocol 4.3.1 EXTERNAL AUTHENTICATE 4.3.2 INTERNAL AUTHENTICATE
85	4.4 Privacy device authentication protocol 4.4.1 EXTERNAL AUTHENTICATE (DH case)
86	4.4.2 EXTERNAL AUTHENTICATE (ECDH case)
87	4.4.3 INTERNAL AUTHENTICATE (DH case) 4.4.4 INTERNAL AUTHENTICATE (ECDH case)
88	5 CV_Certificates and Key Management 5.1 General 5.2 Level of trust in a certificate 5.3 Key Management
89	5.4 Certificate types 5.4.1 Card Verifiable Certificates
90	5.4.2 Signature-Certificates 5.4.3 Authentication Certificates 5.5 Use of the public key extracted from a CV-certificate 5.6 Validity of the key extracted from a CV-certificate
91	5.7 Structure of CVC 5.7.1 General 5.7.2 Non-self-descriptive certificates
92	5.7.3 Self-descriptive certificates 5.8 Certificate Content 5.8.1 General
93	CPI-Certificate Profile Identifier
94	5.8.2 CAR-Certification Authority Reference DO
95	5.8.3 CHR-Certificate Holder Reference DO
96	5.8.4 CHA-Certificate Holder Authorization Data Object (CHA-DO)
97	5.8.5 Role identifier specifications 5.8.5.1 General
98	5.8.5.2 Role ID for PuK of CA
99	5.8.5.3 Role ID for PuK for device authentication 5.8.5.4 Processing the role ID 5.8.6 User and service provider authentication 5.8.6.1 General
100	5.8.6.2 Specific attributes 5.8.7 CHAT-Certificate Holder Authorization Template (CHAT) 5.8.8 OID — Object identifier 5.8.9 CEDT — Certificate Effective Date Template 5.8.10 CXDT — Certificate Expiration date Template
101	5.9 Certificate signature 5.9.1 General 5.9.2 Non self-descriptive certificates
102	5.9.3 Self-descriptive certificates
103	5.10 Coding of the certificate content 5.10.1 Non self-descriptive certificates 5.10.2 Self-descriptive certificates
104	5.10.3 Self-descriptive certificates for elliptic curve cryptography 5.10.3.1 General 5.10.3.2 Structure of a self-descriptive CV certificate 5.10.3.3 Certificate content template 5.10.3.4 Certificate Profile Indicator 5.10.3.5 Certification Authority Reference Template 5.10.3.6 Certificate Holder Reference Template
105	5.10.3.7 Certificate Holder Authorization (CHA-Template/CHA-DO) 5.10.3.8 Optional certificate extension in self-descriptive certificates
106	5.10.3.9 Public Key 5.10.3.10 OID1 5.10.3.11 Signature
107	5.11 Steps of CVC verification 5.11.1 General
108	5.11.2 First round: CVC verification from a Root PuK
109	5.11.3 Subsequent round(s) 5.12 Commands to handle the CVC 5.13 C_CV.IFD.AUT (non self-descriptive)
110	5.14 C_CV.CA.CS-AUT (non self-descriptive)
111	5.15 C.ICC.AUT
112	5.16 Self-descriptive CV Certificate (Example) 5.16.1 General 5.16.2 Public Key
113	5.16.3 Certificate Holder Authorization Template 5.16.4 Certificate Extension
114	5.16.5 ECDSA Signature
115	Annex A (informative)Device authentication Protocol Properties

Additional information

Status	Under Review
Pages	120
Publication Date	2017-10-03
ISBN	978 0 580 95789 5
Standard Number	BS EN 419212-3:2017
Title	Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services – Device authentication protocols
Identical National Standard Of	EN 419212-3:2017
Replaces	BS EN 419212-1:2014, BS EN 419212-2:2014
Descriptors	Data processing, Information exchange, Personal identification numbers, Data security, Computer terminals, Verification, Identity cards, Interfaces (data processing), Cryptography, Identification methods, Electronic signatures, Integrated circuit cards
Publisher	BSI
Committee	IST/17
ICS Codes	35.240.15 - Identification cards. Chip cards. Biometrics

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS EN 419212-3:2017

PDF Catalog

Related products