|
|
Posted on 2006-05-03 17:15 奔跑的阿甘 閱讀(943) 評論(0) 編輯 收藏 引用 所屬分類: ATM Technology/EMV Notes
SDA(Static data authentication) is performed by the terminal using a digital signature
scheme based on public key techniques to confirm the legitimacy of critical ICCresident
static data identified by the AFL and by the optional Static Data Authentication Tag List.
This detects unauthorised alteration of data after personalisation.
一 ICC應保存數據:
a) CA Public Key Index
b)Issuer Public Key Certificate
c) Signed Static Application Data
二 Terminal應保存數據:
a) Six CA public keys per RID(Registered Application Provider Identifier)
b) Key-related information for each CA public key
c) Corresponding algorithm
三 SDA過程按次序分三個步驟,其中任一步驟若出現異常則SDA失敗,只有三個步驟順利完成
后SDA才成功:
a) Retrieval of the Certification Authority Public Key
The terminal reads the Certification Authority Public Key Index. Using this index
and the RID, the terminal shall identify and retrieve the terminal-stored
Certification Authority Public Key Modulus and Exponent and the associated keyrelated
information, and the corresponding algorithm to be used. If the terminal does not have the
key stored associated with this index and RID, static data authentication has failed.
b) Retrieval of the Issuer Public Key
1. If the Issuer Public Key Certificate has a length different from the length of the
Certification Authority Public Key Modulus obtained in the previous section,
static data authentication has failed.
2. In order to obtain the recovered data specified in Table 4, apply the recovery
function specified in Annex A2.1 to the Issuer Public Key Certificate using the
Certification Authority Public Key in conjunction with the corresponding
algorithm. If the Recovered Data Trailer is not equal to ‘BC’, static data
authentication has failed.
3. Check the Recovered Data Header. If it is not ‘6A’, static data authentication has
failed.
4. Check the Certificate Format. If it is not ‘02’, static data authentication has
failed.
5. Concatenate from left to right the second to the tenth data elements in Table 4
(that is, Certificate Format through Issuer Public Key or Leftmost Digits of the
Issuer Public Key), followed by the Issuer Public Key Remainder (if present) and
finally the Issuer Public Key Exponent.
6. Apply the indicated hash algorithm (derived from the Hash Algorithm Indicator)
to the result of the concatenation of the previous step to produce the hash result.
7. Compare the calculated hash result from the previous step with the recovered
Hash Result. If they are not the same, static data authentication has failed.
8. Verify that the Issuer Identification Number matches the leftmost 3-8 PAN digits
(allowing for the possible padding of the Issuer Identification Number with
hexadecimal ‘F’s). If not, static data authentication has failed.
9. Verify that the last day of the month specified in the Certificate Expiration Date
is equal to or later than today's date. If the Certificate Expiration Date is earlier
than today's date, the certificate has expired, in which case static data
authentication has failed.
10. Verify that the concatenation of RID, Certification Authority Public Key Index,
and Certificate Serial Number is valid. If not, static data authentication has
failed4.
11. If the Issuer Public Key Algorithm Indicator is not recognised, static data
authentication has failed.
12. If all the checks above are correct, concatenate the Leftmost Digits of the Issuer
Public Key and the Issuer Public Key Remainder (if present) to obtain the Issuer
Public Key Modulus, and continue with the next steps for the verification of the
Signed Static Application Data.
c) Verification of the Signed Static Application Data
1. If the Signed Static Application Data has a length different from the length of the
Issuer Public Key Modulus, static data authentication has failed.
2. In order to obtain the Recovered Data specified in Table 5, apply the recovery
function specified in Annex A2.1 on the Signed Static Application Data using the
Issuer Public Key in conjunction with the corresponding algorithm. If the
Recovered Data Trailer is not equal to ‘BC’, static data authentication has failed.
3. Check the Recovered Data Header. If it is not ‘6A’, static data authentication has
failed.
4. Check the Signed Data Format. If it is not ‘03’, static data authentication has
failed.
5. Concatenate from left to right the second to the fifth data elements in Table 5
(that is, Signed Data Format through Pad Pattern), followed by the static data to
be authenticated as specified in Part II of Book 3 of these specifications. If the
Static Data Authentication Tag List is present and contains tags other than ‘82’,
then static data authentication has failed.
6. Apply the indicated hash algorithm (derived from the Hash Algorithm Indicator)
to the result of the concatenation of the previous step to produce the hash result.
7. Compare the calculated hash result from the previous step with the recovered
Hash Result. If they are not the same, static data authentication has failed.
If all of the above steps were executed successfully, static data authentication was
successful. The Data Authentication Code recovered in Table 5 shall be stored in
Tag ‘9F45’.
 
參考:<<EMV2000 Integrated Circuit Card Specification for Payment Systems Book 2
?- Security and Key Management>>
|