|
Posted on 2006-05-03 17:15 奔跑的阿甘 阅读(931) 评论(0) 编辑 收藏 引用 所属分类: ATM Technology/EMV Notes
SDA(Static data authentication) is performed by the terminal using a digital signature scheme based on public key techniques to confirm the legitimacy of critical ICCresident static data identified by the AFL and by the optional Static Data Authentication Tag List. This detects unauthorised alteration of data after personalisation.
一 ICC应保存数据: a) CA Public Key Index b)Issuer Public Key Certificate c) Signed Static Application Data
二 Terminal应保存数据: a) Six CA public keys per RID(Registered Application Provider Identifier) b) Key-related information for each CA public key c) Corresponding algorithm
三 SDA过程按次序分三个步骤,其中任一步骤若出现异常则SDA失败,只有三个步骤顺利完成 后SDA才成功:
a) Retrieval of the Certification Authority Public Key The terminal reads the Certification Authority Public Key Index. Using this index and the RID, the terminal shall identify and retrieve the terminal-stored Certification Authority Public Key Modulus and Exponent and the associated keyrelated information, and the corresponding algorithm to be used. If the terminal does not have the key stored associated with this index and RID, static data authentication has failed.
b) Retrieval of the Issuer Public Key 1. If the Issuer Public Key Certificate has a length different from the length of the Certification Authority Public Key Modulus obtained in the previous section, static data authentication has failed. 2. In order to obtain the recovered data specified in Table 4, apply the recovery function specified in Annex A2.1 to the Issuer Public Key Certificate using the Certification Authority Public Key in conjunction with the corresponding algorithm. If the Recovered Data Trailer is not equal to ‘BC’, static data authentication has failed. 3. Check the Recovered Data Header. If it is not ‘6A’, static data authentication has failed. 4. Check the Certificate Format. If it is not ‘02’, static data authentication has failed. 5. Concatenate from left to right the second to the tenth data elements in Table 4 (that is, Certificate Format through Issuer Public Key or Leftmost Digits of the Issuer Public Key), followed by the Issuer Public Key Remainder (if present) and finally the Issuer Public Key Exponent. 6. Apply the indicated hash algorithm (derived from the Hash Algorithm Indicator) to the result of the concatenation of the previous step to produce the hash result. 7. Compare the calculated hash result from the previous step with the recovered Hash Result. If they are not the same, static data authentication has failed. 8. Verify that the Issuer Identification Number matches the leftmost 3-8 PAN digits (allowing for the possible padding of the Issuer Identification Number with hexadecimal ‘F’s). If not, static data authentication has failed. 9. Verify that the last day of the month specified in the Certificate Expiration Date is equal to or later than today's date. If the Certificate Expiration Date is earlier than today's date, the certificate has expired, in which case static data authentication has failed. 10. Verify that the concatenation of RID, Certification Authority Public Key Index, and Certificate Serial Number is valid. If not, static data authentication has failed4. 11. If the Issuer Public Key Algorithm Indicator is not recognised, static data authentication has failed. 12. If all the checks above are correct, concatenate the Leftmost Digits of the Issuer Public Key and the Issuer Public Key Remainder (if present) to obtain the Issuer Public Key Modulus, and continue with the next steps for the verification of the Signed Static Application Data.
c) Verification of the Signed Static Application Data 1. If the Signed Static Application Data has a length different from the length of the Issuer Public Key Modulus, static data authentication has failed. 2. In order to obtain the Recovered Data specified in Table 5, apply the recovery function specified in Annex A2.1 on the Signed Static Application Data using the Issuer Public Key in conjunction with the corresponding algorithm. If the Recovered Data Trailer is not equal to ‘BC’, static data authentication has failed. 3. Check the Recovered Data Header. If it is not ‘6A’, static data authentication has failed. 4. Check the Signed Data Format. If it is not ‘03’, static data authentication has failed. 5. Concatenate from left to right the second to the fifth data elements in Table 5 (that is, Signed Data Format through Pad Pattern), followed by the static data to be authenticated as specified in Part II of Book 3 of these specifications. If the Static Data Authentication Tag List is present and contains tags other than ‘82’, then static data authentication has failed. 6. Apply the indicated hash algorithm (derived from the Hash Algorithm Indicator) to the result of the concatenation of the previous step to produce the hash result. 7. Compare the calculated hash result from the previous step with the recovered Hash Result. If they are not the same, static data authentication has failed. If all of the above steps were executed successfully, static data authentication was successful. The Data Authentication Code recovered in Table 5 shall be stored in Tag ‘9F45’.
参考:<<EMV2000 Integrated Circuit Card Specification for Payment Systems Book 2 - Security and Key Management>>
|