Previous | Table of Contents | Next |
All the commands in Table 5.13 are described in detail in the 3K Multiflex documentation on the CD-ROM.
Stamped Increase and Decrease commands are examples of a technique a terminal can use to guard against rogue cards. Protected-mode commands are how a card protects itself against rogue terminals.
In order for the terminal to execute a command that has been given a protected-mode access condition, the terminal must first get a random eight challenge from the card using the Get Challenge command. The terminal encrypts this challenge using a specific key shared with the card and returns the encrypted challengethe cryptogramalong with the protected mode command. The card decrypts the cryptogram and if it gets the challenge it sent, then it knows the terminal possesses the same key as it does and it executes the command. If the cryptogram does not successfully decrypt, the card aborts the command and returns an error status.
Suppose the Update command has been given a protected mode access condition on a selected transparent file using key 1 in the external authentication key file and the terminal wants to write ab into the first 2 bytes of the file. The terminal begins by sending the card a Get Challenge command. This is to get the plain text of the cryptogram it has to return to the card with the Update command:
CLA | INS | Data Length | ||
---|---|---|---|---|
C016 | D616 | 0016 | 0016 | 0816 |
The card responds with
6416 4616 2716 E016 0716 9D16 D816 6C16 9016 0016
which is 8 random bytes followed by the normal completion status return. The terminal DES encrypts these with key 1 in the external authentication key file (4716 4616 5816 4916 3216 7816 4016) and sends the card the Update command together with this encryption:
CLA | INS | Offset High | Offset Low | Length | Cryptogram |
---|---|---|---|---|---|
C016 | 8416 | 0016 | 0016 | 0A16 | 6116 6216 0D16 3116 A816 F316 1C16 EF16 7816 F816 |
Here 6116 6216 is the character sequence ab that the command will write starting at offset 000016 in the file and 0D16 3116 A816 F316 1C16 EF16 7816 F816 is the DES encryption of the challenge.
The card decrypts the trailing 8 bytes using the key associated with the Update command in the current external authentication key file, and upon getting what it sent in response to the Get Challenge command, which it remembered, executes the Update command.
As you may have already gathered, the way you establish your identity in the world of smart cards is by demonstrating possession of a secrettypically a key of some sort. You can demonstrate such a possession by simply showing the secret, as in the case of a PIN, or you can demonstrate possession of it by doing something that only somebody with the secret could do, such as encrypting a message with the key.
Internal and external authentication use the latter technique to establish identity. The terminal uses internal authentication to establish the identity of the card and the card uses external authentication to establish the identity of the terminal.
Both protocols start by wondering about the other sides identity and sending a challengea random 8-byte sequenceto the side whose identity is being questioned. The side receiving the challenge encrypts it with its secret, a particular key, and sends back the encrypted result. The side that originally sent the challenge decrypts the encrypted message using the key it knows the other possesses if it is authentic. If the message decrypts satisfactorily (that is, the decrypted challenge is identical to the challenge originally sent), then the side sending the original challenge knows that the other side possesses a particular key and this establishes its identity. What is critical is to note this possession has been demonstrated without exposing the secret itself.
Since weve already seen two examples of the card establishing the identity of the external world, Verify PIN and Verify Key, lets walk through an example of the terminal establishing the identity of the card. A terminal would do this to ensure that it isnt unwittingly talking to a rogue smart card; that is, a smart card that looks like the real thing to the terminal but isnt.
Previous | Table of Contents | Next |