Classic Electronics Smart 4F Especificaciones descargar pdf (Pagina 20)

Smart Cards Lab COMPGA12 University College London

11.1 Basic Access Control

Now the reader and the passport do a mutual cryptographic authentication

as speciﬁed in the Basic Access Control. It is done following ISO 11770-2.

The high level description is as follows:

1. The passport and the terminal have a shared 224-bit double triple DES

key (written on 2 · 128 bits)

K = (K

M AC

, K

EN C

computed from the MRZ.

2. The passport generates two randoms r

on 64 bits and K

on 128

bits.

The passport sends to the reader the card random

−→

3. The reader also choses two randoms r

on 64 bits and K

on 128 bits.

Then he computes the authenticated encryption cryptogram

←− EA

, r

, K

)

that is 64+64+128 bits. These 256 bits are sent to the card

4. Then the passport checks the MAC, decrypts the triple (r

, r

, K

checks if r

is the same as his own.

Then it computes and sends another authenticated cryptogram on 256

bits:

, r

, K

) −→

5. Then the terminal checks R

If correct, the ﬁnal shared key is K

⊕ K

on 128 bits.

Nicolas T. Courtois 2009-10

1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 58 59

Sin comentarios

Classic Electronics Smart 4F Especificaciones Pagina 20