欢迎来到麦多课文档分享! | 帮助中心 海量文档,免费浏览,给你所需,享你所想!
麦多课文档分享
全部分类
  • 标准规范>
  • 教学课件>
  • 考试资料>
  • 办公文档>
  • 学术论文>
  • 行业资料>
  • 易语言源码>
  • ImageVerifierCode 换一换
    首页 麦多课文档分享 > 资源分类 > PDF文档下载
    分享到微信 分享到微博 分享到QQ空间

    BS ISO IEC 7816-8-2016 Identification cards Integrated circuit cards Commands and mechanisms for security operations《识别卡 集成电路卡 安全操作命令和机制》.pdf

    • 资源ID:396874       资源大小:2MB        全文页数:48页
    • 资源格式: PDF        下载积分:5000积分
    快捷下载 游客一键下载
    账号登录下载
    微信登录下载
    二维码
    微信扫一扫登录
    下载资源需要5000积分(如需开发票,请勿充值!)
    邮箱/手机:
    温馨提示:
    如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
    如需开发票,请勿充值!如填写123,账号就是123,密码也是123。
    支付方式: 支付宝扫码支付    微信扫码支付   
    验证码:   换一换

    加入VIP,交流精品资源
     
    账号:
    密码:
    验证码:   换一换
      忘记密码?
        
    友情提示
    2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
    3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
    4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。
    5、试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。

    BS ISO IEC 7816-8-2016 Identification cards Integrated circuit cards Commands and mechanisms for security operations《识别卡 集成电路卡 安全操作命令和机制》.pdf

    1、BS ISO/IEC 7816-8:2016 Identification cards Integrated circuit cards Part 8: Commands and mechanisms for security operations BSI Standards Publication WB11885_BSI_StandardCovs_2013_AW.indd 1 15/05/2013 15:06BS ISO/IEC 7816-8:2016 BRITISH STANDARD National foreword This British Standard is the UK imp

    2、lementation of ISO/IEC 7816-8:2016. It supersedes BS ISO/IEC 7816-8:2004 which is withdrawn. The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards and personal identification. A list of organizations represented on this committee can be obtained on request to its

    3、 secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution 2016. Published by BSI Standards Limited 2016 ISBN 978 0 580 85939 7 ICS 35.240.15 Compliance with a British Stand

    4、ard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 30 November 2016. Amendments/corrigenda issued since publication Date T e x t a f f e c t e dBS ISO/IEC 7816-8:2016 Identification cards Integr

    5、ated circuit cards Part 8: Commands and mechanisms for security operations Cartes didentification Cartes circuit intgr Partie 8: Commandes et mcanismes pour les oprations de scurit INTERNATIONAL STANDARD ISO/IEC 7816-8 Reference number ISO/IEC 7816-8:2016(E) Third edition 2016-11-01 ISO/IEC 2016 BS

    6、ISO/IEC 7816-8:2016ii ISO/IEC 2016 All rights reserved COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2016, Published in Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, inclu

    7、ding photocopying, or posting on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Ch. de Blandonnet 8 CP 401 CH-1214 Vernier, Geneva, Switzerland T

    8、el. +41 22 749 01 11 Fax +41 22 749 09 47 copyrightiso.org www.iso.org ISO/IEC 7816-8:2016(E)BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E)Foreword iv Introduction v 1 Scope .1 2 Normative references 1 3 Terms and definitions .1 4 Symbols and abbreviated terms . 2 5 Interindustry commands for security

    9、 operations .3 5.1 General . 3 5.2 generate asymmetric key pair command 3 5.3 perform security operation command 7 5.3.1 General 7 5.3.2 compute cryptographic checksum operation .10 5.3.3 compute digital signature operation .10 5.3.4 hash operation11 5.3.5 verify cryptographic checksum operation .11

    10、 5.3.6 verify digital signature operation .11 5.3.7 verify certificate operation .12 5.3.8 encipher operation 13 5.3.9 decipher operation 13 Annex A (informative) Examples of operations related to digital signature .14 Annex B (informative) Examples of certificates interpreted by the card 20 Annex C

    11、 (informative) Examples of asymmetric key transfer .25 Annex D (informative) Alternatives to achieve the reversible change of security context .28 Annex E (informative) Example of uses for generate asymmetric key pair command 30 Bibliography .36 ISO/IEC 2016 All rights reserved iii Contents PageBS I

    12、SO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development

    13、of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, governmental and non-governmental, in

    14、 liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. The procedures used to develop this document and those intended for its further maintenance are described in the ISO/IEC Directives,

    15、 Part 1. In particular the different approval criteria needed for the different types of document should be noted. This document was drafted in accordance with the editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives). Attention is drawn to the possibility that some of the e

    16、lements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. Details of any patent rights identified during the development of the document will be in the Introduction and/or on the ISO list of patent declarati

    17、ons received (see www.iso.org/patents). Any trade name used in this document is information given for the convenience of users and does not constitute an endorsement. For an explanation on the meaning of ISO specific terms and expressions related to conformity assessment, as well as information abou

    18、t ISOs adherence to the WTO principles in the Technical Barriers to Trade (TBT) see the following URL: Foreword - Supplementary information The committee responsible for this document is ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. This third edition

    19、cancels and replaces the second edition (ISO/IEC 7816-8:2004), which has been technically revised. A list of all parts in the ISO/IEC 7816 series can be found on the ISO website.iv ISO/IEC 2016 All rights reservedBS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Introduction ISO/IEC 7816 is a series of s

    20、tandards specifying integrated circuit cards and the use of such cards for interchange. These cards are identification cards intended for information exchange negotiated between the outside world and the integrated circuit in the card. As a result of an information exchange, the card delivers inform

    21、ation (computation result, stored data), and/or modifies its content (data storage, event memorization). Five parts are specific to cards with galvanic contacts and three of them specify electrical interfaces: ISO/IEC 7816-1 specifies physical characteristics for cards with contacts; ISO/IEC 7816-2

    22、specifies dimensions and location of the contacts; ISO/IEC 7816-3 specifies electrical interface and transmission protocols for asynchronous cards; ISO/IEC 7816-10 specifies electrical interface and answer to reset for synchronous cards; ISO/IEC 7816-12 specifies electrical interface and operating p

    23、rocedures for USB cards. All the other parts are independent from the physical interface technology. They apply to cards accessed by contacts and/or by radio frequency: ISO/IEC 7816-4 specifies organization, security and commands for interchange; ISO/IEC 7816-5 specifies registration of application

    24、providers; ISO/IEC 7816-6 specifies interindustry data elements for interchange; ISO/IEC 7816-7 specifies commands for structured card query language; ISO/IEC 7816-8 specifies commands for security operations; ISO/IEC 7816-9 specifies commands for card management; ISO/IEC 7816-11 specifies personal

    25、verification through biometric methods; ISO/IEC 7816-13 specifies commands for handling the life cycle of applications; ISO/IEC 7816-15 specifies cryptographic information application. ISO/IEC 10536 (all parts) specifies access by close coupling. ISO/IEC 14443 (all parts) and ISO/IEC 15693 (all part

    26、s) specify access by radio frequency. Such cards are also known as contactless cards. ISO/IEC 2016 All rights reserved vBS ISO/IEC 7816-8:2016BS ISO/IEC 7816-8:2016Identification cards Integrated circuit cards Part 8: Commands and mechanisms for security operations 1 Scope This document specifies in

    27、terindustry commands that may be used for security operations. This document also provides informative directives on how to construct security mechanisms with ISO/IEC 7816-4 defined commands. The choice and conditions of use of cryptographic mechanism in security operations may affect card exportabi

    28、lity. The evaluation of the suitability of algorithms and protocols is outside the scope of this document. It does not cover the internal implementation within the card and/or the outside world. 2 Normative references The following documents are referred to in the text in such a way that some or all

    29、 of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-4:2013, Identification cards Integrated circuit cards Part 4: Orga

    30、nization, security and commands for interchange 3 Terms and definitions For the purposes of this document, the following terms and definitions apply ISO and IEC maintain terminological databases for use in standardization at the following addresses: IEC Electropedia: available at http:/ /www.electro

    31、pedia.org/ ISO Online browsing platform: available at http:/ /www.iso.org/obp 3.1 asymmetric key pair pair of elements belonging to cryptographic techniques that use two related operations: a public operation defined by public numbers or by a public key and a private operation defined by private num

    32、bers or by a private key Note 1 to entry: The two operations have the property that, given the public operation, it is computationally infeasible to derive the private operation. 3.2 certificate digital signature (3.3) binding a particular person or object and its associated public key Note 1 to ent

    33、ry: The entity issuing the certificate also acts as tag allocation authority with respect to the data elements in the certificate. SOURCE: ISO/IEC 7816-4:2012, 3.11, modified INTERNATIONAL ST ANDARD ISO/IEC 7816-8:2016(E) ISO/IEC 2016 All rights reserved 1BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E)

    34、 3.3 digital signature data appended to, or cryptographic transformation of, a data string that proves the origin and the integrity of the data string and protect against forgery, e.g. by the recipient of the data string SOURCE: ISO/IEC 7816-4:2012, 3.21 3.4 key sequence of symbols controlling a cry

    35、ptographic operation (e.g. encipherment, decipherment, a private or a public operation in a dynamic authentication, signature production, signature verification) SOURCE: ISO/IEC 7816-4:2012, 3.32 3.5 non-self-descriptive certificate certificate (3.2) consisting of a concatenation of data elements as

    36、sociated to a header list or extended header list, describing the structure of the certificate 3.6 self-descriptive certificate certificate (3.2) consisting of a concatenation of data objects 3.7 secure messaging set of means for cryptographic protection of (parts of) command-response pairs SOURCE:

    37、ISO/IEC 7816-4:2012, 3.50 4 Symbols and abbreviated terms BER basic encoding rules of ASN.1 (see ISO/IEC 8825-1) CCT control reference template for cryptographic checksum CRT control reference template CT control reference template for confidentiality DSA digital signature algorithm DST control refe

    38、rence template for digital signature ECDSA elliptic curve digital signature algorithm HT control reference template for hash-code MSE manage security environment command PSO perform security operation command pso hash PSO command with hash operation pso checksum PSO command with compute cryptographi

    39、c checksum operation pso sign PSO command with compute digital signature operation pso verify checksum PSO command with verify cryptographic checksum operation pso verify sign PSO command with verify digital signature2 ISO/IEC 2016 All rights reservedBS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) pso

    40、verify certificate PSO command with verify certificate pso encipher PSO command with encipher operation pso decipher PSO command with decipher operation GQ2 modified Guillou-Quisquater protocol for zero knowledge proof RFU reserved for future use for ISO/IEC JTC 1/SC 17 RSA Rivest, Shamir, Adleman S

    41、E security environment SEID security environment identifier TLV tag, length, value 5 Interindustry commands for security operations 5.1 General An ICC compliant with this document may support any of the commands and/or options provided in the following clauses and subclauses. NOTE In addition to the

    42、 use of logical channels, there are other alternatives that may be used for switching the security context. Annex D provides information about this functionality. 5.2 generate asymmetric key pair command The generate asymmetric key pair command initiates either the generation and storing of an asymm

    43、etric key pair, i.e. a public key and a private key, in the card, the generation, storing of an asymmetric key pair and extracting generated public key, or the extracting previously generated public key. The command may be preceded by a manage security environment command in order to set key generat

    44、ion related parameters (e.g. algorithm reference). The command may be performed in one or several steps, possibly using command chaining (see ISO/IEC 7816-4). ISO/IEC 2016 All rights reserved 3BS ISO/IEC 7816-8:2016ISO/IEC 7816-8:2016(E) Table 1 generate asymmetric key pair command-response pair CLA

    45、 As defined in ISO/IEC 7816-4 INS 46 or 47 P1 See Table 2 P2 00 (no information provided) or reference of the private key to be generated coded according to ISO/IEC 7816-4:2013, Table 94 L cfield Absent for encoding N c= 0, present for encoding N c 0 Data field Absent, or Proprietary data if P1-P2 s

    46、et to 0000, or One or more CRTs associated to the key generation if P1-P2 different from 0000 (see notes) A CRT may include an extended header list L efield Absent for encoding N e= 0, present for encoding N e 0 Data field Absent, or Public key as a sequence of data elements (INS=46), or Public key

    47、as a sequence of data objects (INS=47), or Public key as a sequence of data objects according to an extended header list (INS=47) SW1-SW2 See ISO/IEC 7816-4:2013, Tables 5 and 6 where relevant, e.g. 6 985 NOTE 1 Several CRTs are present when the key pair is generated for several uses. In a data fiel

    48、d, a CRT may have a zero length. Table 2 P1 coding b8 b7 b6 b5 b4 b3 b2 b1 Value 0 0 0 0 0 0 0 0 No information given 1 x x x Additional information given 1 x Key generation 1 0 - Generate asymmetric key pair 1 1 - Access to an existing public key 1 x Format of returned public key data 1 0 - Proprie

    49、tary format 1 1 - Output format according to extended header list 1 x Output indicator 1 0 - Public key data in response data field 1 1 - No response data if Le field absent or proprietary if Le field present x x x x 0000, other values are RFU NOTE 2 The private key may be stored in an internal EF the


    注意事项

    本文(BS ISO IEC 7816-8-2016 Identification cards Integrated circuit cards Commands and mechanisms for security operations《识别卡 集成电路卡 安全操作命令和机制》.pdf)为本站会员(amazingpat195)主动上传,麦多课文档分享仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文档分享(点击联系客服),我们立即给予删除!




    关于我们 - 网站声明 - 网站地图 - 资源地图 - 友情链接 - 网站客服 - 联系我们

    copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
    备案/许可证编号:苏ICP备17064731号-1 

    收起
    展开