Response data field Absent

Extension to data field authentication (two command-response pairs)

A claimant has hashed previously exchanged data fields: the result is a current hash-code. It includes its witness data object for getting an authentication code and transmits it with tag ’84′.

Witness from the outside world and challenge from the card

Command data field {’7C’-L1 (=4+L2)-{’84′-L2-Authentication code}-{’81′-’00′}}

Response data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response from the outside world and verification by the card

Command data field Response data field

{’7C’-L1 (=2+L2)-{’82′-L2-Response}}
 
Absent

C.4 MUTUAL AUTHENTICATE function

If the first data field conveys no empty data object, then the function is MUTUAL AUTHENTICATE; the outside world requests the same data objects in the response data field as in the command data field.

Basic protocol (three command-response pairs) Witness

Command data field {’7C’-L1 (=2+L2)-{’81′-L2-Witness}}

Response data field {’7C’-L1 (=2+L2)-{’81′-L2-Witness}}

Challenge

Command data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response

Command data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}}

Response data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}} if the response is correct Absent if the response is incorrect

 

Committed challenge (four command-response pairs) Committed challenge

Command data field {’7C’-L1 (=2+L2)-{’83′-L2-Committed challenge}}

Response data field {’7C’-L1 (=2+L2)-{’83′-L2-Committed challenge}}

Witness

Command data field {’7C’-L1 (=2+L2)-{’80′-L2-Witness}}

Response data field {’7C’-L1 (=2+L2)-{’80′-L2-Witness}}

Challenge

Command data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}} if the challenge is correct Absent if the challenge is incorrect

Response

Command data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}}

Response data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}} if the response is correct Absent if the response is incorrect

Extension to key agreement (four command-response pairs)

A pair of exponential data elements allows the agreement of a session key (see ISO/IEC 11770-3[14]).

The first command-response pair exchanges dynamic authentication templates nesting an “exponential” data element. In the example, as no message has been previously exchanged during the session, the initial hashcode is a null block. Then the command data field, i.e., the first dynamic authentication template, is included for getting a current hash-code; then the response data field, i.e., the second dynamic authentication template is included for updating the current hash-code; the current hash-code should be the same for both entities. Finally a witness data object (not zero and not transmitted, different for each entity) is included for getting an authentication code (different for each entity).

The second command-response pair exchanges dynamic authentication templates nesting authentication codes with tag ’84′.

Exponential

Command data field {’7C’-L1 (=2+L2)-{’85′-L2-Exponential}}

Response data field {’7C’-L1 (=2+L2)-{’85′-L2-Exponential}}

Witness

Command data field {’7C’-L1 (=2+L2)-{’84′-L2-Authentication code}}

Response data field {’7C’-L1 (=2+L2)-{’84′-L2-Authentication code}}

Challenge

Command data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response data field {’7C’-L1 (=2+L2)-{’81′-L2-Challenge}}

Response

Command data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}}

Response data field {’7C’-L1 (=2+L2)-{’82′-L2-Response}} if the response is correct Absent if the response is incorrect