Our Online Store have the new products: RFID antenna board. Currently it can work with JC10M24R and JCOP4 card chips.
Compared with normal cards, the antenna board module has a smaller size and fixed holes, which is easy to integrate in the IOT(Internet Of Things) project.

Terminal authentication - - how to determine reference of a public key

Communication

Moderator: UNKNwYSHSA

marcony
Posts: 2
Joined: Mon Mar 29, 2021 1:28 pm
Points :26
Contact:

Terminal authentication - - how to determine reference of a public key

Post by marcony » Mon Mar 29, 2021 1:41 pm

I am trying to analyse, how eID issued in my country could be used for certain tasks (PDF digital signing, for example). No public info about eID are available at the moment.

Looking at traffic between Card Reader and eID, I can see that NXP IDProtect Client Middleware (recommended by authorities) generates some predefined negotiations between reader and ICC, each time when eID Card is inserted in Card Reader.

Trying to get info that I need, I found that Manage Security Environment APDU is sent from Reader to Card, with following content: 00 22 C1 A4 06 80010c830184

Then, follow Get challenge and External Authenticate (Mutual Authenticate).

It seems like terminal authentication is done, but, having no info about the card, I can only try to look in APDU code (and responses). Here are my questions:

What Cryptographic mechanism is used (I assume 0x0C stands for 3DES-CBC)?
Which public key/secret key is used in next APDUs (I cannot find any info about Tag83 Value 0x84, anywhere)?
Furthermore, in External AUthenticate APDU (which seems to be Mutual Authentication), Data field contain 0x48 bytes (Lc value is also 0x48). Here is another question:

Which Mutual Authenticate method is used, when data field contain 0x48 bytes? I cannot find any explanation of External Authenticate, where Data Field contain 0x48 bytes. If MAC should be 8 bytes, then cryptogram is 0x40 bytes long. As ICC sent 8-bytes long RND-ICC, I am not sure, what content is encrypted, to form 0x40 bytes long cryptogram.

Who is online

Users browsing this forum: No registered users and 3 guests

JavaCard OS : Disclaimer