Our Online Store have the new products: RFID antenna board. Currently it can work with JC10M24R and JCOP4 card chips.
Compared with normal cards, the antenna board module has a smaller size and fixed holes, which is easy to integrate in the IOT(Internet Of Things) project.

How to diversify the KMC

JavaCard Applet Development Related Questions and Answers.
Erisaron
Posts: 15
Joined: Wed Dec 02, 2015 1:23 am
Points :64
Contact:

How to diversify the KMC

Post by Erisaron » Sat Oct 08, 2016 11:19 pm

Could anyone tell me how to diversify the KMC which complies to EMV CPS v1.1 using Key Derivation Data?

Afaik, the key diversification needs to use Key Derivation Data.

Assume that KMC is
ENC Key = 101112131415161718191A1B1C1D1E1F
MAC Key = 202122232425262728292A2B2C2D2E2F
DEK Key = 303132333435363738393A3B3C3D3E3F


Key Derivation Data = 000002004540C882DE13


How can I diversify KMC?

popmun09
Posts: 36
Joined: Tue Feb 16, 2016 9:49 pm
Points :230
Contact:

Re: How to diversify the KMC

Post by popmun09 » Sun Oct 09, 2016 4:09 am

Check section 4.1 of EMV CPS 1.1 document, you can get the answer.
The KENC will be derived in the following way:
KENC := DES3(KMC)[Six least significant bytes of the KEYDATA || 'F0' || '01' ] || DES3(KMC)[ Six least significant bytes of the KEYDATA || '0F' || '01'].

The KMAC will be derived in the following way:
KMAC := DES3(KMC)[ Six least significant bytes of the KEYDATA || 'F0' || '02' ]|| DES3(KMC)[ Six least significant bytes of the KEYDATA || '0F' || '02'].

The KDEK will be derived in the following way:
KDEK := DES3(KMC)[ Six least significant bytes of the KEYDATA || 'F0' || '03' ]|| DES3(KMC)[ Six least significant bytes of the KEYDATA || '0F' || '03'].


DES3 encrypt 4540C882DE13 F0 01 for first half of KENC and DES3 encrypt 4540C882DE13 0F 01 for second half of key. The key for this encryption is the ENC master key.
For other two keys, it's just in the same way.

Erisaron
Posts: 15
Joined: Wed Dec 02, 2015 1:23 am
Points :64
Contact:

Re: How to diversify the KMC

Post by Erisaron » Sun Oct 09, 2016 4:39 am

Thanks for your help. I see.

And I still have a problem. When checking EMV CPS 1.1 document, I found 2 terms
Key Diversification Data and Key Derivation Data

Do the two terms have the same meaning?

popmun09
Posts: 36
Joined: Tue Feb 16, 2016 9:49 pm
Points :230
Contact:

Re: How to diversify the KMC

Post by popmun09 » Mon Oct 10, 2016 3:59 am

I'm not sure. But they all are written as KDD in the document. Maybe they have the same meaning.

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 50 guests

JavaCard OS : Disclaimer