1、| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BRITISH STANDARD BS EN 726-7:1999 The Euro
2、pean Standard EN 726-7:1999 has the status of a British Standard ICS 35.240.15 NO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAW Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 7: Security moduleThis British Standard, having been pre
3、pared under the direction of the DISC Board, was published under the authority of the Standards Committee and comes into effect on 15 November 1999 BSI 11-1999 ISBN 0 580 35472 5 BS EN 726-7:1999 Amendments issued since publication Amd. No. Date Comments National foreword This British Standard is th
4、e English language version of EN 726-7:1999. The UK participation in its preparation was entrusted to Technical Committee IST/17, Identification cards and related devices, which has the responsibility to: aid enquirers to understand the text; present to the responsible European committee any enquiri
5、es on the interpretation, or proposals for change, and keep the UK interests informed; monitor related international and European developments and promulgate them in the UK. A list of organizations represented on this committee can be obtained on request to its secretary. Cross-references The Britis
6、h Standards which implement international or European publications referred to in this document may be found in the BSI Standards Catalogue under the section entitled “International Standards Correspondence Index”, or by using the “Find” facility of the BSI Standards Electronic Catalogue. A British
7、Standard does not purport to include all the necessary provisions of a contract. Users of British Standards are responsible for their correct application. Compliance with a British Standard does not of itself confer immunity from legal obligations. Summary of pages This document comprises a front co
8、ver, an inside front cover, the EN title page, pages 2 to 48, an inside back cover and a back cover. The BSI copyright notice displayed in this document indicates when the document was last issued.CEN European Committee for Standardization Comite Europe en de Normalisation Europa isches Komitee fu r
9、 Normung Central Secretariat: rue de Stassart 36, B-1050 Brussels 1999 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 726-7:1999 E EUROPEAN STANDARD EN 726-7 NORME EUROPE ENNE EUROPA ISCHE NORM January 1999 ICS 35.240.15 Descripto
10、rs: telecommunications, IC cards, telecommunication terminals, safety, specifications English version Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 7: Security module Syste mes de cartes didentification Cartes a circuit inte gre et terminaux pour les t
11、e le communications Partie 7: Module de se curite Identifikationskartensysteme Chipkarten und Endgera te fu r Telekommunikationszwecke Teil 7: Sicherheitsmodul This European Standard was approved by CEN on 1 January 1999. CEN members are bound to comply with the CEN/CENELEC Internal Regulations whic
12、h stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the Central Secretariat or to any CEN member. This European Stan
13、dard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the Central Secretariat has the same status as the official versions. CEN members are the national stan
14、dards bodies of Austria, Belgium, Czech Republic, Denmark, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland and United Kingdom.Page 2 EN 726-7:1999 BSI 11-1999 Foreword This European Standard has been prepared by Technic
15、al Committee CEN/TC 224, Machine-readable cards, related device interfaces and operations, the Secretariat of which is held by AFNOR. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by July 1999, and
16、 conflicting national standards shall be withdrawn at the latest by July 1999. According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Czech Republic, Denmark, Finland, France,
17、 Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, Switzerland and the United Kingdom. Contents Page Foreword 2 1 Scope 3 2 Normative references 3 3 Definitions and abbreviations 3 3.1 Definitions 3 3.2 Abbreviations 5 4 Physical characteristics of t
18、he SM 6 5 Electronic signals and transmission protocols 6 6 Logical model for SM 6 7 General concepts 7 7.1 General security principles 7 7.1.1 Access conditions 7 7.1.2 Sequence control 7 7.2 SM Life cycle 7 7.3 Configuration of the system 7 7.4 SM security functions 9 8 Description of the function
19、s of a SM 9 8.1 Functions without MAC 10 8.1.1 SELECT KEYSET 10 8.1.2 DIVERSIFY KEYSET 10 8.1.3 ASK PARAMETER 10 8.2 Functions used to compute a cryptogram or message authentication codes (MAC) 11 8.2.1 COMPUTE LOAD KEY 11 8.2.2 COMPUTE MAC 12 8.2.3 COMPUTE CRYPTOGRAM 13 8.3 Functions verifying cryp
20、tograms or message authentication codes (MAC) 14 8.3.1 VERIFY MAC 14 8.3.2 UPDATE (SM) 15 8.3.3 INCREASE (SM) 15 8.3.4 DECREASE (SM) 16 8.3.5 VERIFY CRYPTOGRAM 17 8.4 Functions for downloading of keys from the SM to the UC 17 8.5 Functionality on SMEW interface 17 8.6 Linking functions with keys 18
21、8.7 Limitations of the usage of keys 18 9 Data elements 18 9.1 Data for SM identification 18 9.1.1 SM identifier 18 9.2 UC data 19 9.2.1 IC serial number of user card 19 9.2.2 Application Expiry date 19 9.2.3 Application Identifier (AID) 19 9.2.4 Key file version 19 9.2.5 Algorithm identifier 19 9.2
22、.6 Amount 19 9.2.7 Value 20 9.2.8 Type of units 20 9.3 Status conditions returned by the SM 20 9.3.1 Functions versus possible status responses 20 Annex A (normative) The case of a SM in the form of an IC card 23 Annex B (informative) Example of scenarios for SM in the form of an IC card 35 Annex C
23、(informative) Bibliography 48Page 3 EN 726-7:1999 BSI 11-1999 1 Scope This part of EN 726 specifies: the minimum security requirements for a Security Module (SM); the general card related functions embedded in the SMterminal protocols including minimum data exchange; The data elements and cryptograp
24、hic processing described in annex A for the case where the SM is an ICC should be supported if the SM is not an ICC or the configuration of the system, e.g. where the SM handles more than one terminal/user card. Configurations where the SM handles more than one terminal/user card are not fully speci
25、fied in this standard. Further mechanisms may be required to enable these configurations; the necessary security services and mechanisms to provide application and cryptographic security information for the processing of telecommunication transactions. considering several types of SMs at different l
26、ocations in the system and different system configurations. This part of EN 726 allows interaction between the Integrated Circuit Card (IC card) and the SM via the terminal in a way that may be functionally transparent to the terminal and possibly also the network(s). This provides the flexibility t
27、o use different techniques, commands and message formats at the terminalSM interface. This part of EN 726 supports IC cards with payment applications following EN 726-5 and all card applications following clauses 4 to 7 of this part of the standard. This part of EN 726 supports IC cards following EN
28、 726-3:1994. Other telecommunication cards which are not in accordance with EN 726, e.g. simple memory cards, may also be supported by the SM described in this part. 2 Normative references This European Standard incorporates by dated or undated reference, provisions from other publications. These no
29、rmative references are cited at the appropriate places in the text and the publications listed hereafter. For dated references, subsequent amendments to, or revisions of any of these publications apply to this European Standard only when incorporated in it by amendment or revision. For undated refer
30、ences the latest edition of the publication referred to applies. EN 726-2:1995, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 2: Security framework. EN 726-3:1994, Identification card systems Telecommunications integrated circuit(s) cards and terminals
31、 Part 3: Application independent card requirements. EN 726-5, Identification card systems Telecommunications integrated circuit(s) cards and terminals Part 5: Payment methods. EN 24217, Codes for the representation of currencies and funds. (ISO 4217:1990) EN ISO/IEC 7816-4, Information technology Id
32、entification cards Integrated circuit(s) cards with contacts Part 4: Interindustry commands for interchange. (ISO/IEC 7816-4:1995) EN ISO/IEC 7816-5, Identification cards Integrated circuit(s) cards with contacts Part 5: Numbering system and registration procedure for application identifiers. (ISO/I
33、EC 7816-5:1994) ISO 10202-4, Financial transactions cards Security architecture of financial transaction systems using integrated circuit cards Part 4: Secure application modules. 3 Definitions and abbreviations 3.1 Definitions For the purposes of this standard, the following definitions apply: 3.1.
34、1 access conditions (AC) a set of security attributes associated to a file 3.1.2 application an application consists of a set of security mechanisms, files, data and protocols (excluding transmission protocols) which are located and used in the IC card and outside the IC card (external application)P
35、age 4 EN 726-7:1999 BSI 11-1999 3.1.3 application provider (AP) the entity which is responsible for the application after its allocation. One AP may have several applications in one card. The files allocated in the card corresponding to one application are called a card-application. There may exist
36、several applications on a given card from the same application provider or from several application providers 3.1.4 application session a link between the card application part and the external world application part of the same application 3.1.5 application specific command set (ASC) to a DF can be
37、 associated, optionally, an ASC-set (an application specific command set and/or an application specific program). This means that when selecting this application, the general command set is extended or modified by this specific command set. The ASC is valid for the whole subtree of this application
38、unless there are other ASCs defined at the lower levels of this application 3.1.6 card a multi-application card can be considered as a set of files, some of them shared by the different application providers and/or the card issuer, other files owned exclusively by the different application providers
39、 or the card issuer. Files can, e.g. be read, written or executed 3.1.7 dedicated file (DF) a file containing AC and allocatable memory. It may be the parent of elementary files and/or dedicated files 3.1.8 elementary file (EF) a file containing AC, data or a program and no other files, as: E F DIR
40、is an elementary file at the master file or at DF level, which contains a list of all, or part of, available applications in the card; E F ID is an elementary file at the master file level, containing the identification number of the card E F ICC is an elementary file at the master file level, conta
41、ining general information concerning the IC and IC card; E F KEY_OP is an elementary file containing operational keys; E F KEY_MAN is an elementary file containing management keys; E F DIK_OP is an elementary file containing diversified operational keys; E F DIK_MAN is an elementary file containing
42、diversified management keys. 3.1.9 file identifier (ID) each file (MF, DF, EF) has an identifier consisting of 2 bytes 3.1.10 file qualifier first byte of the file identifier 3.1.11 master file (MF) the mandatory unique file representing the root of the file structure and containing AC and allocatab
43、le memory. It may be the parent of elementary files and/or dedicated files 3.1.12 operating system that which is required to manage the logical resources of a system, including process scheduling and file managementPage 5 EN 726-7:1999 BSI 11-1999 3.1.13 path concatenation of file identifiers withou
44、t delimitation 3.1.14 secrets algorithm(s), related key(s), security procedures and information 3.1.15 security module a device containing logically and physically protected secrets algorithm(s), related key(s), security procedures and information to protect applications in such a way that unauthori
45、zed access is not feasible. In order to achieve this the module may in addition be further physically, electrically and logically protected 3.1.16 security module provider see ISO 10202-4 3.1.17 sequence control a feature assuring that operations, invoked by commands, can only be performed by the SM
46、 in allowed, predefined order(s) 3.2 Abbreviations AC Access Condition AID Application Identifier AUT Authenticated CHV Card Holder Verification information DF Dedicated File EF Elementary File EW External World IC Integrated Circuit ICC Integrated Circuit Card ID Identifier of a file IFD Interface
47、Device INT.AUTH Internal Authentication INV Invalidate LEN Length MAC Message Authentication MF Master File NEV Never PRO Protected RAN Random REH Rehabilitate RFU Reserved for Future Use SM Security Module UC User CardPage 6 EN 726-7:1999 BSI 11-1999 4 Physical characteristics of the SM If the SM i
48、s an IC card the physical characteristics shall be in accordance with clause 4 of EN 726-3:1994. For any other case the physical characteristics are out of the scope of this part of EN 726. 5 Electronic signals and transmission protocols If the SM is an IC card the electronic signals and transmissio
49、n protocol(s) shall be in accordance with clause 5 of EN 726-3:1994. For any other case the electronic signals and transmission protocol are out of the scope of this standard. 6 Logical model for SM A SM following this standard contains: permanent secrets (master key(s); temporary secrets (diversified key(s); a balance (optional); an operating system to handle secure access to the secrets mentioned above. Additional options are possible as long as they do not interfere with
