I.S. CWA 14890-2:2004
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
APPLICATION INTERFACE FOR SMART CARDS USED AS SECURE SIGNATURE CREATION DEVICES - PART 2: ADDITIONAL SERVICES
Hardcopy , PDF
English
01-01-2004
16-01-2009
Foreword
1 Scope
2 References
3 Abbreviations and notation
3.1 Abbreviations
4 Definitions
5 Additional Service Selection
6 Client/Server Authentication
6.1 Client/Server protocols
6.2 Steps preceeding the client/server authentication
6.3 Padding format
6.4 Execution flow
7 Encryption Key Decipherment
7.1 Steps preceeding the key decryption
7.2 Key Management with RSA
7.3 Diffie-Hellman key exchange
7.4 Algorithm Identifier for DECIPHER
8 Signature verification
8.1 Signature verification execution flow
9 Certificates for additional services
9.1 File structure
9.2 EF.C.CH.AUT
9.3 EF.C.CH.KE
9.4 Reading Certificates and the public key of CAs
10 APDU data structures
10.1 Algorithm Identifiers
10.2 CRTs
Annex A - Security Service Descriptor Templates (normative)
A.1 Security Service Descriptor Concept
A.2 SSD Data Objects
A.3 Location of the SSD templates
A.4 Examples for SSD templates
Annex B - (informative) Security environments
B.1 Definition of CRTs (examples)
B.2 Security Environments (example)
B.3 Definition of File Control Information Templates
(example)
Annex C - Interoperability aspects (informative)
C.1 Choosing device authentication
C.2 Choosing User verification method
Annex D - Example of DF.CIA
Covers the application interface to SmartCards during the usage phase, used as Secure Signature Creation Devices (SSCD) to enable interoperability and usage of those cards on a national or European level.
| DocumentType |
Standard
|
| Pages |
64
|
| PublisherName |
National Standards Authority of Ireland
|
| Status |
Superseded
|
| SupersededBy |
| ISO/IEC 15408-2:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components |
| ISO/IEC 7816-6:2016 | Identification cards — Integrated circuit cards — Part 6: Interindustry data elements for interchange |
| ISO/IEC 19794-2:2011 | Information technology — Biometric data interchange formats — Part 2: Finger minutiae data |
| ISO/IEC 8825-1:2015 | Information technology — ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) — Part 1: |
| ISO/IEC 7816-8:2016 | Identification cards — Integrated circuit cards — Part 8: Commands and mechanisms for security operations |
| ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
| ISO/IEC 7816-9:2004 | Identification cards — Integrated circuit cards — Part 9: Commands for card management |
| ISO/IEC 9979:1999 | Information technology — Security techniques — Procedures for the registration of cryptographic algorithms |
| ISO 9564-1:2017 | Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems |
| ISO/IEC 7816-4:2013 | Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange |
| ISO/IEC 10118-1:2016 | Information technology — Security techniques — Hash-functions — Part 1: General |
| ISO/IEC 7816-3:2006 | Identification cards — Integrated circuit cards — Part 3: Cards with contacts — Electrical interface and transmission protocols |
| ISO/IEC 9796-2:2010 | Information technology — Security techniques — Digital signature schemes giving message recovery — Part 2: Integer factorization based mechanisms |
| ISO/IEC 9797-1:2011 | Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher |
| ISO/IEC 7812-1:2017 | Identification cards — Identification of issuers — Part 1: Numbering system |
| ISO/IEC 15408-1:2009 | Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model |
| ISO/IEC 10118-2:2010 | Information technology — Security techniques — Hash-functions — Part 2: Hash-functions using an n-bit block cipher |
| ISO/IEC 7816-5:2004 | Identification cards — Integrated circuit cards — Part 5: Registration of application providers |
| ISO/IEC 7816-15:2016 | Identification cards — Integrated circuit cards — Part 15: Cryptographic information application |
| ISO/IEC 10116:2017 | Information technology — Security techniques — Modes of operation for an n-bit block cipher |
| ISO/IEC 7816-11:2004 | Identification cards — Integrated circuit cards — Part 11: Personal verification through biometric methods |
| ISO/IEC 11770-3:2015 | Information technology — Security techniques — Key management — Part 3: Mechanisms using asymmetric techniques |