5.9 Verifying the Signed Static Application Data


5.9 Verifying the Signed Static Application Data

The following steps describe the procedure followed by an EMV ¢ terminal for verifying the Signed Static Application Data stored in an EMV ¢ card since its personalization.

  • Step 1: Verify that the length of the Signed Static Application Data (tag 90) data object is N I .

  • Step 2: Apply the signature verification/recovery algorithm in Appendix F, Section F.3.2 (case 2), where S is the Signed Static Application Data, n S = n I and e S = e I . The length N of the modulus is N I .

    The data that is recovered X is parsed as X = B M R H E . The following processing is performed on these items:

    1. Check that E (last byte of X ), which is the recovered data trailer, equals BCh.

    2. Check that B (first byte of X ), which is the recovered data header, equals 6Ah.

    3. Consider the M R as the next N I ˆ’ 22 bytes after B . Parse M R according to the four fields identified in Section 5.8.3.

    4. Check that the signed data format read in field 1 of M R is 03h.

    5. Set up the value of the message M ² to the value represented by the Static Data to Be Authenticated byte string, as currently computed in Section 5.8.2.

    6. Create the message M , representing the static application data to be signed by the issuer, as the concatenation from left to right of the recovered part M R and of the computed part M ² (i.e., M = M R M ² ).

    7. Read the hash algorithm indicator from field 2 of M R . Note that at the moment this value is 01h, corresponding to the SHA-1 algorithm, the only approved hash algorithm in the EMV 2000 specifications (see Annex B3.1 in Book 2 [1]).

    8. Use the indicated hash algorithm to compute the hash code h of M .

    9. Check that h equals the hash result H , which represents the last 20 bytes in X before E .

If any of the verifications mentioned above failed, the verification of the Signed Static Application Data fails. The terminal rejects the authenticity of the financial data stored in the EMV ¢ card.




Implementing Electronic Card Payment Systems
Implementing Electronic Card Payment Systems (Artech House Computer Security Series)
ISBN: 1580533051
EAN: 2147483647
Year: 2003
Pages: 131
Authors: Cristian Radu
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net