Smart Card Key Exchange operations for EMV Software

The distribution of keys is the most important process in the management of the keys. When using a symmetric cryptosystem, the two parties entering into an information exchange must first agree on a secret session key, that is, a key for encrypting all messages transmitted during the exchange. This key must be known to everyone else and periodically updated at the same time, both the sender and the recipient. The process of agreeing on a session key is also called key exchange, or key distribution. The PC/SC compatibility specification recommends that smart cards support key exchange operations.

The distribution of keys must meet the following requirements:

  1. the efficiency and accuracy of the distribution;
  2. the confidentiality and integrity of the distributed keys.

An asymmetric cryptosystem involves the use of two keys – public and private (secret). The public key can be disclosed, but the private key must be kept secret. When exchanging messages, you only need to forward the public key, ensuring its authenticity, for example, using a digital certificate. In general, the following methods can be used to distribute keys between users of a computer network:

  1. using one or more key distribution centers;
  2. the direct exchange of keys between the communicating entities.

A typical example of implementing the first approach is the Kerberos authentication and key distribution system. The smart card reader can be connected to a computer or laptop, and the main nuance here is that the key distribution center knows to whom and which keys are distributed, so in case of abuse, the network security can be significantly compromised. In the second approach, the problem is to reliably verify the authenticity of the exchange subjects.

The key distribution task is reduced to the construction of a key distribution protocol that provides:

  1. mutual authentication of session participants;
  2. confirming the validity of the session;
  3. use the minimum number of messages when exchanging keys.

When using a symmetric cryptosystem for secure information exchange, two users who want to exchange cryptographically secure information must share a secret key. These users must exchange the shared key over the communication channel in a secure manner. If users change the key often enough, then key delivery becomes a serious problem.

There are two main ways to solve this problem:

  1. Using an asymmetric public key cryptosystem, such as RSA, to protect the secret key of a symmetric cryptosystem;
  2. Using the Diffie-Hellman public key distribution system.

The implementation of the first method is carried out within the framework of a combined cryptosystem with symmetric and asymmetric keys. In this approach, an asymmetric public-key cryptosystem is used to encrypt, transmit, and then decrypt only the secret key of a symmetric cryptosystem, while a symmetric cryptosystem is used to encrypt and transmit the original plaintext.

The second method of secure distribution of secret keys is based on the application of the Diffie-Hellman public key distribution algorithm. This algorithm allows users to exchange keys over unsecured communication channels. Compatible smart cards can implement key exchange operations using either the RSA algorithm or the Diffie-Hellman algorithm. Other algorithms may be added in the future. To implement this feature, the smart card must support a pair of related keys (public and secret), which should only be used for key exchange.

Standardization of a portable smart card application

An alternative to PC-side crypto interfaces is to define a portable application that provides cryptographic services. Such an applet can be written for a JavaCard smart card and then loaded onto JavaCard-compatible smart cards from various manufacturers. If an SSP service provider is written to communicate with this applet, then you can get a valid interface from the card side for the smart card to support cryptographic operations.

The Muscle Group released an open, card-independent specification and created an implementation of the Java applet called the CCEI Cryptographic Card Interface (MuscleCaud Cryptographic Card Edge Interface). The idea is to create an applet that, due to its consistency with the JavaCard specification, can be widely distributed. This applet allows the application vendor to use any (JAVACA-compatible) card that is consistent with this specification.

The applet consists of four main parts:

  1. the management of keys and their use;
  2. Managing and using PIN codes;
  3. object management and use;
  4. service functions.

Key management and use includes all the functions that are associated with the use of cryptographic keys. Thanks to the high security of smart cards and ease of use, they have become the main element of the automated access system to the territory of the cottage settlement of one of our Customers, the holding company FD-Group, which provides services in the real estate market. This system automatically controls the barriers and records the arrival/departure time of all vehicles and people. Smart card application functions include Import, Export, GenerateKeyPair, and ExtAuthenticate. Currently, the RSA, DSA, DES, and 3-DES crypto algorithms are supported.

The management and use of PIN codes includes all the functions that are associated with the application of the PIN code or the verification of the card holder CHV (Card Holder Verification). These functions include CreatePIN( Create PIN), ChangePIN( Change PIN), VeryfyPIN (Check PIN), and UnblockPIN (Unlock PIN). Currently, the card supports 8-digit PIN codes.

Object management and use includes all the functions that are associated with the use of data objects that are entered in the card and selected from it. These functions include CreateObject( Create Object), DeleteObject (Delete Object), readObject (Read Object), and writeObject (Write Object). Service functions include all functions that transmit information to calling applications or perform their maintenance. These functions include listKeys( List keys), ListPINs (List pins), ListObjects (List Objects), GetRandom (Get a random number), and LogoutAll (Unregister all).