AUTHENTICATE instruction

The AUTHENTICATE instruction is used to establish a secure communication channel over the current communication link.

INS value

INS = 0A

Cookbook

In the following paragraphs,

  • EECB (K, x) is the AES128-ECB Encrypt (one-block encipher) function, using key K over plain block x,
  • E-1ECB (K, y) is the AES128-ECB Decrypt (one-block decipher) function, using key K over ciphered block y,
  • ECBC (K, x, iv) is the AES128-CBC Encrypt (cipher block chaining mode, encipher) function, using key K and initialization vector iv over plain message x,
  • E-1CBC (K, y, iv) is the AES128-CBC Decrypt (cipher block chaining mode, decipher) function, using key K and initialization vector iv over ciphered message y.

Host --> Device AUTHENTICATE command

Field Value Explanations
CLA 00 Class = PROTOCOL
INS 0A Instruction = AUTHENTICATE
Data byte 0 01 Authentication version & mode: AES128
Data byte 1 00
01
User access (KAUTH = HostCommUserKey)
Admin access (KAUTH = HostCommAdminKey)

Device --> Host - Authentication Step 1

The device

  1. Generates a 16-byte nonce RndB,
  2. Sends E ( K, RndB ) where KAUTH is the authentication key selected by the host, as it is known by the device (HostCommUserKey or HostCommAdminKey).
Field Value Explanations
CLA 00 Class = PROTOCOL
STA FF Status = FOLLOWING
Data EECB ( KAUTH , RndB ) First device cryptogram (16 bytes)

Host --> Device - Authentication Step 2

The host

  1. Generates a 16-byte nonce RndA,
  2. Retrieves RndB by deciphering the response,
  3. Computes RndB' = RndB << 8 (rotate one byte to the left, with carry),
  4. Sends EECB ( KAUTH , RndA ) || EECB ( KAUTH , RndB' ) where KAUTH is the authentication key as it is known by the host.
Field Value Explanations
CLA 00 Class = PROTOCOL
INS FF Instruction = FOLLOWING
Data EECB ( KAUTH , RndA ) || EECB ( KAUTH , RndB' ) Host cryptogram (32 bytes)

The device deciphers the host cryptogram. If the decrypted RndB' matches with RndB, the device knows that it can trust the host.

Device --> Host - Authentication Step 3

The device

  1. Retrieves RndA from the command,
  2. Computes RndA' = RndA << 8 (rotate one byte to the left, with carry),
  3. Sends EECB ( KAUTH , RndA' ).
Field Value Explanations
CLA 00 Class = PROTOCOL
STA 00 Status = SUCCESS
Data EECB ( KAUTH , RndA' ) Second device cryptogram (16 bytes)

The host deciphers the device cryptogram. If the decrypted RndA' matches with RndA, the host knows that it can trust the device.

From now on, secure communication shall be used.

Session keys and first init vector

Both the host and the device generate the same session keys as follow:

  1. Assemble SV1 = RndA[0..3] || RndB[0..3] || RndA[8..11] || RndB[8..11]
  2. Assemble SV2 = RndA[4..7] || RndB[4..7] || RndA[12..15] || RndB[12..15]
  3. Compute the session encryption key KENC = EECB ( KAUTH , SV1 ),
  4. Compute the session authentication key KMAC = EECB ( KAUTH , SV2 ).
  5. Assemble SVMAC = RndA XOR RndB
  6. Compute the first initialization vector IV0 = EECB ( KMAC , SVMAC )

Following init vectors, ciphering and CMACing

See the Secure Communication paragraph.