PBOC/emv sda (static data authentication)

Reprinted please indicate the source
Author: Pony

Before reading this article, we recommend that you understand the working principles of asymmetric encryption and decryption.

 

SDA means static data authentication. First, how to understand this static data. Static card data is used for authentication, and the data will not be changed after the card is personalized, such as the card number. it aims to confirm the validity of key static data identified by the application file Locator (AFL) and the optional static data authentication tag list in the IC card, this ensures that the card issuer data in the IC card is not illegally tampered with after personalization.

 

Since it is authentication, it must involve algorithms. SDA (including subsequent DDA and CDA) uses RSA Algorithms, which are typical algorithms based on asymmetric encryption theory.

 

The detailed steps are as follows:

 

Step 1,

CA (authentication center) Public Key + issuer Public Key Certificate + RSA algorithm = issuer Public Key

The CA Public Key can be manually downloaded to the terminal or downloaded from the background online. the specific content usually includes the public key module, module length, Public Key Index, index length, validity period, and other information. this information involves the purpose of the algorithm.

 

The Public Key Certificate of the issuing bank is the signed Public Key of the issuing bank. It is actually a string of ciphertext data that the terminal reads from the card during data reading. For example:

* Tag 90 Issuer Public Key Certificate*- Len       80*- Value         AA 7B 0B F4 AA E8 B7 C2 EC C4 85AC FA 57 77 0E *                50BB 92 07 23 3E 42 78 65 47 17 E4 70 69 19 81 *                C187 F8 1F FC 3B 90 89 50 63 EF 98 C0 D8 6B 52 *                97B6 55 39 93 09 E6 69 9F EE 22 70 B0 F3 43 1B *                5ABA D7 E5 16 26 19 26 C3 5B F6 BB FE FB 49 36 *                6EBE 96 DC 51 0E 9C BD 91 53 37 E8 18 8D 51 7D *                15DC F9 02 98 C4 02 33 EE EA FD 5A 94 59 F5 D3 *                410E 6B 89 B4 4D F6 E8 18 FA 35 94 EF 93 55 34 

 

The RSA algorithm is used to restore the public key of the issuing bank from the Public Key Certificate of the issuing bank.

 

 

Step 2,

Issuer's public key + Signed static application data + RSA algorithm = data

Data a mainly includes two parts: Data A1 and hash result.

 

Step 3,

A1 + static data to be authenticated read by the terminal during Data Reading + hash algorithm = hash result B

A1 calls the hash algorithm together with the static data that needs to be authenticated read by the terminal during Data Reading and finally calculates a hash result B. the static data read in the data phase that needs to be authenticated is the byte 4 in AFL. This byte indicates the number of consecutive records used for offline data authentication starting from 1st records.

The structure of AFL is as follows:

Byte 1: Short File Identifier

Byte 2: Record Number of the 1st records to be read in the file

Byte 3: Record Number of the last record to be read in the file

Byte 4: starts from the record number in the byte and stores the number of static data records used for authentication (the value ranges from byte to byte-byte + 1)

 

Example:

*  Tag 94 ApplicationFile Locator (AFL)*  - Len   0C*  - Value 08 01 01 00 10 01 03 01 18 01 04 00

Each four bytes is a part. 10 01 03 01 indicates that a record is used for data authentication in files with SFI 10 and 01 to 03.

 

Step 4,

Checks whether hash result a and hash result B are equal. If they are equal, SDA succeeds. Otherwise, SDA fails.

 

In fact, the above steps omitted some data splicing and determination of the legality of the Data starting byte, but the SDA core is very clear.