To verify that S1 and P1 are made by the Issuer, the Issuer PK Certificate is signed with a Certification Authority Private Key (SCA). The corresponding Issuer Public Key (P1) will be stored in the Issuer PK Certificate.
The Static application data will be signed with the Issuer Private Key (S1) and stored in Signed Application Data (SSAD). In this figure we see the detailed process of authentication: If it conforms to the specification the data is authentic and has not changed. Every terminal has the public key and can decode the signed data. With the private key the issuer can "sign" critical data on ICC. The pair of keys is divided into a public and a private key. If you encode something with the first key, you can only decode it with the second key.
SDA is a digital signature scheme working with asymmetric cryptograhpy.Īsymmetric cryptography uses a pair of keys. After SDA it is sure that the data from the ICC is real and hasn't changed by anyone.īut SDA doesn't assure the uniqueness of ICC data. SDA ensures the authenticity of ICC data.
0 kommentar(er)
