Privacy Enhanced ID Configuration – PACE/GAP v1.0

Copyright 2015-2017 GlobalPlatform, Inc. All Rights Reserved. Recipients of this document are invited to submit, with their comments, notification of any relevant patents or other intellectual property rights (collectively, “IPR”) of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. This documentation is currently in draft form and is being reviewed and enhanced by the Committees and Working Groups of GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.

GlobalPlatform Card Technology Privacy Enhanced ID Configuration – PACE/GAP Version 1.0 Member Release May 2017 Document Reference: GPC_GUI_128

Privacy Enhanced ID Configuration – PACE/GAP – Member Release v1.0

Copyright 2015-2017 GlobalPlatform, Inc. All Rights Reserved. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited.

THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER’S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT.

This document is provided as a member benefit to GlobalPlatform members only.

Please help us maintain the value of your membership and encourage recruitment by observing this restriction.

Privacy Enhanced ID Configuration – PACE/GAP – Member Release v1.0 3/20


Contents 1 Introduction ............................................................................................................................ 5 1.1 Audience ............................................................................................................................................... 5 1.2 IPR Disclaimer ...................................................................................................................................... 5 1.3 References ............................................................................................................................................ 5 1.4 Terminology and Definitions ................................................................................................................. 6 1.5 Abbreviations and Notations ................................................................................................................. 6 1.6 Revision History .................................................................................................................................... 7

2 Privacy Status Values for SCP21 .......................................................................................... 8 2.1 Privacy Status ....................................................................................................................................... 9 2.2 Privacy Status Condition ..................................................................................................................... 10 2.3 Example of Privacy Requirements ...................................................................................................... 10

3 PACE Used as GPP for an eMRTD Application .................................................................. 11 3.1 Files Available under Global MF ......................................................................................................... 11 3.2 Supported Algorithms for PACE ......................................................................................................... 11 3.3 Supported Password Types for PACE ................................................................................................ 12

4 GAP Used as GPP in a Multi-Application Context.............................................................. 13 4.1 Files under Global MF ......................................................................................................................... 13 4.2 Supported Algorithms for PACE ......................................................................................................... 14 4.3 Supported Password Types for PACE ................................................................................................ 14 4.4 Supported Algorithms for CA V2 ......................................................................................................... 15 4.5 Supported Algorithms for TA V2 ......................................................................................................... 16 4.6 Supported CHAT for TA V2 ................................................................................................................ 17 4.7 Reading of Access Condition by Application ...................................................................................... 17

5 PACE Used as GPP for an eMRTD Application Using EAC V1.......................................... 18 5.1 File under Global MF ........................................................................................................................... 18 5.2 Supported Algorithm for PACE ........................................................................................................... 18 5.3 Supported Password for PACE ........................................................................................................... 18 5.4 Supported Algorithm for CA V1 ........................................................................................................... 18 5.5 Supported Algorithm for TA V1 ........................................................................................................... 18 5.6 Supported CHAT for TA V1 ................................................................................................................ 18 5.7 Reading of Access Condition by Application ...................................................................................... 19

6 Supported GlobalPlatform API ............................................................................................ 20 6.1 Standard Java Card API ..................................................................................................................... 20 6.2 GlobalPlatform Java Card API ............................................................................................................ 20

4/20 Privacy Enhanced ID Configuration – PACE/GAP – Member Release v1.0


Tables Table 1-1: Normative References ...................................................................................................................... 5

Table 1-2: Informative References .................................................................................................................... 6

Table 1-3: Abbreviations and Notations ............................................................................................................ 6

Table 1-4: Revision History ............................................................................................................................... 7

Table 2-1: System Specific Install Parameter for Privacy Requirements .......................................................... 8

Table 2-2: Privacy Status for SCP21 ................................................................................................................. 9

Table 2-3: Privacy Status Condition ................................................................................................................ 10

Table 2-4: Example of System Specific Install Parameters for Privacy Requirements ................................... 10

Table 3-1: EF.CardAccess File ........................................................................................................................ 11

Table 3-2: Example of OIDs for PACE Protocol .............................................................................................. 12

Table 3-3: Supported Password Types for PACE Protocol ............................................................................. 12

Table 4-1: EF.CardAccess File ........................................................................................................................ 13

Table 4-2: EF.CardSecurity File ...................................................................................................................... 13

Table 4-3: Supported Password Types for PACE Protocol ............................................................................. 14

Table 4-4: Example of OIDs for CA Protocol ................................................................................................... 15

Table 4-5: Supported OIDs for TA Public Key ................................................................................................. 16

Table 4-6: Supported OIDs for CHAT.............................................................................................................. 17

Table 5-1: OID for IS CHAT ............................................................................................................................. 18



1 Introduction This document extends the GlobalPlatform Common Implementation Configuration [GP CIC] to support the new feature defined by the GlobalPlatform Privacy Framework [GP PF].

This document describes:

• The Privacy Status values to be used with the Secure Channel Protocol '21' defined in [GP PF].

• All the options (algorithms, files) supported by the Secure Channel Protocol '21' for all variants (eMRTD, eMRTD with EAC, etc.) and related Object Identifier (OID) values.

• The minimum API requirements.

1.1 Audience

This document is intended primarily for card manufacturers and application developers developing GlobalPlatform card implementations.

It is assumed that the reader is familiar with smart cards and smart card production, and in particular familiar with the GlobalPlatform Card Specification ([GPCS]).

1.2 IPR Disclaimer

Attention is drawn to the possibility that some of the elements of this GlobalPlatform specification or other work product may be the subject of intellectual property rights (IPR) held by GlobalPlatform members or others. For additional information regarding any such IPR that have been brought to the attention of GlobalPlatform, please visit https://www.globalplatform.org/specificationsipdisclaimers.asp. GlobalPlatform shall not be held responsible for identifying any or all such IPR, and takes no position concerning the possible existence or the evidence, validity, or scope of any such IPR.

1.3 References Table 1-1: Normative References

Standard / Specification Description Ref

GlobalPlatform Card Specification

GlobalPlatform Card Specification v2.3 [GPCS]

GlobalPlatform Privacy Framework

GlobalPlatform Privacy Framework v1.0 [GP PF]

GlobalPlatform Common Implementation Configuration

GlobalPlaform Card Common Implementation Configuration v2.0

[GP CIC]

BSI TR-03110 TR-03110 Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents and eIDAS Token v2.20

[TR 3110]

CEN/EN 419 212 Application Interface for smart cards used as Secure Signature Creation Devices, Part 1 (Basic services) & Part 2 (Additional services), 28/08/2014

[419 212]

GlobalPlatform API GlobalPlatform Java Card API and Export File v1.6 (or higher) [GP API]

https://www.globalplatform.org/specificationsipdisclaimers.asp



Standard / Specification Description Ref Java Card API Application Programming Interface, Java Card™ Platform,

v3.0.1 (or higher), Classic Edition, Oracle Corporation [JC API]

ICAO Doc 9303 Machine Readable Travel Documents, 7th edition 2015 [ICAO 9303]

Table 1-2: Informative References

Standard / Specification Description Ref

ISO/IEC 7816-4 Identification cards – Part 4 Organization, security and commands interchange, 2013

[7816-4]

1.4 Terminology and Definitions

Technical terms used in this document are defined in [GPCS].

1.5 Abbreviations and Notations

Hexadecimal values are enclosed in straight single quotation marks (example: '0F').

Selected abbreviations used in this document are defined in the following table. Additional abbreviations are defined in [GPCS].

Table 1-3: Abbreviations and Notations

Abbreviation / Notation Meaning

3DES Triple DES

AES Advanced Encryption Standard

CA Chip Authentication

CHAT Certificate Holder Authorization Template

DES Data Encryption Standard

DH Diffie Hellman

EAC Extended Access Control

ECDH Elliptic Curve Diffie Hellman

eMRTD electronic Machine Readable Travel Document

GAP General Authentication Procedure

GMF Global Master File

GPP Global Privacy Protocol

GPPA Global Privacy Protocol Application

OID Object Identifier

PACE Password Authenticated Connection Establishment

SCP Secure Channel Protocol



Abbreviation / Notation Meaning SPP Specific Privacy Protocol

TA Terminal Authentication

1.6 Revision History Table 1-4: Revision History

Date Version Description

May 2017 1.0 Member Release



2 Privacy Status Values for SCP21 Privacy Requirements may be specified for an Application using new tag 'E0' as part of System Specific Install Parameters (tag 'EF'), as described in the following table.

Table 2-1: System Specific Install Parameter for Privacy Requirements

Tag Length Value Occurrence

'EF' 0-N System Specific Install Parameters 0 to 1

… … … …

'E0' 3-N Privacy Requirements 0 to 1

'81' 1 Required Privacy Status Condition (see Table 2-3) 1

'80' 2 Required Privacy Status (see Table 2-2) 1 to N

Within tag 'E0', tag '81' shall appear first and shall be followed by one or more occurrences of tag '80'. Tag '81' (see section 2.2) specifies how the occurrences of tag '80' (see section 2.1) shall be interpreted.



2.1 Privacy Status

This section describes the privacy status values that shall be used when the GPP is configured with Secure Channel Protocol '21'. Such values apply for all “i” options and are used for the following:

• Current Privacy Status updated by the GPPA at each step of the protocol (see the GlobalPlatform Privacy Framework [GP PF] section 2.2).

• Required Privacy Status specified by sub-tag '80' of tag 'E0' as part of System Install Parameters (see [GP PF] section C.1). Tag 'A0' (for constructed values) shall not be used.

Table 2-2: Privacy Status for SCP21

Privacy Status Value (hexadecimal) Description

PACE MRZ '1001' The GPPA sets this privacy status when an authentication with PACE using an MRZ password is established.

PACE CAN '1002' The GPPA sets this privacy status when an authentication with PACE using a CAN password is established.

PACE PIN '1003' The GPPA sets this privacy status when an authentication with PACE using a PIN password is established.

PACE PUK '1004' The GPPA sets this privacy status when an authentication with PACE using a PUK password is established.

TA '2000' The GPPA sets this privacy status when a terminal authentication is established.

CA '3000' The GPPA sets this privacy status when a chip authentication is established. This value may be used when protocol other than GAP using EAC V2 is performed. For example, if the CA performed just after PACE.

GAP '7000' The GPPA sets this privacy status when a GAP authentication is established.



2.2 Privacy Status Condition

This section describes the possible values used to specify the Required Privacy Status Condition specified by sub-tag '81' of tag 'E0' as part of System Install Parameters (see [GP PF] section C.1). Tag 'A1' (for constructed values) shall not be used.

Table 2-3: Privacy Status Condition

Privacy Status Condition Value (hexadecimal) Description

EQUAL '5A' The privacy status condition is equal.

GREATER '55' The privacy status condition is greater.

When the specified condition is EQUAL, multiple occurrences of tag '80' (Privacy Status) may appear, in which case the OR logic shall apply.

When the specified condition is GREATER, the number of occurrences of tag '80' (Privacy Status) shall be limited to 1.

2.3 Example of Privacy Requirements

The following table shows an example of how Privacy Requirements could be specified for an Application:

• Selection allowed with PACE with PIN

• Selection allowed with PACE with CAN

• Selection allowed with GAP protocol established

Table 2-4: Example of System Specific Install Parameters for Privacy Requirements

Tag Length Value

'E0' 15 Privacy Requirements

'81' 1 EQUAL '5A'

'80' 2 PACE CAN '1002'

'80' 2 PACE PIN '1003'

'80' 2 GAP '7000'



3 PACE Used as GPP for an eMRTD Application This section describes the requirements when the GPP is configured with Secure Channel Protocol '21' option i='01', which is described in [GP PF].

3.1 Files Available under Global MF

This configuration requires at least one file stored under the GMF.

Table 3-1: EF.CardAccess File

File Description

File ID '011C'

Short File ID '1C'

Read Access ALWAYS

Write Access NEVER

Size Variable

The EF.CardAccess file shall describe at least the supported PACE domain parameters and algorithm. The content of this file is described in Machine Readable Travel Documents [ICAO 9303].

Note: Other files may be stored under the GMF.

3.2 Supported Algorithms for PACE

The implementation may support the following algorithms for PACE (defined in [ICAO 9303] part 11):

• Generic mapping with ECDH

• Generic mapping with DH

• Integrated mapping with DH

These algorithms may be combined with one (or more) of the following symmetric algorithms for PACE authentication and secure messaging:

• 3DES

• AES 128

• AES 192

• AES 256

The following table lists the OIDs that may be personalized and used to start the PACE protocol. This OID is a parameter of the MSE SET AT for PACE command starting the GPP. These OID values can be found in [ICAO 9303].



Table 3-2: Example of OIDs for PACE Protocol

Pace OID ASN.1 dotted format DER hexadecimal

id-PACE-DH-GM-3DES-CBC-CBC 0.4.0.127.0.7.2.2.4.1.1 '04007F00070202040101'

id-PACE-DH-GM-AES-CBC-CMAC-128 0.4.0.127.0.7.2.2.4.1.2 '04007F00070202040102'



id-PACE-ECDH-GM-3DES-CBC-CBC 0.4.0.127.0.7.2.2.4.2.1 '04007F00070202040201'

id-PACE-ECDH-GM-AES-CBC-CMAC-128 0.4.0.127.0.7.2.2.4.2.2 '04007F00070202040202'



id-PACE-DH-IM-3DES-CBC-CBC 0.4.0.127.0.7.2.2.4.3.1 '04007F00070202040301'

id-PACE-DH-IM-AES-CBC-CMAC-128 0.4.0.127.0.7.2.2.4.3.2 '04007F00070202040302'



Support for the algorithms described above is optional. It is necessary to support and personalize at least one of them in order to initiate the PACE protocol; however, such capability remains optional. The EF.CardAccess file shall be personalized accordingly.

The personalization of the above algorithms is out of scope of this specification.

Note: For performance reasons, GlobalPlatform recommends using ECDH instead of DH.

3.3 Supported Password Types for PACE

The implementation shall support the following password types to establish PACE authentication:

Table 3-3: Supported Password Types for PACE Protocol

PACE Password Password ID (hexadecimal)

MRZ '01'

CAN '02'

Additional password types may be supported.



4 GAP Used as GPP in a Multi-Application Context This section describes the requirements when GPP is configured with Secure Channel Protocol '21' option i='05', which is described in [GP PF].

This configuration does not support auxiliary data.

4.1 Files under Global MF

This configuration requires at least two files stored under the GMF.

Table 4-1: EF.CardAccess File

File Description

File ID '011C'

Short File ID '1C'

Read Access ALWAYS

Write Access NEVER

Size variable

The EF.CardAccess file shall specify at least the supported PACE domain parameters and algorithm and CA domain parameters and algorithm, as described in [ICAO 9303].

Table 4-2: EF.CardSecurity File

File Description

File ID '011D'

Short File ID '1D'

Read Access PACE (mandatory) + TA (optional)

Write Access NEVER

Size variable

The EF.CardSecurity file shall specify at least the Chip Authentication public key. The content of this file is described in the TR-03110 Technical Guideline [TR 3110]. When using CA version 2, access to EF.CardSecurity is optionally restricted to authenticated terminals.

Note: Other files may be stored under the GMF.



4.2 Supported Algorithms for PACE

The requirements described in section 3.2 shall apply.

4.3 Supported Password Types for PACE

The installation shall support all the following password types to establish PACE authentication.

Table 4-3: Supported Password Types for PACE Protocol

PACE Password Password ID (hexadecimal)

MRZ '01'

CAN '02'

PIN '03'

PUK '04'



4.4 Supported Algorithms for CA V2

The implementation may support the following algorithms for the CA protocol (defined in [419 212] part 1):

• Static Key Agreement with ECDH

• Static Key Agreement with DH

The above algorithms may be combined with one (or more) of the following symmetric algorithms for secure messaging:

• 3DES

• AES 128

• AES 192

• AES 256

The following table lists the OIDs that may be supported to perform the CA protocol. This OID is a parameter of the MSE SET AT for CA command. These OID values come from [TR 3110].

Table 4-4: Example of OIDs for CA Protocol

Chip Authentication Info OID ASN.1 dotted format DER hexadecimal

id-CA-DH-3DES-CBC-CBC 0.4.0.127.0.7.2.2.3.1.1 '04007F00070202030101'

id-CA-DH-AES-CBC-CMAC-128 0.4.0.127.0.7.2.2.3.1.2 '04007F00070202030102'



id-CA-ECDH-3DES-CBC-CBC 0.4.0.127.0.7.2.2.3.2.1 '04007F00070202030201'

id-CA-ECDH-AES-CBC-CMAC-128 0.4.0.127.0.7.2.2.3.2.2 '04007F00070202030202'



At least one of the algorithms described above shall be supported by the implementation and at least one of them shall be personalized to establish the CA protocol. EF.CardAccess and EF.CardSecurity files shall be personalized accordingly.

The personalization of the above algorithms is out of scope of this specification.

Note: For performance reasons, GlobalPlatform recommends using ECDH instead of DH.



4.5 Supported Algorithms for TA V2

The implementation may support the following algorithms for the TA protocol (defined in [419 212] part 1):

• Signature with ECDSA

• Signature with RSA

Above algorithms may use any of the following hash algorithms:

• SHA 1

• SHA 224

• SHA 256

• SHA 384

• SHA 512

The following table lists the OIDs supported for the TA public key. This OID is a parameter of the certificates and of the MSE SET AT for External Authenticate command. These OID values come from [TR 3110].

Table 4-5: Supported OIDs for TA Public Key

OID ASN.1 dotted format DER hexadecimal

id-TA-RSA-PSS-SHA-256 0.4.0.127.0.7.2.2.2.1.4 '04007F00070202020104'

id-TA-RSA-PSS-SHA-512 0.4.0.127.0.7.2.2.2.1.6 '04007F00070202020106'

id-TA-ECDSA-SHA-224 0.4.0.127.0.7.2.2.2.2.2 '04007F00070202020202'

id-TA-ECDSA-SHA-256 0.4.0.127.0.7.2.2.2.2.3 '04007F00070202020203'

id-TA-ECDSA-SHA-384 0.4.0.127.0.7.2.2.2.2.4 '04007F00070202020204'

id-TA-ECDSA-SHA-512 0.4.0.127.0.7.2.2.2.2.5 '04007F00070202020205'

At least one of the algorithms listed in Table 4-5 shall be supported by the implementation and at least one of them shall be personalized to establish the TA protocol.

An implementation shall not reject certificates due to unknown certificate extensions.



4.6 Supported CHAT for TA V2

The TA V2 protocol allows authentication with the different types of terminals described in the CHAT.

The following table describes the CHAT OID for TA V2. These OID values come from [TR 3110].

Table 4-6: Supported OIDs for CHAT

OID CHAT ASN.1 dotted format DER hexadecimal

id-role-IS 0.4.0.127.0.7.3.1.2.1 '04007F000703010201'

id-role-AT 0.4.0.127.0.7.3.1.2.2 '04007F000703010202'

id-role-ST 0.4.0.127.0.7.3.1.2.3 '04007F000703010203'

Support for the algorithms described above is optional. Support of terminal extension is optional.

4.7 Reading of Access Condition by Application

An Application that uses Terminal Authentication (TA1 or TA2) shall retrieve the access condition provided in the CHAT field in the certificate. This information can be retrieved using the GlobalPrivacyProtocol interface of the org.globalplatform.privacy API.

More precisely, the application shall:

• Prepare input as defined by the OID for CHAT. See Table 4-6.

• Call the getData(…) method.

The API returns the “Discretionary data” Data Object containing the effective authorization.



5 PACE Used as GPP for an eMRTD Application Using EAC V1

This section describes the requirements when the SPP is configured with Secure Channel Protocol '21' option i='02' described in [GP PF].

This configuration does not support auxiliary data.

5.1 File under Global MF


5.2 Supported Algorithm for PACE


5.3 Supported Password for PACE


5.4 Supported Algorithm for CA V1


For the algorithm id-CA-ECDH-3DES-CBC-CBC CA v1 shall be implemented using the MSE: SET KAT command. (The algorithm id-CA-ECDH-3DES-CBC-CBC may also be implemented using the MSE: SET AT and General Authenticate command.)

All other CA v1 algorithms listed in Table 4-4 shall be implemented using the MSE: SET AT and General Authenticate command.

Note: EN 419 212 is not compatible with ICAO Doc 9303 regarding the implementation of CA v1.

5.5 Supported Algorithm for TA V1


5.6 Supported CHAT for TA V1

The TA V1 allows authentication with an Inspection System (IS).

The following table describes the IS CHAT OID.

Table 5-1: OID for IS CHAT

OID CHAT ASN.1 dotted format DER hexadecimal

id-role-IS 0.4.0.127.0.7.3.1.2.1 '04007F000703010201'



5.7 Reading of Access Condition by Application




6 Supported GlobalPlatform API

6.1 Standard Java Card API

Support for Extended Length APDUs is required by this configuration to perform SCP21 authentication.

The card shall support the javacardx.adpu.ExtendedLength interface described in Java Card API [JC API].

6.2 GlobalPlatform Java Card API

The card shall implement the GlobalPlatform Java Card API [GP API] as described in [GP CIC] section 2.3.

This configuration also defines the following additional requirements:

• The package org.globalplatform.securechannel shall be implemented (export file version 1.0 or above).

• The package org.globalplatform.securechannel.provider shall be implemented (export file version 1.0 or above), with the following precisions:

o The following protocols shall be supported:

• TYPE_EAC_V1

• TYPE_GAP

• TYPE_PACE

o Support for other protocol types remains optional.

• The package org.globalplatform.privacy shall be implemented (export file version 1.0 or above).

• The package org.globalplatform.filesystem shall be implemented (export file version 1.0 or above).

Privacy Enhanced ID Configuration – PACE/GAP v1.0

Documents

Transcript of Privacy Enhanced ID Configuration – PACE/GAP v1.0