This update of the amendment introduces new implementation options S8 and S16, where S8 mode corresponds to the legacy SCP03 protocol and S16 mode introduces stronger cryptographic strength with 16-byte challenges and cryptograms and 16-byte (non-truncated) C-MAC and R-MAC. S16 mode is introduced based on recommendations from the GlobalPlatform Security Task Force. It also extends the class byte values for INITIALIZE UPDATE and EXTERNAL AUTHENTICATE commands.
This document is a maintenance release.
This document proposes a new secure channel protocol based on AES keys and specifies: - A new mechanism to generate session keys. - The schemes to be used with AES for C-MAC, R-MAC, command data field encryption and response data field encryption. - The format of PUT KEY for AES. This new protocol is based on existing SCP01 and SCP02 protocols. It supports AES-based cryptography in lieu of TDEA. The protocol protects bidirectional communication between the Host and the card (decryption/MAC verification for incoming commands, encryption/MAC generation on card response). In addition, the document defines the formats and requirements for DAPs, Tokens and Receipts if AES is used for card content management activities.
This specification allows GlobalPlatform cards to be compliant to the cryptographic strength required by FIPS 201 and NIST 800-57 and also 2010 mandate of SP 800-78.