ISO IEC 7816-8:2021 pdf download – Identification cards — Integrated circuit cards — Part 8: Commands and mechanisms for security operations.
1 Scope This document specifies interindustry commands which can be used for security operations. This document also provides informative directives on how to construct security mechanisms with commands defined in ISO/IEC 7816-4. The choice and conditions of use of cryptographic mechanism in security operations can affect card exportability. The evaluation of the suitability of algorithms and protocols is outside the scope of this document. It does not cover the internal implementation within the card and/or the outside world. 2 Normative references The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-4, Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. ISO and IEC maintain terminology databases for use in standardization at the following addresses: — ISO Online browsing platform: available at https://www.iso .org/obp — IEC Electropedia: available at https://www.electropedia .org/ 3.1 asymmetric key pair pair of elements belonging to cryptographic techniques that use two related operations: a public operation defined by public numbers or by a public key (3.4) and a private operation defined by private numbers or by a private key Note 1 to entry: The two operations have the property that, given the public operation, it is computationally infeasible to derive the private operation. 3.2 certificate digital signature (3.3) binding a particular person or object and its associated public key (3.4) Note 1 to entry: The entity issuing the certificate also acts as tag allocation authority with respect to the data elements in the certificate. [SOURCE: ISO/IEC 7816-4:2020, 3.11]
3.3 digital signature data appended to, or cryptographic transformation of, a data string that proves the origin and the integrity of the data string and protects against forgery, e.g. by the recipient of the data string [SOURCE: ISO/IEC 7816-4:2020, 3.20] 3.4 key sequence of symbols controlling a cryptographic operation EXAMPLE Encipherment, decipherment, a private or a public operation in a dynamic authentication, signature production, signature verification. [SOURCE: ISO/IEC 7816-4:2020, 3.30] 3.5 non-self-descriptive certificate certificate (3.2) consisting of a concatenation of data elements associated to a header list or extended header list, describing the structure of the certificate 3.6 self-descriptive certificate certificate (3.2) consisting of a concatenation of data objects 3.7 secure messaging SM set of means for cryptographic protection of (parts of) command-response pairs [SOURCE: ISO/IEC 7816-4:2020, 3.49]