GlobalPlatform Device Technology TMF: Asymmetric Cryptography Security Layer Version 1.0 Public Release March 2017 Document Reference: GPD_SPE_122 Copyright 2013-2017 GlobalPlatform, Inc. All Rights Reserved. Recipients of this document are invited to submit, with their comments, notification of any relevant patents or other intellectual property rights (collectively, “IPR”) of which they may be aware which might be necessarily infringed by the implementation of the specification or other work product set forth in this document, and to provide supporting documentation. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited. TMF: Asymmetric Cryptography Security Layer – Public Release v1.0 THIS SPECIFICATION OR OTHER WORK PRODUCT IS BEING OFFERED WITHOUT ANY WARRANTY WHATSOEVER, AND IN PARTICULAR, ANY WARRANTY OF NON-INFRINGEMENT IS EXPRESSLY DISCLAIMED. ANY IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT SHALL BE MADE ENTIRELY AT THE IMPLEMENTER’S OWN RISK, AND NEITHER THE COMPANY, NOR ANY OF ITS MEMBERS OR SUBMITTERS, SHALL HAVE ANY LIABILITY WHATSOEVER TO ANY IMPLEMENTER OR THIRD PARTY FOR ANY DAMAGES OF ANY NATURE WHATSOEVER DIRECTLY OR INDIRECTLY ARISING FROM THE IMPLEMENTATION OF THIS SPECIFICATION OR OTHER WORK PRODUCT. Copyright 2013-2017 GlobalPlatform, Inc. All Rights Reserved. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited. TMF: Asymmetric Cryptography Security Layer – Public Release v1.0 3 / 38 Contents 1 Introduction ............................................................................................................................ 5 1.1 Audience ............................................................................................................................................... 5 1.2 IPR Disclaimer ...................................................................................................................................... 5 1.3 References ............................................................................................................................................ 5 1.4 Terminology and Definitions ................................................................................................................. 6 1.5 Abbreviations and Notations ................................................................................................................. 6 1.6 Revision History .................................................................................................................................... 7 2 Security Mechanism ............................................................................................................... 8 2.1 General Description .............................................................................................................................. 8 2.2 Cryptographic Algorithms and Key Sizes .............................................................................................. 9 2.2.1 Nomenclature ................................................................................................................................. 9 2.2.2 Key Derivation .............................................................................................................................. 10 2.2.3 Keys Used in Secure Channel Setup ........................................................................................... 11 2.2.4 Session Keys ............................................................................................................................... 11 2.2.5 Send Sequence Counter (SSC) ................................................................................................... 12 2.2.6 Encryption .................................................................................................................................... 12 2.3 Protocol ............................................................................................................................................... 13 2.3.1 Protocol States ............................................................................................................................. 13 2.3.2 Secure Channel Setup Flow ........................................................................................................ 15 2.3.3 Security Layer Embedding ........................................................................................................... 16 2.4 Error Behavior ..................................................................................................................................... 17 2.5 Definition of Data Structures ............................................................................................................... 17 2.5.1 Encoding of the Security Container ............................................................................................. 17 2.6 Processing .......................................................................................................................................... 22 2.6.1 Sender .......................................................................................................................................... 22 2.6.2 Receiver ....................................................................................................................................... 23 2.7 Additional Commands ......................................................................................................................... 24 2.7.1 ACSLBeginAuthenticate............................................................................................................... 24 2.7.2 ACSLAuthenticate ........................................................................................................................ 29 2.7.3 Terminate ..................................................................................................................................... 31 2.8 Audit Information ................................................................................................................................. 32 Annex A Assigned Values (Normative) .............................................................................. 34 A.1 Panic Context ...................................................................................................................................... 34 A.2 Specification UUIDs ............................................................................................................................ 34 Annex B ASN.1 Syntax (Normative) ................................................................................... 35 Copyright 2013-2017 GlobalPlatform, Inc. All Rights Reserved. The technology provided or described herein is subject to updates, revisions, and extensions by GlobalPlatform. Use of this information is governed by the GlobalPlatform license agreement and any use inconsistent with that agreement is strictly prohibited. 4 / 38 TMF: Asymmetric Cryptography Security Layer – Public Release v1.0 Figures Figure 2-1: Possible State Transitions ............................................................................................................ 13 Figure 2-2: Secure Channel Setup Flow ......................................................................................................... 15 Figure 2-3: Command Flow ............................................................................................................................. 16 Figure 2-4: Construction of Security Layer Containers (AES/HMAC) ............................................................. 21 Figure 2-5: Construction of Security Layer Containers (CCM and GCM) ....................................................... 21 Figure 2-6: Behavior of Sender of Message .................................................................................................... 22 Figure 2-7: Behavior of Receiver of Message ................................................................................................. 23 Tables Table 1-1: Normative References ...................................................................................................................... 5 Table 1-2: Informative References .................................................................................................................... 6 Table 1-3: Abbreviations and Notations ............................................................................................................ 6 Table 1-4: Revision History ............................................................................................................................... 7 Table 2-1: TLV Structure for Key Derivation ................................................................................................... 11 Table 2-2: Protocol States ............................................................................................................................... 13 Table 2-3: Processing and State Transitions in State AUTH_SETUP ............................................................ 14 Table 2-4: Container Types ............................................................................................................................