10.9.1 Functional
When the device receives the Verify Crypto command, it computes a challenge based on the received random number, Q, the internally stored associated cryptogram, Ci, and secret seed, Gi (or session encryption key, Si). The device also increments the Associated Attempts Counter. It then compares the computed challenge with the challenge sent by the host. If the challenges match, the device computes and writes a new Ci and Si. The device utilizes the success or failure information of the authentication process and updates the Authentication Attempts Counter accordingly.
Key index:
- b0000_00nn : Secret Seed G0-G3
- b0001_00nn : Session Encryption Key S0-S3
Data :
- Q : Host random number, 8 bytes
- CH : Host challenge, 8 bytes
|
Verify Crypto |
Data Sent | |||||||
|---|---|---|---|---|---|---|---|---|
|
CLA |
INS : Command |
P1 |
P2 |
P3 |
Q1 |
Q8 |
CH1 |
CH8 |
|
** |
$B8 |
000e 00nn |
** |
$10 |
d7--- ---d0 |
d63--- ---d56 |
d7--- ---d0 |
d63--- ---d56 |
To prevent replay attacks, the device increments the Associated Attempts Counter before each verification challenge. If the authentication succeeds, the device memorizes this success, clears the attempts counter and returns $90 $00. If the authentication fails, the device simply returns $69 $00. If the maximum number of trials has been exceeded, the device will return $69 $00 instead of the INS code, after receiving the header, to indicate that the command is unauthorized.