DPS
Drejtoria e Përgjithshme e Standardizimit
Phone: +355 4 222 62 55
E-mail: info@dps.gov.al
Address: Address: "Reshit Collaku" Str., (nearby ILDKPKI, VI floor), Po.Box 98, Tiranë - Albania
Main menu

SSH EN 14890-1:2008

Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services

Jun 17, 2009

General information

60.60     Jun 17, 2009

DPS

DPS/KT 224

European Norm

35.240.15  

English  

Buying

Published

Language in which you want to receive the document.

Scope

Part 1 of this series specifies the application interface to Smart Cards during the usage phase, used as Secure Signature Creation Devices (SSCD) according to the Terms of the European Directive on Electronic Signature 1999/93 to enable interoperability and usage as SSCD on a national or European level.
This document describes the mandatory services for the usage of Smart Cards as SSCDs based on CEN CWA 14890. This covers the signing function, storage of certificates, the related user verification, establishment and use of trusted path and channel, requirements for key generation and the allocation and format of resources required for the execution of those functions and related cryptographic token information.
Thereby the functionality of CWA 14890-1 is enhanced in the following areas:
- Device authentication with Elliptic Curves (ELC) for existing asymmetric authentication protocols (RSA Transport, Privacy Protocol),
- Enhancement of existing asymmetric authentication protocols due to privacy and non-traceability constraints,
- Card Verifiable (CV) Certificate Formats (self descriptive) with ELC for all types of authentication and authorization protocols,
- Secure Messaging Tags and use of commands with Odd-INS Code in compliance to the actual ISO/IEC 7816-4,
- Further hash algorithms (SHA2–family) with corresponding Object identifier and Algorithm references,
- Use of AES in authentication protocols,
- Use of AES for secure messaging.
The following items are out of scope:
1) The physical, electrical and transport protocol characteristics of the card,
2) The external signature creation process and signature environment,
3) The elements required to verify an electronic signature produced by a card used as a SCCD,
4) The error handling process.

Life cycle

NOW

PUBLISHED
SSH EN 14890-1:2008
60.60 Standard published
Jun 17, 2009

Related project

Adopted from EN 14890-1:2008

Preview

Only informative sections of projects are publicly available. To view the full content, you will need to members of the committee. If you are a member, please log in to your account by clicking on the "Log in" button.

Login