Generation static keys from Card Manager master key
843851Aug 24 2009 — edited Dec 31 2009Hi, I'm working with Oberthur ID-One Cosmo 64 smart cards.
I can't generate correct static keys values based on KMC key.
Response of INITIALIZE UPDATE command:
{RSP 00009103307716E300000101C85FAFE9DB95058A724C494597F64E87 9000}
Key Diversification Data:
00 00 91 03 30 77 16 E3 00 00
KMC Version Number:
01
Secure Channel Protocol Identifier:
01
Card Challenge:
C8 5F AF E9 DB 95 05 8A
Card Cryptogram
72 4C 49 45 97 F6 4E 87
Example value of Card Manager Master Key:
KMC = A3 81 FE 23 AC DE 6E C1 C1 23 81 34 6B A8 E2 DD
I'm using diversification algorithm from EMV Card Personalization Specification Version 1.1 July 2007:
"The KENC will be derived in the following way: KENC := DES3(KMC)[Six least
significant bytes of the KEYDATA || ’F0’ || ‘01’ ]|| DES3(KMC)[ Six least
significant bytes of the KEYDATA || ‘0F’ || ‘01’]. "
"The KMAC will be derived in the following way: KMAC := DES3(KMC)[ Six
least significant bytes of the KEYDATA || ’F0’ || ‘02’ ]|| DES3(KMC)[ Six
least significant bytes of the KEYDATA || ‘0F’ || ‘02’]."
Kenc_part1 = DES3 (KMC) (00 00 91 03 30 77 F0 01) = 14 E4 14 97 5B 5F CE 3E
Kenc_part2 = DES3 (KMC) (00 00 91 03 30 77 0F 01) = 26 38 87 B2 08 6A F3 08
Kmac_part1 = DES3 (KMC) (00 00 91 03 30 77 F0 02) = EC 93 3B 88 5C 49 6B 2C
Kmac_part2 = DES3 (KMC) (00 00 91 03 30 77 0F 02) = 65 C3 8D 5D 11 73 CD C7
Kenc = 14 E4 14 97 5B 5F CE 3E 26 38 87 B2 08 6A F3 08
Kmac = EC 93 3B 88 5C 49 6B 2C 65 C3 8D 5D 11 73 CD C7
Are these calculations correct?
I generate session keys based on these static keys and I'm sure that code to generate session
keys is correct. Test cards with predefined static keys (Kenc = Kmac = "40..4F") can do
EXTERNAL AUTHENTICATE command successfully (response code - 90 00).
I have changed value of KMC here, but with original value supplied from card issuer EXTERNAL
AUTHENTICATE command returns 6982 code.
regards Jarek