Dr. Ullrich MartiniProduct ManagementGiesecke + Devrient Mobile Security GmbH25th November 2020

Java Card Forum Webinar

Secure Personalization of Java Card and Applications in the Operational Phase

Overview

− Requirements and Problem Statement

− Related Specifications

o JavaCard

o GlobalPlatform

− Solution

− Implementation

− Examples

2020-11-25JCF Webinar 2020 2

Life Cycle of a Security/IoT Device

3

Development Operating

System and Applications

Chip-Initialisation

Javacard-OS +Application

ManufactureSecurity /IoT

Device

Trustedpersonalize

of IoTdevice

Usagephase

Security IoT Device

Update and extend

functionality ofthe Device

RemovalDestruction

Personalization

2020-11-25JCF Webinar 2020

pre-personalization bythe chip manufacturer

delivery to User

personalisation in thehands of the user

Requirements for Flexible Production

42020-11-25JCF Webinar 2020

Key Material

PersonalizationData

ApplicationSecurity

Monetization

Identity

Requirements for Secure Personalization

52020-11-25JCF Webinar 2020

Basic Requirement: Implemented Java Card Features

Cryptography:

− Elliptic Curve Signatue (ECDSA)

− Elliptic Curve Key Agreement (ECKA)

− (Optionally) RSA (variant of key generation)

− AES

Applet-to-Applet Communication:

− Communication between Security Domain and CASD

→ CASD will generate a key set for this instance

− Communication between Applet and its (associated) Security Domain

→ Applet will use its associated Security Domain to verify and decrypt personalization commands

62020-11-25JCF Webinar 2020

Solution for Flexible and Secure Personalization: Overview

7

GP Specifications offers extensions of Java Cards:

Amendment A: Confidential Card Content Management

Amendment F: Secure Channel Protocol '11'

Amendment I : Secure Element Management Service

In the factory:

Install JavaCard operating system and applet packages

Create Issuer Security Domain

Create Controlling Authority Security Domain (CASD)

Pre-Personalizing

In the field:

Apply Secure Channels

Provide Key Generation

Perform Applet-Loading/-Personalization

2020-11-25JCF Webinar 2020

Relevant Entities in the Java Card/GP Architecture

− Java Card OS

− GlobalPlatform Framework

− Security Domains

→manage keys for their associated applications

− Specific Security Domains

→Issuer Security Domain

→Controlling Authority Security Domain

− Contactless Registry

8

Java Card OS

2020-11-25JCF Webinar 2020

What is needed for Secure Personalisation

− Pre-defined Security Domain

− Pre-defined Controlling Authority Security Domain (Amendment A)

→required for key generation in the field

− Set-Up of a Secure Channel

→ Secure Channel Protocol 11 (Amendment F)

o Elliptic curve key agreement

o Elliptic curve signature

o establish AES keys for Authentiation / Encryption of Secured Command Sequences (CMAC) acc. Secure Channel Protocol 03

→ Subsequent commands secured commands using AES/SCP03

− Contactless Registry (for contactless applet registration)

92020-11-25JCF Webinar 2020

Preparation of Secure Personalisation in field

10

External Data

Generation

Pre-

Personalisation of

ISD/CASD Data

in each chip

Generation of

− Public Key Pair

− Certificates

CA hierarchy for

Application

Providers

Application

Provider’s

certificates

2020-11-25JCF Webinar 2020

Secure APDU Sequence Generation

11

Data

Gen

„Script of APDU“

Generation

OEMIssuerApplication

Provider

Authorize AP

CERT.SD.ECKA

Secured Commands

(“Script”)

Security

Domain

Data

Public Key of Security Domain

Preparation for personalization scripts in Usage Phase

Certificate

Authority

Public key

CA key used in pre-personalization

2020-11-25JCF Webinar 2020

Personalize applet in the field

12

Application

ProviderISD CASDAPSD

(1) certificate

(2) ephemeral key

(3) Generate SCP03

keys

(4) APDUs: create APSD, generate keys

Key

generation(5) Key Recovery

(6) Personalization

Applet

(7) decrypt

2020-11-25JCF Webinar 2020

STORE DATA

MUTUAL

AUTHENTICATE

GP commands to

create APSD

Application

Provider sends

personalization

Personalization

Details of Secured Comand Sequence APDUs

− First APDU

o Certificate that identifies the Application Provider

o Certificate may contain information about allowed commands

− Second APDU

o Ephemeral key of Application Provider

o No ephemeral key of Security Domain

o Key Agreement performed and SCP03 opened

− Following Commands

o SCP03 security as specified by Global Platform

132020-11-25JCF Webinar 2020

Personalization in Field: Swatch Pay!

14

Issuing Bank

G+D

Wearable

Personalization

Service

Token Service Provider

SwatchPay

Companion AppSwatchPay

Perso-Box

Swatch with eSE

Secured

Personalization

Scripts

2020-11-25JCF Webinar 2020

Example 1: Payment Function for Wearable Devices

Users have a companion app for their wearable device

− User Interface

o Personalization

o Management

− Distribution of APDU sequences („Scripts“) via Google Firebase

− Connect wearable device to Token Requestor

− Management of tokens

o Set preferred card directly

o Suspend, unsuspend, delete, view transactionsvia the Token Requestor

Wearable can be used like a contactless card in theshop

152020-11-25JCF Webinar 2020

Example 2: IoT device managed in field

Remote Management for an Excavator Machine

− Machine prepared for remote maintenance

− When setting up a new excavator machine owner will:

o Update the machine to install owner‘s keys.

o Initialize a remote maintenance application.

o Make remote management secure.

Owner now can access remote maintenance

162020-11-25JCF Webinar 2020

Thank you!

Questions

Dr. Ullrich MartiniUllrich.martini@gi-de.com