Key Management and its Relationship to Cryptography: SDA

October 13, 2016 | Views: 1437

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Key Management and Relationship to Cryptography: Part I | SDA

I learned a lot from the Cryptography course so I decided to share with other Cybrary users how it relates to my field in the payment industry using ICCs (Integrated Circuit Cards).

SDA stands for Static Data Authentication in the EMV world. SDA is performed on a card by the terminal using digital signature techniques to confirm that the data resident on an ICC. This detects modification of a data after personalisation.

SDA requires that a CA (certificate authority), signs the IPK (issuer public keys). Below diagram shows what plays out during the process.

This is the scenario that plays out

The issuer of chip card gets a CA and gives the CA her Public Key (PI). The CA merges the PI with the CA’s Private Key (SCA) and issues an Issuer PK Certificate.

The Issuer PK is then encoded into the ICC together with the Signed Static Application Data (SSAD), which is a combination of the Static Application Data and the Issuer Private Key (SI).


When a cardholder uses the ICC on a terminal, the Acquirer decrypts or deciphers the message with the CA’s Public Key (PCA) that corresponds with the Private Key (SCA) pair to verify the ICC’s authenticity and uses the Issuer’s PI to confirm that the ICC’s SSAD was signed by the Issuer.

ICCs that support SDA will contain the following elements:

§  CA Public Key Index – which contains a number that indicates which of the application’s CA public keys and its related algorithm that resides in the terminal to be used with the ICC.

§  Issuer Public Key Certificate – this is provided by the CA to the card issuer.

§  Signed Static Authentication Data (SSAD) – generated by the issue using a private key that is the pair to the public key authenticated in the Issuer Public Key Certificate. It is the digital signature (DS) protecting the data elements in the ICC.




Diagram culled from EMV 4.3 Book 2

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?