CAN/CSA-ISO/IEC 25185-1:18
Current
The latest, up-to-date edition.
Identification cards — Integrated circuit card authentication protocols — Part 1: Protocol for Lightweight Authentication of Identity (Adopted ISO/IEC 25185-1:2016, first edition, 2016-01-15)
Hardcopy , PDF
English
01-01-2018
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 Data dictionary
6 Authentication Protocol Description
7 Application identification
8 Command set
9 Status bytes and error handling
10 Key diversification
11 Session key generation
12 Default mode
Annex A (normative) - Test vectors
Annex B (informative) - Key management policy
Annex C (informative) - Keyset management
Annex D (informative) - Reference implementation
Annex E (informative) - Identity leakage considerations
Annex F (informative) - Operational mode management
Annex G (informative) - PLAID security features
Bibliography
Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). Scope This International Standard provides an authentication protocol suitable for use in physical and logical access control systems based on ICCs and related systems which support standards based AES-128 and RSA-2048 ciphers and the SHA-256 hashing algorithm. The standard specifies PLAID and its implementation in sufficient detail to allow any two or more implementations to be interoperable. This International Standard does not address how implementations share cryptographic keys, access control system credential records (including revocation) or manage payload entities such as PIN, PINHash, or biometric templates or other payload objects.
DocumentType |
Standard
|
ISBN |
978-1-4883-1059-1
|
Pages |
37
|
PublisherName |
Canadian Standards Association
|
Status |
Current
|
Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). Scope This International Standard provides an authentication protocol suitable for use in physical and logical access control systems based on ICCs and related systems which support standards based AES-128 and RSA-2048 ciphers and the SHA-256 hashing algorithm. The standard specifies PLAID and its implementation in sufficient detail to allow any two or more implementations to be interoperable. This International Standard does not address how implementations share cryptographic keys, access control system credential records (including revocation) or manage payload entities such as PIN, PINHash, or biometric templates or other payload objects.
Standards | Relationship |
ISO/IEC 25185-1:2016 | Identical |
ISO/IEC 18033-2:2006 | Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers |
ISO/IEC 18033-3:2010 | Information technology Security techniques Encryption algorithms Part 3: Block ciphers |
ISO/IEC 8824-2:2015 | Information technology Abstract Syntax Notation One (ASN.1): Information object specification Part 2: |
ISO/IEC 7816-4:2013 | Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange |
ISO/IEC 9797-1:2011 | Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher |
ISO/IEC 10118-3:2004 | Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions |
ISO/IEC 8824-1:2015 | Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation Part 1: |
ISO/IEC 7816-5:2004 | Identification cards — Integrated circuit cards — Part 5: Registration of application providers |
ISO/IEC 10116:2017 | Information technology — Security techniques — Modes of operation for an n-bit block cipher |
ISO/IEC 14443-3:2016 | Identification cards Contactless integrated circuit cards Proximity cards Part 3: Initialization and anticollision |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.