Card Verifiable Certificate

from Wikipedia, the free encyclopedia

A Card Verifiable Certificate (CVC) is a public key certificate that has been saved in a particularly compact format. The aim of the development was to enable verification of the certificate using smart cards , which are subject to severe resource restrictions in terms of storage space and computing power.

motivation

If a smart card wants to check the authenticity of an application that is accessing it, symmetrical challenge-response methods are currently mainly used. For this purpose, a symmetrical key is stored on the card during the production or personalization of the card. The disadvantage here is that for each party who later has to authenticate themselves to the card, a corresponding key must already be available during production. Subsequent expansion is no longer possible later.

The process can be simplified considerably if a PKI is established. Then only the public key of a root CA is stored in the card during card production. All parties who want to access the card later can receive their own certificate from this CA (or a subordinate CA) at any time and use it to authenticate themselves.

Certificate format

Certificates in X.509 format require a relatively large amount of storage space and, due to their flexibility, require the use of a complex algorithm for evaluation. CVCs circumvent these problems. Since they are only used for authentication, only the following information is relevant:

  • Issuing CA
  • Certificate holder
  • any access rights associated with the certificate
  • Public key of the certificate holder
  • Validity period

Self-descriptive CV certificates

Coding according to the Distinguished Encoding Rules of the ASN.1 standard enables these certificates to be interpreted without any further aids. Each data field is preceded by a day and a length specification. The tag indicates the type of the following data field. The ISO 7816-6 standard lists the permitted types.

Non-self-describing CV certificates

In contrast to self-describing certificates, this certificate type does not have a tag or length. In order to be able to interpret the data, a header list is required which contains the missing data. Together with the certificate data, the individual fields can be isolated.

By omitting the header element, the certificate is particularly space-saving. However, the smart card must receive a header list before verifying certificates of this type. This can happen when the card is produced or before the start of a certificate verification using the MANAGE SECURITY ENVIRONMENT command.

Signature creation

To save even more storage space, the signature is not attached to the certificate data, but is part of the certificate. The signature algorithm with message recovery defined in ISO 9796 is used for this. First of all, the hash value is generated over the entire certificate data and then divided. The first part is encrypted together with the hash value with the private signature key. This recoverable part of the data, together with the second part of the data, the non-recoverable part, forms the certificate.

verification

For verification, the recoverable part of the data is decrypted with the public signature verification key , the hash value is separated and the remaining data is linked to the non-recoverable part of the data. A hash value is generated from this data and compared with the signed hash. If the two values ​​match, it is ensured that the certificate data has not been manipulated.

commitment

  • As part of the electronic health card (eGK), it is planned to equip the card with a reload functionality. This is intended to create further possible uses for the card at a later date. To do this, the card management system of the respective health insurance company must authenticate itself to the card. CVCs are used for this.
  • When issuing an e-prescription that is stored on the eGK, the electronic health professional card of the issuing doctor must authenticate itself to the eGK with his CVC as part of a card-to-card authentication.
  • The electronic passport protects sensitive data such as B. Fingerprints using EAC . In order to be able to access the data, the reader must show its authorization to read the relevant data with its CVC against the ePassport or ID card.
  • With the new German identity card , a reader must prove the required authorization using EAC and a CVC (authorization certificate) before any data can be read from the chip.

Standards

The format of CV certificates is specified in ISO 7816 - Part 8 .