ISO IEC 9798-6:2010 pdf – lnformation technology -Securitytechniques- Entity authentication —Part 6: Mechanisms using manual data transfer.
Suppose device A has data 1) that needs to be sent to device I? at some later time.
a) Device A generates a random key K, where K is suitable for use with the check-value function shared by the two devices. Using this key K. device A computes a check-value as a function of the data D. The check-value and the key K are then output to the user by the output interface of device A. The user reads the output check-value and key K.
b) The user enters the check-value and key K output from device .4 to the Input Interface of device B. The key K and the check-value are stored in device B.
C) When device B at some later time receives data D, it can verify the authenticity of the data using the stored values of K and the check-value. Device A uses the key K to recompute the check-value as a function of the received data L). If the two check-values agree then device B accepts the data and outputs a success signal to the user. Otherwise It gives a failure signal.
The manual authentication certificate consists of K and the check-value computed as a function of K and D.
NOTE An example of data that coAd be inclijded in I) are a public key of a device, its entity. the domain of service. etc In Mnex B an example Is provided of how manual authentication certificates can be used to establish a shared secret key between two devices.
6.3 Mechanism 2 — Devices with simple input capabilities
6.3.1 Specific requirements
This mechanism has the following specific requwernents.
a) The mechanism specified An this subclause is appropnate for the case where both devices (A and B) have a simple input interface,
b) One of the devices (the device labelled .4 below) shall have the means to generate keys.
6.3.2 Specification of data exchanged
The following data exchanges and operations shall take place (see also Figure 2).
a) Both devices shall output a signal to acknowledge that they have received data 0 and that they are ready for the authentication mechanism to commence. On observing that both devices are ready, the user shall then enter a signal into device A to notify .4 that the mechanism can start.
b) Device .4 shall generate a random key K, where K is suitable for use with the check-value function shared by the two components. Using this key K, device A shall compute a check-value as a function of the data D. The check-value and the key K shall then be output via the output interface of device A. Device A shall also transmit the key K to device B via the shared communications link.
c) Device B shall use the key K to compute the check-value as a function of its stored version of data 0, and shall output the key K and the computed check-value.
d) The user shall compare the two output check-values and the two output keys. If the values agree then the user enters a signal of acceptance into both devices. If the check-values or the key values are different then the mechanism has failed and the user shall enter a reiection signal into the devices. The devices shall interpret the absence of an acceptance signal as a failure signal (this will require the implementation of a time-out mechanism).
7 Mechanisms using a manual transfer of a short digest-value or a short key7.1General
In this clause four manual authentication mechanisms are specified that involve the manual transfer of either ashort digest-value or a short key. The four mechanisms are appropriate for different types of device.Specifically,
the first two mechanisms (mechanisms 3 and 4) are appropriate for the case where one device has asimple input interface and the other has a simple output interface, and
the second two mechanisms(mechanisms 5 and 6) are appropriate for the case where both devices havea simple input interface.
A standard input or output interface can emulate a simple interface, and hence if both devices have standardinput and output interfaces then either of the mechanisms can be used.
All mechanisms operate in the following general way. A data string D and a hash-value are transferred fromone device to the other (D may alternatively be made up of the concatenation of data transferred in bothdirections) via the shared communications link. The manual entity authentication mechanism is then executed.As a result of the mechanisms both devices are provided with assurance that the data string D they possess isthe same as the value held by the other device.