GlobalPlatform migrating encryption standard
24 September, 2009
category: Corporate, Digital ID, Government
GlobalPlatform has taken the first step towards migrating its secure framework technology to the Advanced Encryption Standard (AES) with the launch of the Secure Channel Protocol 03. This latest royalty-free document from the association aligns GlobalPlatform technology to the cryptographic standard increasingly being stipulated by many organizations, including the U.S. government.
The GlobalPlatform Secure Channel Protocol 03 – published as Amendment D to Card Specification v2.2 – defines a new set of cryptographic methods based on AES for the communication between a smart card and an external entity, which enables GlobalPlatform technology to be compliant with requirements for AES based security.
This allows GlobalPlatform cards to migrate from the Data Encryption Standard (DES) to AES, which was developed as a joint initiative between the U.S. government and private industry to strengthen cryptography and increase the length of keys.
Referencing recommendations from the U.S. National Institute of Standards and Technology and the U.S. Department of Defense, the Secure Channel Protocol 03 ensures that the security mechanisms of GlobalPlatform cards conform to the FIPS 201 and NIST Special Publication 800-57. The technology also aligns with the 2010 mandate of the NIST SP 800-78.