iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 7816-15:2016

(Main)

Identification cards — Integrated circuit cards — Part 15: Cryptographic information application

Identification cards — Integrated circuit cards — Part 15: Cryptographic information application

ISO/IEC 7816-15:2016 specifies an application in a card. This application contains information on cryptographic functionality. This part of ISO/IEC 7816 defines a common syntax and format for the cryptographic information and mechanisms to share this information whenever appropriate. The objectives of this part of ISO/IEC 7816 are to - facilitate interoperability among components running on various platforms (platform neutral), - enable applications in the outside world to take advantage of products and components from multiple manufacturers (vendor neutral), - enable the use of advances in technology without rewriting application-level software (application neutral), and - maintain consistency with existing, related standards while expanding upon them only where necessary and practical. It supports the following capabilities: - storage of multiple instances of cryptographic information in a card; - use of the cryptographic information; - retrieval of the cryptographic information, a key factor for this is the notion of "Directory Files", which provides a layer of indirection between objects on the card and the actual format of these objects; - cross-referencing of the cryptographic information with DOs defined in other parts of ISO/IEC 7816 when appropriate; - different authentication mechanisms; - multiple cryptographic algorithms (the suitability of these is outside the scope of this part of ISO/IEC 7816). ISO/IEC 7816-15.2016 does not cover the internal implementation within the card and/or the outside world. It is not mandatory for implementations complying with this International Standard to support all options described. In case of discrepancies between ASN.1 definitions in the body of the text and the module in Annex A, Annex A takes precedence.

Cartes d'identification — Cartes à circuit intégré à contacts — Partie 15: Application des informations cryptographiques

General Information

Status
Published
Publication Date
08-May-2016
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ISO/IEC JTC 1/SC 17 - Cards and security devices for personal identification
Drafting Committee
ISO/IEC JTC 1/SC 17/WG 4 - Generic interfaces and protocols for security devices
Current Stage
9093 - International Standard confirmed
Start Date
08-Oct-2021
Completion Date
19-Apr-2025
Ref Project

Relations

Amended By
ISO/IEC 7816-15:2016/Amd 1:2018 - Identification cards — Integrated circuit cards — Part 15: Cryptographic information application — Amendment 1
Effective Date
25-Apr-2020
Revises
ISO/IEC 7816-15:2004/Amd 1:2007 - Identification cards — Integrated circuit cards — Part 15: Cryptographic information application — Amendment 1: Examples of the use of the cryptographic information application
Effective Date
09-Nov-2013
Revises
ISO/IEC 7816-15:2004/Amd 2:2008 - Identification cards — Integrated circuit cards — Part 15: Cryptographic information application — Amendment 2: Error corrections and extensions for multi-application environments
Effective Date
09-Nov-2013
Revises
ISO/IEC 7816-15:2004 - Identification cards — Integrated circuit cards — Part 15: Cryptographic information application
Effective Date
09-Nov-2013
ISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cardsISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cards
PreviousNext
Standard
ISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cards
English language
117 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cardsISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cards
PreviousNext
Standard
ISO/IEC 7816-15:2016 - Identification cards -- Integrated circuit cards
English language
117 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


FINAL
INTERNATIONAL ISO/IEC
DRAFT
STANDARD FDIS
7816-15
ISO/IEC JTC 1/SC 17
Identification cards — Integrated
Secretariat: BSI
circuit cards —
Voting begins
on: 2015-12-07
Part 15:
Voting terminates
Cryptographic information application
on: 2016-02-07
Cartes d’identification — Cartes à circuit intégré à contacts —
Partie 15: Application des informations cryptographiques
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/IEC FDIS 7816-15:2015(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
©
NATIONAL REGULATIONS. ISO/IEC 2015

ISO/IEC FDIS 7816-15:2015(E)
© ISO/IEC 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2015 – All rights reserved

ISO/IEC FDIS 7816-15
Contents Page
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 2
4 Symbols and abbreviated terms . 5
4.1 Symbols . 5
4.2 Abbreviated terms . 5
5 Conventions . 7
6 Cryptographic information objects . 7
6.1 General . 7
6.2 CIO classes . 7
6.3 Attributes . 8
6.4 Access restrictions . 8
7 CIO files . 8
7.1 Overview . 8
7.2 IC card requirements . 8
7.3 Card file structure . 8
7.4 EF.DIR . 9
7.5 Contents of DF.CIA . 11
7.5.1 Overview . 11
7.5.2 CIAInfo EF . 11
7.5.3 EF.OD . 12
7.5.4 CIO directory files . 12
7.5.5 DF.CIA selection . 13
8 Information syntax in ASN.1 . 13
8.1 Guidelines and encoding conventions . 13
8.2 Basic ASN.1 defined types . 14
8.2.1 Identifier . 14
8.2.2 Reference . 14
8.2.3 Label . 14
8.2.4 CredentialIdentifier . 14
8.2.5 ReferencedValue and Path . 15
8.2.6 ObjectValue . 16
8.2.7 PathOrObjects . 16
8.2.8 CommonObjectAttributes . 17
8.2.9 CommonKeyAttributes . 20
8.2.10 CommonPrivateKeyAttributes . 21
8.2.11 CommonPublicKeyAttributes . 22
8.2.12 CommonSecretKeyAttributes . 22
8.2.13 GenericKeyAttributes . 23
8.2.14 KeyInfo. 23
8.2.15 CommonCertificateAttributes . 23
8.2.16 GenericCertificateAttributes . 24
8.2.17 CommonDataContainerObjectAttributes . 24
8.2.18 CommonAuthenticationObjectAttributes . 25
8.2.19 CIO type . 25
8.3 CIOChoice type . 25
8.4 Private key information objects . 26
8.4.1 PrivateKeyChoice . 26
Error! Reference source not found. i

ISO/IEC FDIS 7816-15
8.4.2 Private RSA key attributes .26
8.4.3 Private elliptic curve key attributes .27
8.4.4 Private Diffie-Hellman key attributes .27
8.4.5 Private DSA key attributes .27
8.4.6 Private KEA key attributes .27
8.4.7 Generic private key information objects .28
8.5 Public key information objects .28
8.5.1 PublicKeyChoice .28
8.5.2 Public RSA key attributes .28
8.5.3 Public elliptic curve key attributes .28
8.5.4 Public Diffie-Hellman key attributes .29
8.5.5 Public DSA key attributes .29
8.5.6 Public KEA key attributes .30
8.5.7 Generic public key information objects .30
8.6 Secret key information objects .30
8.6.1 SecretKeyChoice .30
8.6.2 Algorithm independent key attributes .30
8.6.3 GenericSecretKey type .31
8.7 Certificate information objects .31
8.7.1 CertificateChoice .31
8.7.2 X.509 certificate attributes .31
8.7.3 X.509 attribute certificate attributes.31
8.7.4 SPKI certificate attributes .32
8.7.5 PGP (Pretty Good Privacy) certificate attributes .32
8.7.6 WTLS certificate attributes .32
8.7.7 ANSI X9.68 domain certificate attributes .32
8.7.8 Card verifiable certificate attributes .33
8.7.9 Generic certificate attributes .33
8.8 Data container information objects .33
8.8.1 DataContainerObjectChoice .33
8.8.2 Opaque data container object attributes .33
8.8.3 ISO/IEC 7816 data object attributes .33
8.8.4 Data container information objects identified by OBJECT IDENTIFIERS .34
8.9 Authentication information objects .34
8.9.1 AuthenticationObjectChoice .34
8.9.2 Password attributes .34
8.9.3 Biometric reference data attributes .37
8.9.4 Authentication objects for external and internal authentication .
...


INTERNATIONAL ISO/IEC
STANDARD 7816-15
Second edition
2016-05-15
Identification cards — Integrated
circuit cards —
Part 15:
Cryptographic information application
Cartes d’identification — Cartes à circuit intégré à contacts —
Partie 15: Application des informations cryptographiques
Reference number
©
ISO/IEC 2016
© ISO/IEC 2016, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2016 – All rights reserved

Contents Page
Foreword . iv
Introduction . vi
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 2
4 Symbols and abbreviated terms . 5
4.1 Symbols . 5
4.2 Abbreviated terms . 5
5 Conventions . 7
6 Cryptographic information objects . 7
6.1 General . 7
6.2 CIO classes . 7
6.3 Attributes . 8
6.4 Access restrictions . 8
7 CIO files . 8
7.1 Overview . 8
7.2 IC card requirements . 8
7.3 Card file structure . 9
7.4 EF.DIR . 9
7.5 Contents of DF.CIA . 11
7.5.1 Overview . 11
7.5.2 CIAInfo EF . 11
7.5.3 EF.OD . 12
7.5.4 CIO directory files . 12
7.5.5 DF.CIA selection . 13
8 Information syntax in ASN.1 . 14
8.1 Guidelines and encoding conventions . 14
8.2 Basic ASN.1 defined types . 14
8.2.1 Identifier. 14
8.2.2 Reference . 14
8.2.3 Label . 14
8.2.4 CredentialIdentifier . 14
8.2.5 ReferencedValue and Path . 15
8.2.6 ObjectValue . 16
8.2.7 PathOrObjects . 17
8.2.8 CommonObjectAttributes . 17
8.2.9 CommonKeyAttributes . 21
8.2.10 CommonPrivateKeyAttributes . 22
8.2.11 CommonPublicKeyAttributes. 23
8.2.12 CommonSecretKeyAttributes . 23
8.2.13 GenericKeyAttributes . 24
8.2.14 KeyInfo. 24
8.2.15 CommonCertificateAttributes . 24
8.2.16 GenericCertificateAttributes . 25
8.2.17 CommonDataContainerObjectAttributes . 25
8.2.18 CommonAuthenticationObjectAttributes . 25
8.2.19 CIO type . 26
8.3 CIOChoice type . 26
© ISO/IEC 2016 – All rights reserved i

8.4 Private key information objects . 27
8.4.1 PrivateKeyChoice . 27
8.4.2 Private RSA key attributes . 27
8.4.3 Private elliptic curve key attributes . 27
8.4.4 Private Diffie-Hellman key attributes . 28
8.4.5 Private DSA key attributes . 28
8.4.6 Private KEA key attributes . 28
8.4.7 Generic private key information objects . 28
8.5 Public key information objects . 29
8.5.1 PublicKeyChoice. 29
8.5.2 Public RSA key attributes . 29
8.5.3 Public elliptic curve key attributes . 29
8.5.4 Public Diffie-Hellman key attributes . 30
8.5.5 Public DSA key attributes . 30
8.5.6 Public KEA key attributes . 30
8.5.7 Generic public key information objects . 31
8.6 Secret key information objects . 31
8.6.1 SecretKeyChoice . 31
8.6.2 Algorithm independent key attributes . 31
8.6.3 GenericSecretKey type . 31
8.7 Certificate information objects . 31
8.7.1 CertificateChoice . 31
8.7.2 X.509 certificate attributes . 32
8.7.3 X.509 attribute certificate attributes. 32
8.7.4 SPKI certificate attributes . 32
8.7.5 PGP (Pretty Good Privacy) certificate attributes . 33
8.7.6 WTLS certificate attributes . 33
8.7.7 ANSI X9.68 domain certificate attributes . 33
8.7.8 Card verifiable certificate attributes . 33
8.7.9 Generic certificate attributes . 34
8.8 Data container information objects . 34
8.8.1 DataContainerObjectChoice . 34
8.8.2 Opaque data container object attributes . 34
8.8.3 ISO/IEC 7816 data object attributes . 34
8.8.4 Data container information objects identified by OBJECT IDENTIFIERS . 34
8.9 Authentication information objects . 35
8.9.1 AuthenticationObjectChoice . 35
8.9.2 Password attributes . 35
8.9.3 Biometric reference data attributes . 38
8.9.4 Authentication objects for external and internal authentication . 40
8.10 Cryptographic information file, EF.CIAInfo . 40
Annex A (normative) ASN.1 module . 43
Annex B (informative) CIA example for cards with digital signature and auth
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 18584-1:2025(Main)
Information technology — Test methods for on-card biometric comparison applications — Part 1: General principles and specifications

This document establishes conformance testing for the requirements described in ISO/IEC 24787-1, which are: — framework for on-card biometric comparison, both in sensor-off-card systems and as part of Biometric System-on-Card; — security policies for on-card biometric comparison. Measuring the performance of on-card biometric comparison algorithms such as error rates or speed is not within the scope of this document.

  • Standard
    19 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 18013-7:2025(Main)
Personal identification — ISO-compliant driving licence — Part 7: Mobile driving licence (mDL) add-on functions

This document augments the capabilities of the mobile driving licence (mDL) standardized in ISO/IEC 18013-5 with the following additional functionality: — presentation of a mobile driving licence to a reader over the internet.

  • Technical specification
    42 pages
    English language
    sale 15% off
ISO
ISO/IEC 18584-2:2025(Main)
Information technology — Test methods for on-card biometric comparison applications — Part 2: Work-sharing mechanism

This document establishes conformance testing for the requirement described in ISO/IEC 24787-2, which is: — work-sharing on-card biometric comparison. Measuring the performance of on-card biometric comparison algorithms such as error rates or speed is not within the scope of this document.

  • Standard
    6 pages
    English language
    sale 15% off
ISO
ISO/IEC 22460-1:2025(Main)
Cards and security devices for personal identification — ISO UAS licence and drone or UAS security module — Part 1: Physical characteristics and basic data sets for UAS licence

This document establishes requirements and recommendations for the design format and data content of a drone or UAS remote pilot and remote crew licence, encompassing both visual human-readable features and machine-readable technologies. By establishing a common basis, this document aims to standardize drone or UAS remote pilot and remote crew licence without impeding the efforts of individual national or regional drone or UAS-related authorities. NOTE Not all jurisdictions require drone or UAS remote pilot and remote crew licences.

  • Standard
    35 pages
    English language
    sale 15% off
ISO
ISO/IEC 7816-3:2006/Amd 1:2025(Amendment)
Identification cards — Integrated circuit cards — Part 3: Cards with contacts — Electrical interface and transmission protocols — Amendment 1: Additional voltage classes
  • Standard
    3 pages
    English language
    sale 15% off
ISO
ISO/IEC 10373-6:2025(Main)
Cards and security devices for personal identification — Test methods — Part 6: Contactless proximity objects

This document defines test methods which are specific to proximity cards and objects, proximity coupling devices and proximity extended devices, defined in ISO/IEC 14443-1, ISO/IEC 14443-2, ISO/IEC 14443-3 and ISO/IEC 14443-4. NOTE Test methods defined in this document are intended to be performed separately. A given proximity card or object, proximity coupling device or proximity extended device, is not required to pass through all the tests sequentially. The conformance test plan defined in Annex O specifies the list of tests required for each part of the ISO/IEC 14443 series.

  • Standard
    240 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 18013-6:2024(Main)
Personal identification — ISO-compliant driving licence — Part 6: mDL test methods

This document specifies test methods for testing conformity of a mobile driving licence (mDL) or an mDL reader to ISO/IEC 18013-5. This document specifies test methods for: — mDL on its interface to an mDL reader; — mDL reader on its interface to an mDL; — mDL reader on its (optional) interface to an issuing authority infrastructure. Test cases for an issuing authority infrastructure on its interface to an mDL reader are not included in this document. Test cases for the use of OIDC by an mDL reader on its interface to an issuing authority infrastructure are not included in this document. This document only provides test cases for the use of WebAPI on this interface. This document only addresses the functional behaviour of an implementation under test (IUT) on its interface(s) in scope. It does not address: — the internal implementation of an IUT, such as a secure area in an mDL; — any functional requirements to an IUT not specified in ISO/IEC 18013-5, for example, requirements of a particular issuing authority; — non-functional aspects of the IUT, nor IUT interfaces not listed above, such as the interface from an issuing authority infrastructure to an mDL, used to provision mDL data.

  • Technical specification
    58 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 23220-2:2024(Main)
Cards and security devices for personal identification — Building blocks for identity management via mobile devices — Part 2: Data objects and encoding rules for generic eID systems

This document specifies data objects and encoding rules of generic eID-Systems in terms of building blocks for mobile document system infrastructures, and standardizes generic data models for data exchanges between mdoc apps and verification applications. This document is applicable to entities involved in specifying, architecting, designing, testing, maintaining, administering, and operating a mobile eID-System in parts or as a whole.

  • Technical specification
    24 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 25219:2024(Main)
Personal identification — ISO-compliant driving licence — Considerations for early adopters of ISO/IEC 18013-7

This document specifies considerations that can be of use to implementers and developers that elect to participate in work around updates to ISO/IEC TS 18013-7. These considerations are intended to support the improvements, to maximize backward compatibility and to, at minimum, maintain the security and privacy properties already embodied in ISO/IEC TS 18013-7.

  • Technical report
    3 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 18013-7:2024(Main)
Personal identification — ISO-compliant driving licence — Part 7: Mobile driving licence (mDL) add-on functions

This document augments the capabilities of the mobile driving licence (mDL) standardized in ISO/IEC 18013-5 with the following additional functionality: — presentation of a mobile driving licence to a reader over the internet.

  • Technical specification
    39 pages
    English language
    sale 15% off