Keycorp Limited - Glossary of terms

ALU: The Application Load Unit (ALU) contains the code and static data of an application (minimum). The ALU can also include FCI information, a directory file entry, a KTU and an application signature. In practice, all applications in the field will include an application signature. This prevents unauthorised tampering with the code or data of the application between the application source and loading on the card. ATR: An Answer to Reset (ATR) is a string of characters generated by a card following a reset. It is normally a standard format specified by ISO7816. MULTOS has the capability of generating a "dual" ATR. That is, the ATR differs in response to a warm reset and a cold reset. A cold reset is the first reset following application of power. A warm reset is a subsequent reset when power has been continually applied. DPA: Dynamic Power Analysis is a security attack and is based on the analysis of the power supply current, or some other activity measure. That analysis is used to gain information about the processor activity and, from there, cryptographic keys. For more information, see Cryptography Research. DPA resistance in Keycorp MULTOS is provided by Infineon hardware and software techniques. The MULTOS retry count (rcount) mechanism where repeated failed attempts on a security mechanism (eg, application create) will lead to that function being disabled limits information that can be gained by DPA. Application developers should consider the use of retry counts in their applications to prevent DPA attack on application secret keys. Contact Infineon for details on their DPA defence methods. KTU: A Key Transformation Unit (KTU) is part of the application load unit (ALU). The KTU contains information that allows the decryption of secret parts of the ALU code or data. The KTU is itself encrypted using the card-specific public key. The card-specific key for any card can be obtained from the MAOSCO CA or from the response to any open command to the card. The KTU allows application confidentiality. MCPA: MasterCard Payment Application is Mastercard's implementation of EMV and is now known as M/Chip Select. Other implementations of EMV (eg, UKIS) have also been developed for MULTOS. PPS (or PTS): PPS (protocol selection) is the ability of a card to respond to a protocol type selection (PTS) command which follows an ATR. If a card allows, a PPS command can change communications parameters such as baud rate. Note: PPS and PTS are equivalent terms from different versions of the ISO7816 specifications. The term PPS is now the most current form of expression, rather than PTS.