A. Field of the Invention
The present invention relates to a method for setting up a secured communication channel between a portable data carrier and a terminal on the basis of an asymmetric crypto system as well as to a correspondingly adapted portable data carrier.
B. Related Art
A secured data communication between a portable data carrier, for example a chip card, and a terminal adapted for the communication with the data carrier is effected via a secured communication channel, by the transmitted data being transmitted in an encrypted manner. The data transmission here can be effected in a contact-type or contactless manner. An efficient and secure encryption is ensured by means of known symmetric encryption techniques, for example AES, DES or the like. However, for this, the exchange of a secret key between the two partners is necessary.
This exchange is normally effected by means of an asymmetric method, for example the Diffie-Hellman key exchange method. Such an asymmetric method, with which public keys of a corresponding crypto system are transmitted via an insecure communication channel, is vulnerable to so-called man-in-the-middle attacks (MIM). Here, an attacker eavesdrops on the unsecured communication channel and pretends vis-à-vis each of the two communication partners to be the respective other one, without this being recognizable to the two communication partners. In this way the attacker can eavesdrop on the entire data communication and also manipulate it, in particular can obtain an exchanged “secret” key and with this manipulate the following data communication between the data carrier and the terminal.
It is the object of the present invention to support the setting up of a secured communication channel between a portable data carrier and a terminal, in particular to make man-in-the-middle attacks against the communication channel more difficult.