ISO IEC 7816-8-2021 amd1-2023 PDF

Full title and description

ISO/IEC 7816-8:2021/Amd 1:2023 — Identification cards — Integrated circuit cards — Part 8: Commands and mechanisms for security operations — Amendment 1: Interoperability for the interchange of security operations using quantum‑safe cryptography. This amendment provides interoperability specifications and extensions to ISO/IEC 7816‑8:2021 to support the interchange of security operations that use quantum‑safe (post‑quantum) cryptographic algorithms and related data structures.

Abstract

This amendment updates ISO/IEC 7816‑8:2021 by adding interoperability provisions for security operations that employ quantum‑safe cryptographic mechanisms. It specifies how existing interindustry commands and mechanisms (as defined in part 8 and in conjunction with ISO/IEC 7816‑4) may be extended or profiled to carry quantum‑safe algorithm identifiers, parameter sets, key formats and associated data to enable secure, interoperable exchange of cryptographic material and operations between integrated circuit cards and external entities.

General information

• Status: Published
• Publication date: November 2023
• Publisher: International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) — JTC 1/SC 17
• ICS / categories: 35.240.15 (Identification cards; smart cards)
• Edition / version: Edition 5 (base standard ISO/IEC 7816‑8:2021) — Amendment 1 (2023)
• Number of pages: 48

Scope

This amendment applies to ISO/IEC 7816‑8:2021 and defines interoperability requirements and clarifications necessary to support the interchange of security operations using quantum‑safe cryptography. It focuses on command-level and data‑format extensions, identification of quantum‑safe algorithm families and parameter sets, and procedures needed to ensure cards and hosts can interoperate when performing security operations that rely on post‑quantum primitives. It does not prescribe which quantum‑safe algorithms to use for a given application nor address internal implementation details beyond interfaces and formats.

Key topics and requirements

• Interoperability extensions to existing ISO/IEC 7816‑8 commands to carry quantum‑safe algorithm identifiers and parameters.
• Data element and key/certificate format definitions or profiles for quantum‑safe public keys and signatures suitable for smart card interchange.
• Procedures for import/export and usage of quantum‑safe keys within the context of security operations defined by part 8.
• Backward compatibility and coexistence guidance so cards and hosts supporting classical and quantum‑safe operations can interoperate.
• Conformance considerations and examples illustrating typical usage patterns for quantum‑safe security operations on integrated circuit cards.

Typical use and users

Primary users include smart‑card and secure element manufacturers, payment‑scheme and banking system integrators, national ID and passport authorities, secure element firmware and middleware developers, PKI and HSM vendors, security architects planning migration to quantum‑safe algorithms, and conformity assessment laboratories. The amendment is used when adding or validating support for post‑quantum cryptography in card‑based security operations and interfaces.

Related standards

Closely related documents include ISO/IEC 7816‑8:2021 (base part), ISO/IEC 7816‑4 (organization, security and commands for interchange), ISO/IEC 7816‑13 (application management in multi‑application environments), ISO/IEC 7816‑15 (cryptographic information application), and other parts of the ISO/IEC 7816 series that define data elements and command frameworks for smart cards. Implementers should also consider relevant post‑quantum algorithm standards and guidance from national/industry cryptography migration documents when applying this amendment.

Keywords

ISO/IEC 7816, smart card, integrated circuit card, security operations, commands, quantum‑safe, post‑quantum cryptography, interoperability, amendment 2023, key formats, data elements

FAQ

Q: What is this standard?

A: It is Amendment 1 (2023) to ISO/IEC 7816‑8:2021, adding interoperability provisions to Part 8 (commands and mechanisms for security operations) so that integrated circuit cards and external entities can interchange security operations using quantum‑safe cryptography.

Q: What does it cover?

A: The amendment covers command extensions, data element and key/certificate format profiles, algorithm and parameter identification, and procedures needed to enable interoperable quantum‑safe security operations over the interfaces and command set defined by ISO/IEC 7816‑8 and related parts.

Q: Who typically uses it?

A: Smart‑card and secure element manufacturers, payment and identity system integrators, firmware and middleware developers, PKI/HSM vendors, security architects planning post‑quantum migration, and conformity testers use this amendment to design, implement and validate quantum‑safe capabilities on cards and in host systems.

Q: Is it current or superseded?

A: This amendment was published in November 2023 as an update to ISO/IEC 7816‑8:2021. It is a published amendment and remains current as an amendment to the 2021 edition; implementers should check national or organizational repositories for any later revisions or additional amendments after November 2023.

Q: Is it part of a series?

A: Yes — it is part of the ISO/IEC 7816 series (Identification cards — Integrated circuit cards), maintained by ISO/IEC JTC 1/SC 17. It specifically amends part 8 of that series and should be used alongside other relevant parts (for example parts 4, 13 and 15) when implementing card security and cryptographic information interchange.

Q: What are the key keywords?

A: Smart card, integrated circuit card, security operations, commands, quantum‑safe cryptography, post‑quantum, interoperability, ISO/IEC 7816‑8, amendment 2023.