This blog is all about changes introduced in EMV version 4.3.
Anyone having little knowledge of cryptography now knows that days of TDES are limited and industry is moving towards AES. Though this movement is slow because cost of replacing old hardware is too high. The same has happened with EMV as well. The major change in EMV v 4.3 is introduction of AES algorithm. All Issuer Master keys IMKs can now be AES keys which also means Master keys and session keys can now be AES keys. I believe this is not going to impact smart cards since they already support AES algorithm for quite some time. There are some changes in session key derivation data used to derive session master keys and session.
In my opinion, EMV should have increased the length of RSA keys to match the cryptographic strength of AES 128 bit keys but it is missing. Probably they are planning to move to ECC soon.
For details refer to EMV 4.3 books which are freely available for download.
Anyone having little knowledge of cryptography now knows that days of TDES are limited and industry is moving towards AES. Though this movement is slow because cost of replacing old hardware is too high. The same has happened with EMV as well. The major change in EMV v 4.3 is introduction of AES algorithm. All Issuer Master keys IMKs can now be AES keys which also means Master keys and session keys can now be AES keys. I believe this is not going to impact smart cards since they already support AES algorithm for quite some time. There are some changes in session key derivation data used to derive session master keys and session.
In my opinion, EMV should have increased the length of RSA keys to match the cryptographic strength of AES 128 bit keys but it is missing. Probably they are planning to move to ECC soon.
For details refer to EMV 4.3 books which are freely available for download.