Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance) (c. 799)

Please note that the date you requested in the address for this web page is not an actual date upon which a change occurred to this item of legislation. You are being shown the legislation from , which is the first date before then upon which a change was made.

ANNEX I CU.K. Requirements for construction, testing, installation, and inspection

Appendix 11

COMMON SECURITY MECHANISMS U.K.

PART BU.K. SECOND-GENERATION TACHOGRAPH SYSTEM

8.CRYPTOGRAPHIC SYSTEMS AND ALGORITHMSU.K.

8.1. Cryptographic Systems U.K.

CSM_38Vehicle units and tachograph cards shall use an elliptic curve-based public-key cryptographic system to provide the following security services:U.K.

mutual authentication between a vehicle unit and a card,
agreement of AES session keys between a vehicle unit and a card,
ensuring the authenticity, integrity and non-repudiation of data downloaded from vehicle units or tachograph cards to external media.

CSM_39Vehicle units and external GNSS facilities shall use an elliptic curve-based public-key cryptographic system to provide the following security services:U.K.

coupling of a vehicle unit and an external GNSS facility,
mutual authentication between a vehicle unit and an external GNSS facility,
agreement of an AES session key between a vehicle unit and an external GNSS facility.

CSM_40Vehicle units and tachograph cards shall use an AES-based symmetric cryptographic system to provide the following security services:U.K.

ensuring authenticity and integrity of data exchanged between a vehicle unit and a tachograph card,
where applicable, ensuring confidentiality of data exchanged between a vehicle unit and a tachograph card.

CSM_41Vehicle units and external GNSS facilities shall use an AES-based symmetric cryptographic system to provide the following security services:U.K.

ensuring authenticity and integrity of data exchanged between a vehicle unit and an external GNSS facility.

CSM_42Vehicle units and motion sensors shall use an AES-based symmetric cryptographic system to provide the following security services:U.K.

pairing of a vehicle unit and a motion sensor,
mutual authentication between a vehicle unit and a motion sensor,
ensuring confidentiality of data exchanged between a vehicle unit and a motion sensor.

CSM_43Vehicle units and control cards shall use an AES-based symmetric cryptographic system to provide the following security services on the remote communication interface:U.K.

ensuring confidentiality, authenticity and integrity of data transmitted from a vehicle unit to a control card.

Notes: U.K.

—Properly speaking, data is transmitted from a vehicle unit to a remote interrogator under the control of a control officer, using a remote communication facility that may be internal or external to the VU, see Appendix 14. However, the remote interrogator sends the received data to a control card for decryption and validation of authenticity. From a security point of view, the remote communication facility and the remote interrogator are fully transparent.U.K.

—A workshop card offers the same security services for the DSRC interface as a control card does. This allows a workshop to validate the proper functioning of the remote communication interface of a VU, including security. Please refer to section 9.2.2 for more information.U.K.