- Latest available (Revised)
- Original (As adopted by EU)
Commission Implementing Regulation (EU) 2016/799 of 18 March 2016 implementing Regulation (EU) No 165/2014 of the European Parliament and of the Council laying down the requirements for the construction, testing, installation, operation and repair of tachographs and their components (Text with EEA relevance)
After exit day there will be three versions of this legislation to consult for different purposes. The legislation.gov.uk version is the version that applies in the UK. The EU Version currently on EUR-lex is the version that currently applies in the EU i.e you may need this if you operate a business in the EU.
The web archive version is the official version of this legislation item as it stood on exit day before being published to legislation.gov.uk and any subsequent UK changes and effects applied. The web archive also captured associated case law and other language formats from EUR-Lex.
There are outstanding changes not yet made to Commission Implementing Regulation (EU) 2016/799. Any changes that have already been made to the legislation appear in the content and are referenced with annotations.
Revised legislation carried on this site may not be fully up to date. Changes and effects are recorded by our editorial team in lists which can be found in the ‘Changes to Legislation’ area. Where those effects have yet to be applied to the text of the legislation by the editorial team they are also listed alongside the legislation in the affected provisions. Use the ‘more’ link to open the changes and effects relevant to the provision you are viewing.
Note: readers of this section are supposed to be familiar with the contents of [ISO 16844-3] describing the interface between a vehicle unit and a motion sensor. The pairing process between a VU and a motion sensor is described in detail in chapter 12 of this Appendix.U.K.
Table 3 | ||||
Keys for securing vehicle unit — motion sensor communication | ||||
a Storage of KM and KID is optional, as these keys can be derived from KM-VU, KM-WC and CV. | ||||
Key | Symbol | Generated by | Generation method | Stored by |
---|---|---|---|---|
Motion Sensor Master Key — VU part | KM-VU | ERCA | Random | ERCA, MSCAs involved in issuing VUs certificates, VU manufacturers, vehicle units |
Motion Sensor Master Key — Workshop part | KM-WC | ERCA | Random | ERCA, MSCAs, card manufacturers, workshop cards |
Motion Sensor Master Key | KM | Not independently generated | Calculated as KM = KM-VU XOR KM-WC | ERCA, MSCAs involved in issuing motion sensors keys (optionally)a |
Identification Key | KID | Not independently generated | Calculated as KID = KM XOR CV, where CV is specified in CSM_106 | ERCA, MSCAs involved in issuing motion sensors keys (optionally)a |
Pairing Key | KP | Motion sensor manufacturer | Random | One motion sensor |
Session Key | KS | VU (during pairing of VU and motion sensor) | Random | One VU and one motion sensor |
Note: The version number is used to distinguish different generations of these keys, as explained in detail in section 9.2.1.2.U.K.
[F1For 128-bit motion sensor master keys: CV = ‘ B6 44 2C 45 0E F8 D3 62 0B 7A 8A 97 91 E4 5D 83 ’]
For 192-bit motion sensor master keys: CV = ‘72 AD EA FA 00 BB F4 EE F4 99 15 70 5B 7E EE BB 1C 54 ED 46 8B 0E F8 25’
For 256-bit motion sensor master keys: CV = ‘1D 74 DB F0 34 C7 37 2F 65 55 DE D5 DC D1 9A C3 23 D6 A6 25 64 CD BE 2D 42 0D 85 D2 32 63 AD 60’
Textual Amendments
Note: the constant vectors have been generated as follows:U.K.
Pi_10 = first 10 bytes of the decimal portion of the mathematical constant π = ‘24 3F 6A 88 85 A3 08 D3 13 19’
CV_128-bits = first 16 bytes of SHA-256(Pi_10)
CV_192-bits = first 24 bytes of SHA-384(Pi_10)
CV_256-bits = first 32 bytes of SHA-512(Pi_10)
Note: as explained in section 9.2.1.2, in fact a motion sensor manufacturer may have to generate multiple unique pairing keys for a single motion sensor.U.K.
Note: as explained in section 9.2.1.2, in fact a motion sensor manufacturer may have to insert multiple encrypted pairing keys and multiple encrypted serial numbers in a single motion sensor.U.K.
Note: doing so will allow a second-generation motion sensor to be coupled to a first-generation VU.U.K.
Figure 2
Issuance and usage of different generations of the motion sensor master key in vehicle units, motions sensors and workshop cards
Note: this implies that in the last year of the validity period of an ERCA certificate, workshop cards will be issued with three different generations of KM-WC, as shown in Figure 2.U.K.
Note: This implies that in the last year of the validity period of an ERCA certificate, motion sensors will be issued with encrypted data based on three different generations of KM, as shown in Figure 2.U.K.
Note: In case the motion sensor manufacturer chooses to generate a TDES-based pairing key for a second-generation motion sensor (see CSM_111), the manufacturer shall indicate to the MSCA that the TDES-based motion sensor master key must be used for encrypting this pairing key. This is because the length of a TDES key may be equal to that of an AES key, so the MSCA cannot judge from the key length alone.U.K.
Note: The version number is used to distinguish different generations of the DSRC master key, as explained in detail in section 9.2.2.2.U.K.
This VU serial number shall be identical to the vuSerialNumber element of VuIdentification, see Appendix 1 and to the Certificate Holder Reference in the VU’s certificates.
The VU serial number may not be known at the moment a vehicle unit manufacturer requests the VU-specific DSRC keys. In this case, the VU manufacturer shall send instead the unique certificate request ID it used when requesting the VU’s certificates; see CSM_153. This certificate request ID shall therefore be equal to the Certificate Holder Reference in the VU’s certificates.]
Step 1 (Extract):
PRK = HMAC-Hash (salt, IKM) where salt is an empty string ‘’ and IKM is KMDSRC.
Step 2 (Expand):
OKM = T(1), where
T(1) = HMAC-Hash (PRK, T(0) || info || ‘01’) with
T(0) = an empty string (‘’)
[F1info = VU serial number or certificate request ID, as specified in CSM_123]
K_VUDSRC_ENC = first L octets of OKM and
K_VUDSRC_MAC = last L octets of OKM
where L is the required length of K_VUDSRC_ENC and K_VUDSRC_MAC in octets.
Note: as explained in section 9.2.2.2, in fact multiple generations of KMDSRC may have to be inserted in a single workshop card or control card.U.K.
Figure 3
Issuance and usage of different generations of the DSRC master key in vehicle units, workshop cards and control cards
Note: this implies that in the last two years of the validity period of an ERCA certificate, control cards will be issued with three different generations of KMDSRC, as shown in Figure 3.U.K.
Note: this implies that in the last year of the validity period of an ERCA certificate, workshop cards will be issued with three different generations of KMDSRC, as shown in Figure 3.U.K.
The Whole Regulation you have selected contains over 200 provisions and might take some time to download. You may also experience some issues with your browser, such as an alert box that a script is taking a long time to run.
Would you like to continue?
The Schedules you have selected contains over 200 provisions and might take some time to download. You may also experience some issues with your browser, such as an alert box that a script is taking a long time to run.
Would you like to continue?
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As adopted by EU): The original version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
Geographical Extent: Indicates the geographical area that this provision applies to. For further information see ‘Frequently Asked Questions’.
Show Timeline of Changes: See how this legislation has or could change over time. Turning this feature on will show extra navigation options to go to these specific points in time. Return to the latest available version by using the controls above in the What Version box.
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
This timeline shows the different versions taken from EUR-Lex before exit day and during the implementation period as well as any subsequent versions created after the implementation period as a result of changes made by UK legislation.
The dates for the EU versions are taken from the document dates on EUR-Lex and may not always coincide with when the changes came into force for the document.
For any versions created after the implementation period as a result of changes made by UK legislation the date will coincide with the earliest date on which the change (e.g an insertion, a repeal or a substitution) that was applied came into force. For further information see our guide to revised legislation on Understanding Legislation.
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
Click 'View More' or select 'More Resources' tab for additional information including: