没有合适的资源?快使用搜索试试~ 我知道了~
ANS X9.24-1:2009
5星 · 超过95%的资源 需积分: 10 75 下载量 121 浏览量
2012-08-08
10:36:24
上传
评论 2
收藏 632KB PDF 举报
温馨提示
试读
92页
Retail Financial Services Symmetric Key Management
资源推荐
资源详情
资源评论
American National Standard
for Financial Services
ANS X9.24-1:2009
Retail Financial Services
Symmetric Key Management
Part 1: Using Symmetric Techniques
Secretariat
Accredited Standards Committee X9, Inc.
Approved: October 13, 2009
American National Standards Institute
Licensed to George Jiang. ANSI order X_170098. Downloaded 4/28/2010 11:40 AM. Single user license only. Copying and networking prohibited.
Licensed to George Jiang. ANSI order X_170098. Downloaded 4/28/2010 11:40 AM. Single user license only. Copying and networking prohibited.
ANS X9.24-1:2009
© 2009 – All rights reserved
i
Foreword
Approval of an American National Standard requires verification by ANSI that the requirements for due process,
consensus, and other criteria for approval have been met by the standards developer.
Consensus is established when, in the judgment of the ANSI Board of Standards Review, substantial agreement
has been reached by directly and materially affected interests. Substantial agreement means much more than a
simple majority, but not necessarily unanimity. Consensus requires that all views and objections be considered,
and that a concerted effort be made toward their resolution.
The use of American National Standards is completely voluntary; their existence does not in any respect preclude
anyone, whether he has approved the standards or not from manufacturing, marketing, purchasing, or using
products, processes, or procedures not conforming to the standards.
The American National Standards Institute does not develop standards and will in no circumstances give an
interpretation of any American National Standard. Moreover, no person shall have the right or authority to issue an
interpretation of an American National Standard in the name of the American National Standards Institute.
Requests for interpretation should be addressed to the secretariat or sponsor whose name appears on the title
page of this standard.
CAUTION NOTICE: This American National Standard may be revised or withdrawn at any time. The procedures
of the American National Standards Institute require that action be taken to reaffirm, revise, or withdraw this
standard no later than five years from the date of approval.
Published by
Accredited Standards Committee X9, Incorporated
Financial Industry Standards
1212 West Street, Suite 200
Annapolis, MD 21401 USA
X9 Online http://www.x9.org
Copyright 2009 Accredited Standards Committee X9, Inc.
All rights reserved.
No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, without
prior written permission of the publisher. Printed in the United States of America.
Licensed to George Jiang. ANSI order X_170098. Downloaded 4/28/2010 11:40 AM. Single user license only. Copying and networking prohibited.
ANS X9.24-1:2009
© 2009 – All rights reserved
ii
Contents
Foreword ...................................................................................................................................................................... i
Figures........................................................................................................................................................................ iv
Tables .......................................................................................................................................................................... v
Introduction................................................................................................................................................................ vi
1 Purpose ........................................................................................................................................................ 17
2 Scope ............................................................................................................................................................ 17
2.1 Application ................................................................................................................................................... 17
3 References ................................................................................................................................................... 18
4 Terms and Definitions................................................................................................................................. 18
5 Standard Organization ................................................................................................................................ 24
6 Environment................................................................................................................................................. 24
6.1 General ......................................................................................................................................................... 24
6.2 Cardholder and Card Issuer ....................................................................................................................... 24
6.3 Card Acceptor .............................................................................................................................................. 24
6.4 Acquirer ........................................................................................................................................................ 25
7 Key Management Requirements ................................................................................................................ 25
7.1 General ......................................................................................................................................................... 25
7.2 Tamper-Resistant Security Modules (TRSM) used for Key Management.............................................. 26
7.3 A Secure Environment ................................................................................................................................ 28
7.4 Key Generation ............................................................................................................................................ 28
7.5 Symmetric Key Distribution........................................................................................................................ 28
7.5.1 Manual Distribution ..................................................................................................................................... 28
7.5.2 Key Initialization Facility ............................................................................................................................. 29
7.5.3 Key Loading Device..................................................................................................................................... 29
7.6 Key Utilization .............................................................................................................................................. 29
7.7 Key Replacement......................................................................................................................................... 30
7.8 Key Destruction and Archival..................................................................................................................... 30
7.9 Key Encryption/Decryption......................................................................................................................... 30
8 Key Management Specifications................................................................................................................ 30
8.1 General ......................................................................................................................................................... 30
8.2 Methods of Key Management..................................................................................................................... 31
8.2.1 Key Management Methods Requiring Compromise Prevention Controls............................................. 31
8.2.2 Key Management Method Requiring Compromise Detection Controls................................................. 32
8.3 Key Identification Techniques.................................................................................................................... 32
8.3.1 Implicit Key Identification ........................................................................................................................... 32
8.3.2 Key Identification by Name......................................................................................................................... 32
8.4 Security Management Information Data (SMID) Element ........................................................................ 32
8.4.1 Notations, Abbreviations and Conventions.............................................................................................. 34
8.4.2 Representation............................................................................................................................................. 35
8.4.3 Key Naming .................................................................................................................................................. 37
8.5 Method: Fixed Transaction Keys ............................................................................................................... 38
8.5.1 SMID.............................................................................................................................................................. 38
Licensed to George Jiang. ANSI order X_170098. Downloaded 4/28/2010 11:40 AM. Single user license only. Copying and networking prohibited.
ANS X9.24-1:2009
© 2009 – All rights reserved
iii
8.5.2 Additional Key Management Requirements..............................................................................................39
8.5.3 Additional Notes ..........................................................................................................................................39
8.6 Method: Master Keys / Transaction Keys .................................................................................................39
8.6.1 SMID ..............................................................................................................................................................39
8.6.2 Additional Key Management Requirements..............................................................................................40
8.6.3 Additional Notes ..........................................................................................................................................40
8.7 Method: DUKPT (Derived Unique Key Per Transaction)..........................................................................41
8.7.1 SMID ..............................................................................................................................................................43
8.7.2 Additional Key Management Requirements..............................................................................................43
8.7.3 Additional Notes ..........................................................................................................................................44
Annex A (Informative) Derived Unique Key Per Transaction ............................................................................... 45
A.1 Storage Areas...............................................................................................................................................45
A.1.1 PIN Processing.............................................................................................................................................45
A.1.2 Key Management ......................................................................................................................................... 45
A.2 Processing Algorithms................................................................................................................................46
A.3 Key Management Technique ......................................................................................................................50
A.4 DUKPT Test Data Examples .......................................................................................................................54
A.4.1 Variants of the Current Key ........................................................................................................................55
A.4.2 Initial Sequence............................................................................................................................................58
A.4.3 MSB Rollover Sequence .............................................................................................................................62
A.4.4 Calculation and Storage of DUKPT Transaction Keys at the Terminal..................................................65
A.5 "Security Module" Algorithm For Automatic PIN Entry Device Checking .............................................68
A.6 Derivation Of The Initial Key.......................................................................................................................69
Annex B (Informative) SMID Examples................................................................................................................... 70
Annex C (Informative) Initial Key Distribution ....................................................................................................... 75
C.1 Overview of Key Management.................................................................................................................... 75
C.2 Objectives of initial key distribution ..........................................................................................................77
C.3 Requirements for initial key distribution...................................................................................................77
C.3.1 Key generation .............................................................................................................................................77
C.3.2 Key transport................................................................................................................................................78
C.3.3 Key insertion ................................................................................................................................................79
C.4 Implementation considerations..................................................................................................................80
C.4.1 Key generation .............................................................................................................................................81
C.4.2 Key transport................................................................................................................................................81
C.4.3 Key loading...................................................................................................................................................81
C.4.4 Protection of cryptographic devices .........................................................................................................82
C.4.5 Reloading of cryptographic devices..........................................................................................................84
C.5 Example of manual key distribution ..........................................................................................................84
C.6 Example of key loading controls at a manufacturer’s facility.................................................................87
Annex D (Informative) Key Set Identifiers ..............................................................................................................88
D.1 An Example Key Serial Number Format ....................................................................................................88
D.1.1 IIN - 3 Bytes - Issuer Identification Number ..............................................................................................89
D.1.2 CID - 1 Byte - Customer ID ..........................................................................................................................89
D.1.3 GID - 1 Byte - Group ID................................................................................................................................89
D.1.4 DID - 19 Bit Device ID ..................................................................................................................................89
D.1.5 TCTR - 21 Bit Transaction Counter............................................................................................................90
Licensed to George Jiang. ANSI order X_170098. Downloaded 4/28/2010 11:40 AM. Single user license only. Copying and networking prohibited.
剩余91页未读,继续阅读
nd_hui
- 粉丝: 0
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 人工智能ai相关教学课程快
- Suno的冲击-AI音乐来了-学习备用.pdf
- KIMI大模型浏览器插件
- b61fa64a08a02de0e0d49d53bb84c444.amr
- 分布式系统中Java后端开发技术及其应用实践.pdf
- 5ffd9193f6aec31bbf16030a46680dc7.avi
- DA14531-蓝牙传感器连接传输数据固件
- 极限存在准则与两个重要极限
- logisim实验MIPS运算器(ALU)设计(内含4位先行进位74182、四位快速加法器、32位快速加法器)-Educoder_logisim里面连线,实现4位先行进位74182和4位快速加法器-C
- 高等数学第一章第二节数列的极限
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
- 1
- 2
前往页