x9 tr34–2012 interoperable method for distribution of ... · this document is registered as a...

© ASC X9, Inc. 2012– All rights reserved

X9 TR34–2012

Interoperable Method for Distribution of

Symmetric Keys using Asymmetric Techniques: Part 1 – Using Factoring-Based

Public Key Cryptography Unilateral Key Transport

A Technical Report prepared by: Accredited Standards Committee X9, Incorporated Financial Industry Standards

Registered with American National Standards Institute

Date Registered: August 28, 2012

American National Standards, Technical Reports and Guides developed through the Accredited Standards Committee X9, Inc., are copyrighted. Copying these documents for personal or commercial use outside X9 membership agreements is prohibited without express written permission of the Accredited Standards Committee X9, Inc. For additional information please contact ASC X9, Inc., 275 West Street, Suite 107, Annapolis, Maryland 21401.

This is a preview of "ASC X9 TR 34-2012". Click here to purchase the full version from the ANSI store.

https://webstore.ansi.org/Standards/ASCX9/ASCX9TR342012?source=preview

X9 TR34–2012

ii © ASC X9, Inc. 2012– All rights reserved

Contents Page

1 Scope ....................................................................................................................................................17

2 References ............................................................................................................................................18

3 Terms and definitions .........................................................................................................................18

4 Symbols and abbreviated terms ........................................................................................................18

5 Key Block Properties and Characteristics ........................................................................................23 5.1 Key Block Elements ............................................................................................................................23 5.2 Key Block Binding Method .................................................................................................................23 5.2.1 Secrecy .................................................................................................................................................25 5.2.2 Integrity and Authenticity ...................................................................................................................25 5.3 Key Block Header ................................................................................................................................25

6 Key Establishment Protocol – Unilateral Key Transport Method ...................................................26 6.1 Introduction ..........................................................................................................................................26 6.2 Bind / Unbind / Rebind States ............................................................................................................26 6.3 Unbind / Rebind Scenarios .................................................................................................................27 6.4 Parameters for Digital Signatures ......................................................................................................28 6.4.1 Digital Signatures ................................................................................................................................28 6.5 KDH Bind Phase ..................................................................................................................................28 6.5.1 Summary ...............................................................................................................................................28 6.5.2 Prepare KRD Credential Token (A1) ..................................................................................................28 6.5.3 Validate KRD Credential Token (B1) ..................................................................................................28 6.5.4 Prepare KDH Credential Token (B2) ..................................................................................................28 6.5.5 Validate KDH Credential (A2) ..............................................................................................................28 6.6 TDEA Symmetric Key Transport Phase ............................................................................................30 6.6.1 Summary ...............................................................................................................................................30 6.6.2 Generate Random Number Token (A1) .............................................................................................30 6.6.3 Receive Random Number Token (B1) ...............................................................................................30 6.6.4 Generate transported TDEA Symmetric Key (B2) ............................................................................30 6.6.5 Generate Ephemeral TDEA Symmetric Key (B3) ..............................................................................30 6.6.6 Encipher Key Block (B4) .....................................................................................................................30 6.6.7 Encipher Ephemeral Key (B5) ............................................................................................................31 6.6.8 Construct Key Token (B6) ...................................................................................................................31 6.6.9 Verify Key Token (A2) ..........................................................................................................................31 6.7 TDEA Symmetric Key Transport Phase - One-Pass Protocol Support ..........................................32 6.7.1 Summary ...............................................................................................................................................32 6.7.2 One-Pass Environment .......................................................................................................................32 6.7.3 Ensuring Message Freshness with TimeStamps .............................................................................32 6.7.4 Implementing TimeStamps .................................................................................................................33 6.7.5 Generate Transported TDEA Symmetric Key (B1) ...........................................................................33 6.7.6 Generate Ephemeral TDEA Symmetric Key (B2) ..............................................................................33 6.7.7 Encipher Key Block (B3) .....................................................................................................................33 6.7.8 Encipher Ephemeral Key (B4) ............................................................................................................33 6.7.9 Construct Key Token (B5) ...................................................................................................................33 6.7.10 Verify Key Token (A1) ..........................................................................................................................34 6.8 TDEA Symmetric Key Verification Phase ..........................................................................................35 6.8.1 Summary ...............................................................................................................................................35 6.8.2 Generate Key Check Value (A1) .........................................................................................................35



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved iii

6.8.3 Verify Key Check Value (B1) ............................................................................................................... 35 6.9 KDH Unbind Phase .............................................................................................................................. 36 6.9.1 Summary .............................................................................................................................................. 36 6.9.2 Generate Random Number Token (A1) ............................................................................................. 36 6.9.3 Receive Random Number Token (B1) ............................................................................................... 36 6.9.4 Generate Unbind Token (B2) .............................................................................................................. 36 6.9.5 Verify Unbind Token (A2) .................................................................................................................... 37 6.10 KDH Rebind Phase .............................................................................................................................. 38 6.10.1 Summary .............................................................................................................................................. 38 6.10.2 Generate Random Number Token (A1) ............................................................................................. 38 6.10.3 Receive Random Number Token (B1) ............................................................................................... 38 6.10.4 Generate Rebind Token (B2) .............................................................................................................. 38 6.10.5 Verify Rebind Token (A2) .................................................................................................................... 39 6.11 Higher Level Authority Unbind Phase ............................................................................................... 40 6.11.1 Summary .............................................................................................................................................. 40 6.11.2 Generate Random Number Token (A1) ............................................................................................. 40 6.11.3 Receive Random Number Token (B1) ............................................................................................... 40 6.11.4 Generate Unbind Token (B2) .............................................................................................................. 40 6.11.5 Verify Unbind Token (A2) .................................................................................................................... 41 6.12 Higher Level Authority Rebind Phase ............................................................................................... 42 6.12.1 Summary .............................................................................................................................................. 42 6.12.2 Generate Random Number Token (A1) ............................................................................................. 42 6.12.3 Receive Random Number Token (B1) ............................................................................................... 42 6.12.4 Generate Rebind Token (B2) .............................................................................................................. 42 6.12.5 Verify Rebind Token (A2) .................................................................................................................... 43

Annex A (Informative) Design Considerations ............................................................................................. 44 A.1 Assumptions and Constraints ........................................................................................................... 44 A.1.1 Assumptions ........................................................................................................................................ 44 A.1.2 Constraints ........................................................................................................................................... 44 A.2 Recommended Algorithms ................................................................................................................. 45 A.2.1 General ................................................................................................................................................. 45 A.2.2 Signature Algorithms .......................................................................................................................... 45 A.2.3 Encryption Algorithms ........................................................................................................................ 45 A.2.4 OAEP Parameters ................................................................................................................................ 45 A.2.5 Message Digest Functions ................................................................................................................. 46 A.2.6 Key Sizes and Characteristics ........................................................................................................... 47

Annex B (Informative) Cryptographic Message Encodings ........................................................................ 49 B.1 Overview ............................................................................................................................................... 49 B.2 Test Vectors ......................................................................................................................................... 49 B.2.1 Sample Keys ........................................................................................................................................ 49 B.2.2 Sample Data ......................................................................................................................................... 57 B.3 Root Certificate Authority Public Key Certificate ............................................................................. 72 B.4 CAKDH – Certificate Authority – KDH Certificate ............................................................................... 76 B.5 CAKRD – Certificate Authority – KRD Certificate ............................................................................... 80 B.6 CTKDH – The KDH Credential Token ................................................................................................... 84 B.7 CTKRD - The KRD Credential Token ................................................................................................... 90 B.8 KTKDH – The KDH Key Token – 1 Pass ............................................................................................... 94 B.8.1 1 Pass Key Token ................................................................................................................................ 96 B.9 KTKDH – The KDH Key Token – 2 Pass ............................................................................................. 101 B.9.1 2 Pass Key Token .............................................................................................................................. 103 B.10 RBTCA_UNBIND – Higher Level Authority Rebind Token .................................................................... 108 B.11 RBTKDH – KDH Rebind Token............................................................................................................ 115 B.12 RTKRD – KRD Random Number Token ............................................................................................. 124 B.13 UBTCA_UNBIND – Higher Level Authority Unbind Token.................................................................... 125 B.14 UBTKDH – KDH Unbind Token ........................................................................................................... 129



X9 TR34–2012

iv © ASC X9, Inc. 2012– All rights reserved

Annex C (Normative) ASN.1 Module for Object Identifiers .......................................................................134

Annex D (Normative) ASN.1 Module for TR34 CMS ....................................................................................136



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved v

Figures

Figure 1 — Comparison of TR-31 and TR-34 Key Binding Methods ....................................................................... 23

Figure 2 — Key Block Binding Method using CMS types ........................................................................................ 23

Figure 3 — Binding States ........................................................................................................................................ 27

Tables

Table 1 — KDH Response and Phase ..................................................................................................................... 26

Table 2 — Unbind / Rebind Scenarios ..................................................................................................................... 27

Table 3— KDH Bind Phase ...................................................................................................................................... 28

Table 4 — TDEA Symmetric Key Transport Phase ................................................................................................. 30

Table 5 - TDEA Symmetric Key Transport Phase - One-Pass Protocol .................................................................. 32

Table 6 — TDEA Symmetric Key Verification Phase ............................................................................................... 35

Table 7 — KDH Unbind Phase ................................................................................................................................. 36

Table 8 — KDH Rebind Phase ................................................................................................................................. 38

Table 9 — Higher Level Authority Unbind Phase ..................................................................................................... 40

Table 10 — Higher Level Authority Rebind Phase ................................................................................................... 42

Table 11 - Supported Signature Algorithms ............................................................................................................. 45

Table 12 - Supported Asymmetric Encryption Algorithms ........................................................................................ 45

Table 13 - Supported Message Digest Functions .................................................................................................... 46

Table 14 - Supported Key Sizes and Characteristics ............................................................................................... 47

Table 15 - Ephemeral Key types and Strengths ....................................................................................................... 47

Table 16 - Transported Key Types and Strengths ................................................................................................... 48



X9 TR34–2012

vi © ASC X9, Inc. 2012– All rights reserved

Foreword

Publication of this Technical Report that has been registered with ANSI has been approved by the Accredited Standards Committee X9, Incorporated, 275 West Street, Suite 107, Annapolis, MD 21401. This document is registered as a Technical Report according to the “Procedures for the Registration of Technical Reports with ANSI.” This document is not an American National Standard and the material contained herein is not normative in nature. Comments on the content of this document should be sent to: Attn: Executive Director, Accredited Standards Committee X9, Inc., 275 West Street, Suite 107, Annapolis, MD 21401,

Published by

Accredited Standards Committee X9, Incorporated

Financial Industry Standards

275 West Street, Suite 107

Annapolis, MD 21401 USA

X9 Online http://www.x9.org

Copyright © 2012 ASC X9, Inc.

All rights reserved.

No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, without prior written permission of the publisher. Published in the United States of America.



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved vii

Introduction

The retail financial transactions industry needs a cost effective way to distribute the symmetric key materials required for financial cryptography. Physically visiting a remote terminal to enter keys is costly and error prone. An interoperable cryptographic protocol to distribute these keys using public cryptography techniques can provide a secure, cost effective solution. Manufacturers of both key distribution hosts and key receiving devices can then embed this protocol in the communication protocols used to interface hosts and devices. This Technical Report is intended to give the reader an implementation that meets the requirements for secure key distribution as set forth in ANS X9.24 Retail Financial Services Symmetric Key Management Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys.

Suggestions for the improvement or revision of this Technical Report are welcome. They should be sent to the X9 Committee Secretariat, Accredited Standards Committee X9, Inc., Financial Industry Standards, 275 West Street, Suite 107, Annapolis, MD 21401 USA.

This Technical Report was processed and registered for submittal to ANSI by the Accredited Standards Committee on Financial Services, X9. Committee approval of the Technical Report does not necessarily imply that all the committee members voted for its approval.

The X9 committee had the following members:

Roy DeCicco, X9 Chairman

Claudia Swendseid, X9 Vice-Chairman

Cynthia Fuller, Executive Director

Organization Represented Representative

ACI Worldwide Doug Grote

Advance Auto Parts Anthony Johnson

American Bankers Association C. Diane Poole

American Express Company Vicky Sammons

Apriva Len Sutton

BAFT/IFSA Tod Burwell

Bank of America Daniel Welch

BP Products North America Robert Slimmer

Certicom Corporation Daniel Brown

Citigroup, Inc. Karla McKenna

CUSIP Service Bureau Gerard Faulkner

Deluxe Corporation Angela Hendershott

Department of the Treasury, Office of Financial Research Michael Donnelly

Diebold, Inc. Bruce Chapa

Discover Financial Services Michelle Zhang

Federal Reserve Bank Claudia Swendseid

First Data Corporation Rick Van Luvender

FIS Global Stephen Gibson-Saxty

Fiserv Dan Otten



X9 TR34–2012

viii © ASC X9, Inc. 2012– All rights reserved

FIX Protocol Ltd - FPL Jim Northey

Gilbarco Bruce Welch

Harland Clarke John McCleary

Hewlett Packard Larry Hines

Independent Community Bankers of America Viveca Ware

Ingenico John Spence

ISITC Genevy Dimitrion

J.P. Morgan Chase Roy DeCicco

Key Innovations Scott Spiker

KPMG LLP Mark Lundin

MagTek, Inc. Mimi Hart

MasterCard Europe Sprl Mark Kamers

NACHA The Electronic Payments Association Robert Unger

National Association of Convenience Stores Alan Thiemann

National Security Agency Paul Timmel

NCR Corporation Steve Stevens

RouteOne Travis Bully

SWIFT/Pan Americas Juliette Kennel

Symcor Inc. Brian Salway

TECSEC Incorporated Ed Scheidt

The Clearing House Sharon Jablon

U.S. Securities and Exchange Commission Paul Knight

USDA Food and Nutrition Service Kathy Ottobre

Vantiv LLC Patty Walters

VeriFone, Inc. Dave Faoro

VISA Kim Wagner

Wells Fargo Bank Mark Tiggas

Wincor Nixdorf Inc Ramesh Arunashalam

XAC Automation Corporation Chu Nei

XBRL US, Inc. Campbell Pryde



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved ix

The X9F subcommittee on Data & Information Security had the following members:

Ed Scheidt, X9F Chairman

Sandra Lambert, X9F Vice-Chairman

Organization Represented Representation

Acculynk John Herr


Advance Auto Parts Anthony Johnson

American Bankers Association Tom Judd


Apriva Paul Coppinger

Bank of America Andi Coleman


Burroughs Payments Systems, Inc. David J. Concannon


Citigroup, Inc. Chii-Ren Tsai

Communications Security Establishment Jonathan Hammell

Communications Security Establishment Tara Small

CUSIP Service Bureau Scott Preiss

DeLap LLP Darlene Kargel

Deluxe Corporation Angela Hendershott

Depository Trust and Clearing Corporation Robert Palatnick


Discover Financial Services Jordan Schaefer

Equinox Payments Gary Zempich

Federal Reserve Bank Deb Hjortland

First Data Corporation Rick Van Luvender

First National Bank of Omaha Kristi White

Fiserv Bud Beattie

GEOBRIDGE Corporation Jason Way


Harland Clarke John Petrie

Heartland Payment Systems Scott Meeker


IBM Corporation Todd Arnold

Independent Community Bankers of America Cary Whaley


ITS, Inc. (SHAZAM Networks) Manish Nathwani

J.P. Morgan Chase Glenn Benson



X9 TR34–2012

x © ASC X9, Inc. 2012– All rights reserved

K3DES LLC Azie Amini




Marriott International Jude Sylvestre

MasterCard Europe Sprl Michael Ward

Mustang Microsystems, Inc. Tami Harris


National Institute of Standards and Technology Elaine Barker


NCR Corporation Charlie Harrow

PCI Security Standards Council Troy Leach

Proofspace Paul Doyle

Rosetta Technologies Jim Maher

RSA, The Security Division of EMC Steve Schmalz

Security Innovation Mark Etzel

Security Innovation William Whyte

STAR Lilik Kazaryan

Surety, Inc. Dimitrios Andivahis



Thales e-Security, Inc. James Torjussen

The Clearing House Henry Farrar

Trustwave John Amaral

University Bank Michael Talley



VISA Kim Wagner

Voltage Security, Inc. Terence Spies

Wells Fargo Bank Jim Hinsey

Wincor Nixdorf Inc Ramesh Arunashalam

XAC Automation Corporation Chu Nei

Under ASC X9, Inc. procedures, a working group may be established to address specific segments of work under the ASC X9 Committee or one of its subcommittees. A working group exists only to develop standard(s) or technical report(s) in a specific area and is then disbanded. The individual experts are listed with their affiliated organizations. However, this does not imply that the organization has approved the content of the standard or technical report. (Note: Per X9 policy, company names of non-member participants are listed only if, at the time of publication, the X9 Secretariat received an original signed release permitting such company names to appear in print.)

The X9F6 Cardholder Authentication and ICC’s group which developed this technical report had the following members:

Scott Spiker, Chairman



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved xi

Sid Sidner, Project Editor

Dan Kinney, Project Editor

Organization Represented Representative

Acculynk John Herr

Acculynk Philip Patrick

ACI Worldwide Karl Brown

ACI Worldwide Charles Collins

ACI Worldwide Richard DuVall


ACI Worldwide Dan Kinney

ACI Worldwide Julie Samson

American Bankers Association Tom Judd

American Express Company William J. Gray


Apriva Len Sutton

Bank of America Dion Bellamy

Bank of America Peter Capraro

Bank of America Terrelle Carswell

Bank of America Andi Coleman

Bank of America Chris Schrick

Bank of America Jeff Stapleton

Bank of America Daniel Welch


Burroughs Payments Systems, Inc. David J. Concannon

Burroughs Payments Systems, Inc. Navnit Shah


Certicom Corporation Matt Campagna

Certicom Corporation John O. Goyo

Certicom Corporation Sandra Lambert

Cirque Inc. Keith Paulsen

Citigroup, Inc. Chii-Ren Tsai

Clearkey, Inc. Paul Reimer

CUSIP Service Bureau Scott Preiss

CUSIP Service Bureau James Taylor

DeLap LLP David Buchanan

DeLap LLP Stephen Case

DeLap LLP Darlene Kargel

Depository Trust and Clearing Corporation Robert Palatnick

Diebold, Inc. Rick Brunt


Diebold, Inc. Scott Harroff



X9 TR34–2012

xii © ASC X9, Inc. 2012– All rights reserved

Diebold, Inc. Anne Konecny

Diebold, Inc. Jessica Walpole

Discover Financial Services Mia Boom-Ibes

Discover Financial Services David Kloser

Discover Financial Services Jordan Schaefer

Discover Financial Services Michelle Zhang

Dresser Wayne Steven Bowles

Dresser Wayne Tom Chittenden

Dresser Wayne Tim Weston

Equinox Payments Mohammad Arif

Equinox Payments Alan Fong

Equinox Payments Gary Zempich

Federal Reserve Bank Jeremy Brotherton

Federal Reserve Bank Darin Contini

Federal Reserve Bank Pieralberto Deganello

Federal Reserve Bank Deb Hjortland

Federal Reserve Bank Mary Hughes

Federal Reserve Bank Kathleen Jacob

Federal Reserve Bank Joonho Lee

Federal Reserve Bank Mike Ram

Ferris and Associates, Inc. J. Martin Ferris

Ferris and Associates, Inc. Lynda R. Strickland

First Data Corporation Andrea Beatty

First Data Corporation Lisa Curry

First Data Corporation Lilik Kazaryan

First Data Corporation Brian Kean

First National Bank of Omaha Kristi White

Fiserv Bud Beattie

Fiserv Mary Bland

Fiserv Dennis Freiburg

Fiserv Dan Otten

Futurex Chris Hamlett

Futurex Jim Lambert

Futurex Ryan Smith

GEOBRIDGE Corporation Dean Macinskas

GEOBRIDGE Corporation Jason Way


Harland Clarke John McCleary

Harland Clarke John Petrie

Heartland Payment Systems Scott Meeker




X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved xiii

Hewlett Packard Susan Langford

IBM Corporation Todd Arnold

IBM Corporation Michael Kelly

Independent Community Bankers of America Cary Whaley

Ingenico Steve McKibben


ITS, Inc. (SHAZAM Networks) Manish Nathwani

J.P. Morgan Chase Bruce Geller

J.P. Morgan Chase Edward Koslow

J.P. Morgan Chase Kathleen Krupa

J.P. Morgan Chase Donna Meagher Gem

J.P. Morgan Chase Jackie Pagan

J.P. Morgan Chase Thomas Pageler

K3DES LLC Azie Amini

K3DES LLC James Richardson



MagTek, Inc. Terry Benson

MagTek, Inc. Jeff Duncan


MagTek, Inc. Larry Meyers

Marriott International Jude Sylvestre

MasterCard Europe Sprl Jeanne Moore

MasterCard Europe Sprl Susie Thompson

MasterCard Europe Sprl Michael Ward

Mustang Microsystems, Inc. Tami Harris

National Association of Convenience Stores Ann Seki


National Institute of Standards and Technology Elaine Barker

National Institute of Standards and Technology Lawrence Bassham III

National Institute of Standards and Technology William Burr

National Institute of Standards and Technology Lily Chen

National Institute of Standards and Technology David Cooper

National Institute of Standards and Technology Morris Dworkin

National Institute of Standards and Technology Randall Easter

National Institute of Standards and Technology Sharon Keller

National Institute of Standards and Technology Annabelle Lee

National Institute of Standards and Technology Fernando Podio


NCR Corporation Charlie Harrow

NCR Corporation Ali Lowden



X9 TR34–2012

xiv © ASC X9, Inc. 2012– All rights reserved

NCR Corporation David Norris

NCR Corporation Ron Rogers

NCR Corporation Steve Stevens

NCR Corporation Ally Whytock

PCI Security Standards Council Leon Fell

PCI Security Standards Council Troy Leach

PCI Security Standards Council Ralph Poore

Rosetta Technologies Jim Maher

RSA, The Security Division of EMC Steve Schmalz

SafeNet, Inc. Chris Dunn

SafeNet, Inc. Terry Fletcher

SafeNet, Inc. Skip Norton

SafeNet, Inc. Kuldeep Saini

SafeNet, Inc. Brett Thompson

Security Innovation Mark Etzel

Security Innovation Jeff Hoffstein

Security Innovation William Whyte

STAR Lisa Besack

STAR Scott Quinn

STAR Robert Ribble

Surety, Inc. Dimitrios Andivahis



TECSEC Incorporated Dr. Wai Tsang

TECSEC Incorporated Jay Wack

Thales e-Security, Inc. Colette Broadway

Thales e-Security, Inc. Jose Diaz

Thales e-Security, Inc. Tim Fox

Thales e-Security, Inc. James Torjussen

The Clearing House Henry Farrar

The Clearing House Susan Long

Trustwave John Amaral

Trustwave Tim Hollebeek

Trustwave Patrick McGregor

Trustwave Alexander Volynkin

University Bank Stephen Ranzini

University Bank Michael Talley

USDA Food and Nutrition Service Kathy Ottobre

Vantiv LLC Dick Bloss

Vantiv LLC Tom Humphrey

Vantiv LLC Scott Mackelprang



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved xv


Vantiv LLC Bill Weingart

Vantiv LLC James Zerfas

VeriFone, Inc. John Barrowman

VeriFone, Inc. LeAnn Brown

VeriFone, Inc. David Ezell


VeriFone, Inc. Chris Madden

VeriFone, Inc. Doug Manchester

VeriFone, Inc. Brad McGuinness

VeriFone, Inc. Joachim Vance

VISA Amy Brown

VISA Leon Fell

VISA Hap Huynh

VISA Tara Kissoon

VISA Chackan Lai

VISA Stoddard Lambertson

VISA Chris McDaniel

VISA John Sheets

VISA Michael Stefanich

VISA Johan Van Tilburg

VISA Kim Wagner

Voltage Security, Inc. Luther Martin

Voltage Security, Inc. Terence Spies

Voltage Security, Inc. Richard Sweeney

Wells Fargo Bank William Felts, IV

Wells Fargo Bank Andrew Garner

Wells Fargo Bank Jeff Jacoby

Wells Fargo Bank Brian Keltner

Wells Fargo Bank Eric Lengvenis

Wells Fargo Bank David Naelon

Wells Fargo Bank Brian Parks

Wells Fargo Bank Doug Pelton

Wells Fargo Bank Chuck Perry

Wells Fargo Bank Marv Peterson

Wells Fargo Bank Keith Ross

Wells Fargo Bank Mike Rudolph

Wells Fargo Bank Mark Tiggas

Wincor Nixdorf Inc Christoph Bruecher

Wincor Nixdorf Inc Andrea Carozzi

Wincor Nixdorf Inc Michael Nolte



X9 TR34–2012

xvi © ASC X9, Inc. 2012– All rights reserved

Wincor Nixdorf Inc Matthias Runowski

This document is the first release of this technical report.

This document is used in conjunction with ANSI X9.24-2.



X9 TR34–2012

© ASC X9, Inc. 2012– All rights reserved 17

Interoperable Method for Distribution of Symmetric Keys using Asymmetric Techniques: Part 1 – Using Factoring-Based Public Key Cryptography Unilateral Key Transport

1 Scope

This document describes a method consistent with the requirements of ANS X9.24-2 Retail Financial Services Symmetric Key Management - Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys for the secure exchange of keys using asymmetric techniques between two devices that share asymmetric keys. This method is designed to operate within the existing capabilities of devices used in the retail financial services industry.

This is an implementation of the Unilateral Key Transport Method defined in ANS X9.24-2.

This document is not a security standard and is not intended to establish security requirements. It is intended instead to provide an interoperable method of implementing security requirements and policies.

ANS X9.24-2 describes the security requirements for systems that distribute symmetric keys using asymmetric techniques. The security requirements are consistent across all systems; ANS X9.24-2 does not distinguish between types of systems or alter the security requirements depending upon the environment of the entities in the system. While this is the correct approach for security requirements, the implementation requirements on systems will vary depending upon the properties of the system.

This document specifies an interoperable method for one particular situation – the Distribution of Symmetric Keys using Asymmetric Techniques from a Single Key Distribution Host (KDH) to many Key Receiving Devices (KRDs). The KDH is assumed to be operated in a controlled environment (as specified in reference 4); the KRDs may operate in uncontrolled environments.

This interoperable method could also be used to exchange keys between peers, where one is administratively designated as the KDH and one as the KRD.

The KDH and the KRD are assumed to have an administrative understanding of the type and key characteristics of the symmetric key that is exchanged, as for a terminal master key. As such, the key exchanged is treated by this protocol as a binary blob.

This document uses the term KRD to denote the Key Receiving Device; The KRD is a Tamper Resistant Security Module (TRSM) such as a PIN Encrypting Device (PED), a Encrypting PIN PAD (EPP), or a Host Security Module (HSM).

Within the confines of this protocol, the KRD can only respond to commands from a KDH, i.e. the KRD is a slave KRD.



x9 tr34–2012 interoperable method for distribution of ... · this document is registered as a...

Documents