ASC/X9 - ANSI X9.24 PT 2
Retail Financial Services Symmetric Key Management Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys
|Publication Date:||25 November 2016|
This part of ANS X9.24 covers the establishment of device initial trust and management of keying material used for financial services such as point of sale (POS) transactions, automatic teller machine (ATM) transactions, messages among terminals and financial institutions, and interchange messages among acquirers, switches and card issuers. The scope of this part of X9.24 may apply to Internet-based transactions, but only when such applications include the use of a SCD (as defined in section 7.2 of ANS X9.24 Part 1) to protect the private and symmetric keys.
This part of ANS X9.24 deals with management of symmetric keys using asymmetric techniques and storage of asymmetric private keys using symmetric keys. Additional parts may be created in the future to address other methods of key management. This part of ANS X9.24 specifies the minimum requirements for the management of asymmetric keying material and symmetric keys used for ensuring the confidentiality and integrity of the private keys of asymmetric key pairs when stored as cryptograms on a database. Addressed are all components of the key management life cycle including generation, distribution, utilization, storage, archiving, replacement and destruction. Requirements for actions to be taken in the event of key compromise are also addressed. This part of ANS X9.24 presents overviews of the keys involved in the key transport and key agreement protocols, referencing other ANSI standards where applicable.
The financial services industry desires an additional and cost effective method of implementing symmetric key distribution at remote devices and between communicating pairs. Compliant implementation of the requirements stated in ANS X9.24 Part 1 for the secure management of symmetric keys requires (among other things) unique keys per device and strict enforcement of dual control and split knowledge processes for handling the full-length (i.e., not concatenated) keying material deployed to remote devices or established between communicating pairs. Historically, compliant implementation of key distribution has been a manually performed, physically on-site process that is difficult to manage, costly, and/or non-existent (i.e., not compliant). An automated rather than manual method of distributing symmetric keys could address these issues and could result in improved security of the financial services networked environment.
The use of public key cryptography and associated asymmetric key algorithms is one proposed solution for automated remote symmetric key distribution. Unlike clear symmetric keys which are to be protected from disclosure at all times during their key life cycle, the clear public keys of the asymmetric key pairs may be exchanged over open networks. This characteristic allows for automated distribution from a remote location and may eliminate the above issues associated with manual key loading. Once distributed, the protocols associated with the asymmetric algorithms may be used to establish the symmetric key, and may eliminate the manual symmetric key loading process and its associated risks. There are two such protocols for establishing the symmetric key. The key transport protocol may be used by the sender to encrypt and transport the symmetric key to the receiver. The key agreement protocol may be used to mutually derive the symmetric key.
The security and reliability of any process based on public key algorithms is directly dependent on the protection afforded to the secrecy of each key pair's associated private key and the integrity of the key pair and Public Key Infrastructure (PKI) environment under which those key pairs are created and managed. Key modulus sizes and the underlying mathematics of the asymmetric key algorithms should also be considered as factors in the overall security of the implementation. The public key validation is a very important security aspect. Implementation of the system includes measures to prevent man-in-the-middle attacks on the system, and ensure the mutual authentication of the sender and receiver of the keys.
This part of ANS X9.24 establishes requirements and guidelines for the secure management and application-level interoperability of such automated keying operations. This part of this standard addresses symmetric keys managed with asymmetric keys, and asymmetric keys managed with symmetric keys (as in the storage of private keys encrypted with a symmetric master key for storage as cryptograms on a local database). This part of ANS X9.24 does NOT address using asymmetric keys to encrypt the Personal Identification Number (PIN) and does NOT address asymmetric keys managed with asymmetric keys.