Retail Financial Services Symmetric Key Management Part 3: Derived Unique Key Per Transaction
|Publication Date:||11 October 2017|
This part of the standard describes the AES DUKPT algorithm, which is used to derive key(s) from an initial terminal DUKPT key based on the transaction number. Derived keys can be used for a variety of functions, such as encryption of PINs, data or other keys, for derivation of other keys, for message authentication, etc. AES DUKPT supports the derivation of AES-128, AES-192, AES-256, and double and triple length TDEA keys from AES-128, AES-192, and AES-256 initial keys.
This key management standard, utilized in conjunction with the Advanced Encryption Standard (AES) (see Reference 4), is used to manage symmetric keys that can be used to protect messages and other sensitive information in a financial services environment. The security and reliability of any process based on AES is directly dependent on the protection afforded to secret parameters called cryptographic keys.
This standard specifies the requirements and guidelines for the generation of unique transactions key(s) from an initial terminal key, in such a way that (1) the terminal does not preserve any information that could be used to derive the transaction key after the transaction has been completed, and (2) the host security module can derive the same transaction key(s) using a bounded number of cryptographic operations.
This standard describes an update to the original a Derived Unique Key Per Transaction (DUKPT) algorithm method based on TDEA (described in Annex C), which is based on AES and has a number of other security improvements. Keys can be derived for use with either the AES or TDEA algorithm. The implementation described in this standard is recommended for new DUKPT implementations.
The original double length key TDEA DUKPT implementation as described in Annex A of Reference 2 is included in Annex C of this document.