🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS ISO 11568:2023

BS ISO 11568:2023

$215.11

Financial services. Key management (retail)

Published By Publication Date Number of Pages
BSI 2023 124
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

PDF Catalog

PDF Pages PDF Title
2 National foreword
7 Foreword
8 Introduction
9 1 Scope
1.1 General
1.2 Scope exclusions
2 Normative references
10 3 Terms and definitions
20 4 Key management requirements
4.1 General
4.1.1 Key management strategy
4.1.2 Dual control and split knowledge of secret or private keys
4.1.3 Permissible key forms
22 4.1.4 Logging
4.1.5 Cryptographic strength
23 4.1.6 Key locations
4.1.7 Single-purpose key usage
25 4.2 Secure cryptographic device
4.2.1 General requirements
26 4.2.2 Additional SCD requirements for devices used in SKDAT
27 4.3 Additional CA requirements
4.4 Additional RA requirements
28 4.5 Key blocks
4.5.1 Overview of key blocks
29 4.5.2 Key attributes
4.5.3 Integrity of the key block
4.5.4 Key and sensitive attributes field
30 4.6 Key creation
4.6.1 Symmetric key creation
31 4.6.2 Asymmetric key creation
4.7 Key component and key share creation
32 4.8 Check values
4.8.1 Introduction
4.8.2 Symmetric key check value calculation
33 4.8.3 Asymmetric key check value calculation
4.9 Key distribution
4.9.1 Symmetric key distribution
36 4.9.2 SKDAT asymmetric key distribution
38 4.10 Key loading
4.10.1 General
39 4.10.2 Loading key components or shares
4.11 Key utilization
4.11.1 General key utilization requirements
40 4.11.2 Additional key utilization requirements for SKDAT
41 4.12 Key storage
4.12.1 Cleartext key component and share storage
4.12.2 Public key storage
4.13 Key replacement
42 4.14 Key destruction
4.14.1 General
43 4.14.2 Key destruction from an SCD
4.14.3 Destruction of a key in cryptogram form
4.14.4 Component and share destruction
4.15 Key backup
44 4.16 Key archiving
4.17 Key compromise
46 5 Transaction key management techniques
5.1 General
5.2 Method: master keys or transaction keys
5.3 Derived unique key per transaction
5.3.1 General
47 5.3.2 DUKPT key management
49 5.3.3 Unique initial keys
50 5.3.4 AES DUKPT
53 5.3.5 KSN compatibility mode
54 5.3.6 Derived key OIDs
5.3.7 Keys and key sizes
55 5.3.8 Helper functions and definitions
56 5.3.9 Key derivation function algorithm
57 5.3.10 Derivation data
58 5.3.11 “Create Derivation Data” (local subroutine)
59 5.3.12 Security considerations
60 5.3.13 Host security module algorithm
61 5.3.14 General
5.3.15 “Derive Initial Key”
62 5.3.16 “Host Derive Working Key”
5.3.17 Intermediate derivation key derivation data examples
63 5.3.18 Working key derivation data examples
64 5.3.19 Transaction-originating device algorithm
69 5.4 Host-to-host UKPT
71 Annex A (informative) Key and component check values
75 Annex B (normative) Split knowledge during transport
77 Annex C (informative) Trust models and key establishment
85 Annex D (informative) Symmetric key life cycle
87 Annex E (informative) Asymmetric key life cycle phases
90 Annex F (normative) Approved algorithms
91 Annex G (informative) AES DUKPT pseudocode notation
94 Annex H (informative) AES DUKPT test vectors
95 Annex I (informative) TDEA-derived unique key per transaction
116 Annex J (informative) Roles in payment environment
119 Annex K (informative) Roles in symmetric key distribution using asymmetric techniques
122 Bibliography

Related products

BS ISO 11568:2023
$215.11