Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
© ASC X9, Inc. 2019– All rights reserved
ASC X9 TR 34–2019
Interoperable Method for Distribution of
Symmetric Keys using Asymmetric
Techniques: Part 1 – Using Factoring-Based
Public Key Cryptography Unilateral Key
Transport
A Technical Report prepared by:
Accredited Standards Committee X9, Incorporated
Financial Industry Standards
Registered with American National Standards Institute
Date Registered: September 22, 2019
American National Standards, Technical Reports and Guides developed through the Accredited Standards Committee X9, Inc., are copyrighted. Copying these documents for personal or commercial use outside X9 membership agreements is prohibited without express written permission of the Accredited Standards Committee X9, Inc. For additional information please contact ASC X9, Inc., 275 West Street, Suite 107, Annapolis, Maryland 21401.
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
ii © ASC X9, Inc. 2019– All rights reserved
Contents Page
1 Scope ................................................................................................................................. 16
2 References ........................................................................................................................ 18
3 Terms and definitions ....................................................................................................... 18
4 Symbols and abbreviated terms ...................................................................................... 18
5 TR34 Protocol Overview ................................................................................................... 23
5.1 Introduction ....................................................................................................................... 23
5.2 Certificate Authority ......................................................................................................... 24
5.3 High Level Protocol Description ...................................................................................... 25
5.4 Key Exchange Elements Description .............................................................................. 26
5.4.1 Introduction ....................................................................................................................... 26
5.4.2 TR34 Attribute Header ...................................................................................................... 27
5.4.3 TR34 Ephemeral Key ........................................................................................................ 29
5.4.4 TR34 Replay Prevention ................................................................................................... 29
5.4.5 Introduction ....................................................................................................................... 29
5.4.6 Two Pass Protocol ............................................................................................................ 29
5.4.7 One Pass Protocol ............................................................................................................ 30
5.4.8 TR34 Certificate Revocation List (CRL) ........................................................................... 30
5.4.9 The complete TR34 Key exchange message .................................................................. 30
5.5 Binding .............................................................................................................................. 31
5.5.1 Bind.................................................................................................................................... 31
5.5.2 Unbinding .......................................................................................................................... 31
5.5.3 Rebinding .......................................................................................................................... 33
5.5.4 Higher Level Authority Unbinding ................................................................................... 34
5.5.5 Higher Level Authority Rebinding ................................................................................... 35
6 Key Block Properties and Characteristics ...................................................................... 37
6.1 Key Block Elements .......................................................................................................... 37
6.2 Key Block Binding Method ............................................................................................... 38
6.2.1 Secrecy .............................................................................................................................. 39
6.2.2 Integrity and Authenticity ................................................................................................. 39
6.3 Key Block Header ............................................................................................................. 39
7 Key Establishment Protocol – Unilateral Key Transport Method .................................. 40
7.1 Introduction ....................................................................................................................... 40
7.2 Bind / Unbind / Rebind States .......................................................................................... 40
7.3 Unbind / Rebind Scenarios............................................................................................... 41
7.4 Parameters for Digital Signatures.................................................................................... 42
7.4.1 Digital Signatures ............................................................................................................. 42
7.5 KDH Bind Phase ................................................................................................................ 42
7.5.1 Summary ........................................................................................................................... 42
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved iii
7.5.2 Prepare KRD Credential Token (A1) ................................................................................ 42
7.5.3 Validate KRD Credential Token (B1) ................................................................................ 42
7.5.4 Prepare KDH Credential Token (B2) ................................................................................ 43
7.5.5 Validate KDH Credential (A2) ........................................................................................... 43
7.6 Symmetric Key Transport Phase ..................................................................................... 44
7.6.1 Summary ........................................................................................................................... 44
7.6.2 Generate Random Number Token (A1) ........................................................................... 44
7.6.3 Receive Random Number Token (B1) ............................................................................. 44
7.6.4 Generate transported Symmetric Key (B2) .................................................................... 44
7.6.5 Generate Ephemeral Symmetric Key (B3) ...................................................................... 45
7.6.6 Encipher Key Block (B4) .................................................................................................. 45
7.6.7 Encipher Ephemeral Key (B5) .......................................................................................... 45
7.6.8 Construct Key Token (B6) ................................................................................................ 45
7.6.9 Verify Key Token (A2) ....................................................................................................... 45
7.7 Symmetric Key Transport Phase - One-Pass Protocol Support .................................... 46
7.7.1 Summary ........................................................................................................................... 46
7.7.2 One-Pass Environment ..................................................................................................... 46
7.7.3 Ensuring Message Freshness with TimeStamps ............................................................ 46
7.7.4 Implementing TimeStamps............................................................................................... 47
7.7.5 Generate Transported Symmetric Key (B1) .................................................................... 48
7.7.6 Generate Ephemeral Symmetric Key (B2) ....................................................................... 48
7.7.7 Encipher Key Block (B3) .................................................................................................. 48
7.7.8 Encipher Ephemeral Key (B4) .......................................................................................... 48
7.7.9 Construct Key Token (B5) ................................................................................................ 48
7.7.10 Verify Key Token (A1) ....................................................................................................... 48
7.8 Symmetric Key Verification Phase .................................................................................. 50
7.8.1 Summary ........................................................................................................................... 50
7.8.2 Generate Key Check Value (A1) ....................................................................................... 50
7.8.3 Verify Key Check Value (B1) ............................................................................................ 50
7.9 KDH Unbind Phase ........................................................................................................... 51
7.9.1 Summary ........................................................................................................................... 51
7.9.2 Generate Random Number Token (A1) ........................................................................... 51
7.9.3 Receive Random Number Token (B1) ............................................................................. 51
7.9.4 Generate Unbind Token (B2) ............................................................................................ 51
7.9.5 Verify Unbind Token (A2) ................................................................................................. 52
7.10 KDH Rebind Phase ........................................................................................................... 53
7.10.1 Summary ........................................................................................................................... 53
7.10.2 Generate Random Number Token (A1) ........................................................................... 53
7.10.3 Receive Random Number Token (B1) ............................................................................. 53
7.10.4 Generate Rebind Token (B2) ............................................................................................ 53
7.10.5 Verify Rebind Token (A2) ................................................................................................. 54
7.11 Higher Level Authority Unbind Phase ............................................................................. 55
7.11.1 Summary ........................................................................................................................... 55
7.11.2 Generate Random Number Token (A1) ........................................................................... 55
7.11.3 Receive Random Number Token (B1) ............................................................................. 55
7.11.4 Generate Unbind Token (B2) ............................................................................................ 55
7.11.5 Verify Unbind Token (A2) ................................................................................................. 56
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
iv © ASC X9, Inc. 2019– All rights reserved
7.12 Higher Level Authority Rebind Phase ............................................................................. 56
7.12.1 Summary ........................................................................................................................... 56
7.12.2 Generate Random Number Token (A1) ........................................................................... 57
7.12.3 Receive Random Number Token (B1) ............................................................................. 57
7.12.4 Generate Rebind Token (B2) ............................................................................................ 57
7.12.5 Verify Rebind Token (A2) ................................................................................................. 57
Annex A (Informative) Design Considerations .......................................................................... 58
A.1 Assumptions and Constraints ......................................................................................... 58
A.1.1 Assumptions ..................................................................................................................... 58
A.1.2 Constraints ........................................................................................................................ 58
A.2 Recommended Algorithms............................................................................................... 59
A.2.1 General .............................................................................................................................. 59
A.2.2 Signature Algorithms........................................................................................................ 59
A.2.3 Encryption Algorithms ..................................................................................................... 59
A.2.4 OAEP Parameters ............................................................................................................. 59
A.2.5 Message Digest Functions ............................................................................................... 61
A.2.6 Key Sizes and Characteristics ......................................................................................... 62
Annex B (Informative) Cryptographic Message Encodings ..................................................... 65
B.1 Overview ............................................................................................................................ 65
B.2 Test Vectors ...................................................................................................................... 65
B.2.1 Sample Keys ..................................................................................................................... 65
B.2.2 Sample Data ...................................................................................................................... 73
B.3 Root Certificate Authority Public Key Certificate ........................................................... 96
B.4 CAKDH – Certificate Authority – KDH Certificate .............................................................100
B.5 CAKRD – Certificate Authority – KRD Certificate .............................................................104
B.6 CTKDH – The KDH Credential Token ................................................................................108
B.7 CTKRD - The KRD Credential Token ................................................................................114
B.8 KTKDH – The KDH Key Token – 1 Pass TDEA..................................................................118
B.8.1 1 Pass Key Token ............................................................................................................121
B.9 KTKDH – The KDH Key Token – 2 Pass TDEA..................................................................127
B.9.1 2 Pass Key Token ............................................................................................................130
B.10 RBTCA_UNBIND – Higher Level Authority Rebind Token ....................................................135
B.11 RBTKDH – KDH Rebind Token ..........................................................................................143
B.12 RTKRD – KRD Random Number Token ............................................................................152
B.13 UBTCA_UNBIND – Higher Level Authority Unbind Token ....................................................153
B.14 UBTKDH – KDH Unbind Token ..........................................................................................157
Annex C (Normative) ASN.1 Module for Object Identifiers ......................................................162
Annex D (Normative) ASN.1 Module for TR34 CMS ..................................................................164
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved v
Figures
Figure 1 ................................................................................................................................................ 23
Figure 2 ................................................................................................................................................ 24
Figure 3 — Comparison of TR-31 and TR-34 Key Binding Methods ..................................................... 37
Figure 4 — Key Block Binding Method using CMS types ...................................................................... 38
Figure 5 — Binding States .................................................................................................................... 41
Tables
Table 1 — KDH Response and Phase.................................................................................................. 40
Table 2 — Unbind / Rebind Scenarios .................................................................................................. 41
Table 3— KDH Bind Phase .................................................................................................................. 42
Table 4 — Symmetric Key Transport Phase ........................................................................................ 44
Table 5 - Symmetric Key Transport Phase - One-Pass Protocol .......................................................... 46
Table 6 — Symmetric Key Verification Phase ...................................................................................... 50
Table 7 — KDH Unbind Phase ............................................................................................................. 51
Table 8 — KDH Rebind Phase ............................................................................................................. 53
Table 9 — Higher Level Authority Unbind Phase .................................................................................. 55
Table 10 — Higher Level Authority Rebind Phase ................................................................................ 56
Table 11 - Supported Signature Algorithms .......................................................................................... 59
Table 12 - Supported Asymmetric Encryption Algorithms ..................................................................... 59
Table 13 - Supported Message Digest Functions ................................................................................. 61
Table 14 - Supported Key Sizes and Characteristics ............................................................................ 62
Table 15 - Ephemeral Key types and Strengths .................................................................................... 63
Table 16 - Transported Key Types and Strengths ................................................................................ 64
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
vi © ASC X9, Inc. 2019– All rights reserved
Foreword
Publication of this Technical Report that has been registered with ANSI has been approved by the
Accredited Standards Committee X9, Incorporated, 275 West Street, Suite 107, Annapolis, MD 21401.
This document is registered as a Technical Report according to the “Procedures for the Registration of
Technical Reports with ANSI.” This document is not an American National Standard and the material
contained herein is not normative in nature. Comments on the content of this document should be sent
to: Attn: Executive Director, Accredited Standards Committee X9, Inc., 275 West Street, Suite 107,
Annapolis, MD 21401,
Published by
Accredited Standards Committee X9, Incorporated
Financial Industry Standards
275 West Street, Suite 107
Annapolis, MD 21401 USA
X9 Online http://www.x9.org
Copyright © 2019 ASC X9, Inc.
All rights reserved.
No part of this publication may be reproduced in any form, in an electronic retrieval system or
otherwise, without prior written permission of the publisher. Published in the United States of America.
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved vii
Introduction
The retail financial transactions industry needs a cost effective way to distribute the symmetric key
materials required for financial cryptography. Physically visiting a remote terminal to enter keys is costly
and error prone. An interoperable cryptographic protocol to distribute these keys using public
cryptography techniques can provide a secure, cost effective solution. Manufacturers of both key
distribution hosts and key receiving devices can then embed this protocol in the communication
protocols used to interface hosts and devices. This Technical Report is intended to give the reader an
implementation that meets the requirements for secure key distribution as set forth in ANS X9.24 Retail
Financial Services Symmetric Key Management Part 2: Using Asymmetric Techniques for the
Distribution of Symmetric Keys.
Suggestions for the improvement or revision of this Technical Report are welcome. They should be sent
to the X9 Committee Secretariat, Accredited Standards Committee X9, Inc., Financial Industry
Standards, 1212 West Street, Suite 200, Annapolis, MD 21401 USA.
This Technical Report was processed and registered for submittal to ANSI by the Accredited Standards
Committee on Financial Services, X9. Committee approval of the Technical Report does not
necessarily imply that all the committee members voted for its approval.
NOTE The user's attention is called to the possibility that compliance with this technical report may
require use of an invention covered by patent rights.
By publication of this technical report, no position is taken with respect to the validity of this claim or of
any patent rights in connection therewith. The patent holder has, however, filed a statement of
willingness to grant a license under these rights on reasonable and nondiscriminatory terms and
conditions to applicants desiring to obtain such a license. Details may be obtained from the standards
developer.
The X9 committee had the following members:
Roy DeCicco, X9 Chairman
Angela Hendershott, X9 Vice-Chairman
Steve Stevens, Executive Director
Organization Represented Representative
ACI Worldwide ............................................................................................Doug Grote
Amazon ......................................................................................................John Britton
American Bankers Association ...................................................................Diane Poole
American Express Company ......................................................................David Moore
Bank of America .........................................................................................Daniel Welch
BBVA Compass ..........................................................................................Omar Jarrar
BDO ...........................................................................................................Tim Crawford
Bloomberg LP .............................................................................................Corby Dear
Capital One ................................................................................................Marie LaQuerre
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
viii © ASC X9, Inc. 2019– All rights reserved
Citigroup, Inc. .............................................................................................Karla McKenna
Conexxus, Inc. ............................................................................................Gray Taylor
CUSIP Global Services ..............................................................................Gerard Faulkner
Delap LLP ..................................................................................................Andrea Beatty
Deluxe Corporation.....................................................................................Angela Hendershott
Diebold Nixdorf ...........................................................................................Bruce Chapa
Federal Reserve Bank ................................................................................Ainsley Hargest
First Data Corporation ................................................................................Lisa Curry
FIS .............................................................................................................Stephen Gibson-Saxty
Fiserv .........................................................................................................Dan Otten
FIX Protocol Ltd - FPL ................................................................................James Northey
Futurex .......................................................................................................Ryan Smith
Gilbarco ......................................................................................................Bruce Welch
Harland Clarke ...........................................................................................John McCleary
Hyosung TNS Inc. ......................................................................................Joe Militello
IBM Corporation .........................................................................................Todd Arnold
ISARA Corporation .....................................................................................Alexander Truskovsky
ISITC ..........................................................................................................Lisa Iagatta
ITS, Inc. (SHAZAM Networks) ....................................................................Manish Nathwani
J.P. Morgan Chase .....................................................................................Roy DeCicco
MagTek, Inc................................................................................................Mimi Hart
MasterCard Europe Sprl .............................................................................Mark Kamers
NACHA The Electronic Payments Association ...........................................George Throckmorton
National Security Agency............................................................................Mike Boyle
NCR Corporation ........................................................................................Kevin Spengler
Office of Financial Research, U.S. Treasury Department............................Thomas Brown Jr.
PCI Security Standards Council..................................................................Troy Leach
PricewaterhouseCoopers LLP ....................................................................Michael Versace
RouteOne ...................................................................................................Chris Irving
SWIFT/Pan Americas .................................................................................Karin DeRidder
Symcor Inc. ................................................................................................Debbi Fitzpatrick
TECSEC Incorporated ................................................................................Ed Scheidt
The Clearing House ....................................................................................Sharon Jablon
U.S. Bank ...................................................................................................Michelle Wright
U.S. Commodity Futures Trading Commission (CFTC) ..............................Robert Stowsky
USDA Food and Nutrition Service ..............................................................Lisa Gifaldi
VeriFone, Inc. .............................................................................................Dave Faoro
Viewpointe ..................................................................................................Richard Luchak
VISA ...........................................................................................................Kim Wagner
Wayne Fueling Solutions ............................................................................Henry Fieglein
Wells Fargo Bank .......................................................................................Mark Schaffer
The X9F subcommittee on Data & Information Security had the following members:
Dave Faoro, X9F Chairman
Ed Scheidt, X9F Vice-Chairman
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved ix
Organization Represented Representative
ACI Worldwide ..........................................................................................................Doug Grote ACI Worldwide ..........................................................................................................Dan Kinney ACI Worldwide ..........................................................................................................Lisa McKee ACI Worldwide ..........................................................................................................Julie Samson American Bankers Association .................................................................................Tom Judd American Express Company ....................................................................................Gail Chapman American Express Company ....................................................................................Farid Hatefi American Express Company ....................................................................................David Moore American Express Company ....................................................................................John Timar American Express Company ....................................................................................Kevin Welsh Bank of America .......................................................................................................Amanda Adams Bank of America .......................................................................................................Peter Capraro Bank of America .......................................................................................................Andi Coleman Bank of America .......................................................................................................Joel Kazin Bank of America .......................................................................................................Terry McKinney Bank of America .......................................................................................................Matthew Sharp Bank of America .......................................................................................................Michael Smith Bank of America .......................................................................................................Daniel Welch BBVA Compass ........................................................................................................Omar Jarrar BDO ..........................................................................................................................Tim Crawford BDO ..........................................................................................................................Jeffrey Ward BlackBerry Limited ....................................................................................................Daniel Brown Bloomberg LP ...........................................................................................................Erik Anderson Bloomberg LP ...........................................................................................................Corby Dear Capital One ...............................................................................................................Marie LaQuerre Capital One ...............................................................................................................Johnny Lee Cipherithm ................................................................................................................Scott Spiker comforte AG ..............................................................................................................Thomas Gloerfeld comforte AG ..............................................................................................................Henning Horst Communications Security Establishment .................................................................Jonathan Hammell Communications Security Establishment .................................................................David Smith Conexxus, Inc. ..........................................................................................................David Ezell Conexxus, Inc. ..........................................................................................................Alan Thiemann CUSIP Global Services.............................................................................................Scott Preiss Deixis, PBC ...............................................................................................................Pamela Bell Deixis, PBC ...............................................................................................................Allen Brown Deixis, PBC ...............................................................................................................Pat Santos Delap LLP .................................................................................................................Andrea Beatty Delap LLP .................................................................................................................Diane Bishop Delap LLP .................................................................................................................David Buchanan Deluxe Corporation ...................................................................................................Angela Hendershott Deluxe Corporation ...................................................................................................Margiore Romay Deluxe Corporation ...................................................................................................Andy Vo Diebold Nixdorf .........................................................................................................Christoph Bruecher Diebold Nixdorf .........................................................................................................Andrea Carozzi Diebold Nixdorf .........................................................................................................Bruce Chapa Diebold Nixdorf .........................................................................................................Michael Ott Diebold Nixdorf .........................................................................................................David Phister Digicert ......................................................................................................................Tim Hollebeek Digicert ......................................................................................................................Steve Medin Discover Financial Services .....................................................................................Cheryl Mish Discover Financial Services .....................................................................................Diana Pauliks Discover Financial Services .....................................................................................Jordan Schaefer Discover Financial Services .....................................................................................Jorge Vargas
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
x © ASC X9, Inc. 2019– All rights reserved
Federal Reserve Bank ............................................................................................. Patrick Adler Federal Reserve Bank ............................................................................................. Guy Berg Federal Reserve Bank ............................................................................................. Marianne Crowe Federal Reserve Bank ............................................................................................. Amanda Dorphy Federal Reserve Bank ............................................................................................. Ken Han Federal Reserve Bank ............................................................................................. Ainsley Hargest Federal Reserve Bank ............................................................................................. Daniel Maynard Federal Reserve Bank ............................................................................................. Susan Pandy Federal Reserve Bank ............................................................................................. Patti Ritter First Data Corporation ............................................................................................. Lisa Curry First National Bank of Omaha .................................................................................. Sherry Rewolinski First National Bank of Omaha .................................................................................. Kristi White FIS ........................................................................................................................... Saman Amighi FIS ........................................................................................................................... John Soares FIS ........................................................................................................................... Sunny Wear Fiserv ....................................................................................................................... Bud Beattie Fiserv ....................................................................................................................... Dan Otten Futurex ..................................................................................................................... Ryan Smith Futurex ..................................................................................................................... Tim Weston GEOBRIDGE Corporation ....................................................................................... Jason Way Gilbarco .................................................................................................................... Scott Turner Gilbarco .................................................................................................................... Bruce Welch Harland Clarke ......................................................................................................... Joseph Filer Hyosung TNS Inc. .................................................................................................... Joe Militello Hyosung TNS Inc. .................................................................................................... JaeWhan Shin IBM Corporation ....................................................................................................... Todd Arnold IBM Corporation ....................................................................................................... Richard Kisley Ingenico ................................................................................................................... Steven Bowles Ingenico ................................................................................................................... Wayne Burgess Ingenico ................................................................................................................... Nabil Hamzi Ingenico ................................................................................................................... Steve McKibben ISARA Corporation .................................................................................................. Mike Brown ISARA Corporation .................................................................................................. Philip Lafrance ISARA Corporation .................................................................................................. Alexander Truskovsky ITS, Inc. (SHAZAM Networks) ................................................................................. Manish Nathwani J.P. Morgan Chase .................................................................................................. Kathleen Krupa J.P. Morgan Chase .................................................................................................. Jackie Pagán J.P. Morgan Chase .................................................................................................. Darryl Scott Level 10 ................................................................................................................... Allan Elder MagTek, Inc. ............................................................................................................ Jeff Duncan MagTek, Inc. ............................................................................................................ Mimi Hart MasterCard Europe Sprl .......................................................................................... Mark Kamers MasterCard Europe Sprl .......................................................................................... Larry Newell MasterCard Europe Sprl .......................................................................................... Michael Ward Micro Focus ............................................................................................................. Luther Martin Micro Focus ............................................................................................................. Phil Smith National Institute of Standards and Technology (NIST) .......................................... Elaine Barker National Institute of Standards and Technology (NIST) .......................................... Lily Chen National Security Agency ......................................................................................... Mike Boyle National Security Agency ......................................................................................... Nick Gajcowski National Security Agency ......................................................................................... Paul Timmel NCR Corporation ..................................................................................................... Charlie Harrow NCR Corporation ..................................................................................................... Bradford Loewy P97 Networks, Inc. ................................................................................................... Steve Moses PCI Security Standards Council .............................................................................. Leon Fell PCI Security Standards Council .............................................................................. Troy Leach
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved xi
PCI Security Standards Council ...............................................................................Ralph Poore RSA, The Security Division of EMC .........................................................................Steve Schmalz SafeNet Infotech Pvt. Ltd. .........................................................................................Amit Sinha SafeNet Infotech Pvt. Ltd. .........................................................................................Devesh Tewari TECSEC Incorporated ..............................................................................................Ed Scheidt TECSEC Incorporated ..............................................................................................Dr. Wai Tsang TECSEC Incorporated ..............................................................................................Jay Wack Thales UK Limited ....................................................................................................Larry Hines Thales UK Limited ....................................................................................................James Torjussen The Clearing House ..................................................................................................Mark Fitlin The Clearing House ..................................................................................................Sharon Jablon The Clearing House ..................................................................................................Hirak Patel The Clearing House ..................................................................................................Miguel Sanchez The Phoenix Group...................................................................................................Ron Davis The Phoenix Group...................................................................................................Candice Hoft U.S. Bank ..................................................................................................................Stephen Case University Bank .........................................................................................................Stephen Ranzini University Bank .........................................................................................................Michael Talley Utimaco Inc. ..............................................................................................................Susan Langford VeriFone, Inc. ...........................................................................................................John Barrowman VeriFone, Inc. ...........................................................................................................Dave Faoro VeriFone, Inc. ...........................................................................................................Saxon Noh VeriFone, Inc. ...........................................................................................................Joachim Vance Viewpointe ................................................................................................................Richard Luchak VISA ..........................................................................................................................Ben Choong VISA ..........................................................................................................................Adam Clark VISA ..........................................................................................................................Eric Le Saint VISA ..........................................................................................................................Kim Wagner Wayne Fueling Solutions ..........................................................................................Henry Fieglein Wells Fargo Bank .....................................................................................................Jason Buck Wells Fargo Bank .....................................................................................................David Cooper Wells Fargo Bank .....................................................................................................William Felts, IV Wells Fargo Bank .....................................................................................................Phillip Griffin Wells Fargo Bank .....................................................................................................Calvin Heng Wells Fargo Bank .....................................................................................................Antoinette McCarthy Wells Fargo Bank .....................................................................................................Kelly O'Donnell Wells Fargo Bank .....................................................................................................Mark Schaffer Wells Fargo Bank .....................................................................................................Jeff Stapleton Wells Fargo Bank .....................................................................................................Tony Suarez White and Williams LLP ............................................................................................Richard Borden White and Williams LLP ............................................................................................Sandra Lambert White and Williams LLP ............................................................................................Joshua Mooney White and Williams LLP ............................................................................................Michael Olsan
Under ASC X9, Inc. procedures, a working group may be established to address specific segments of
work under the ASC X9 Committee or one of its subcommittees. A working group exists only to develop
standard(s) or technical report(s) in a specific area and is then disbanded. The individual experts are
listed with their affiliated organizations. However, this does not imply that the organization has approved
the content of the standard or technical report. (Note: Per X9 policy, company names of non-member
participants are listed only if, at the time of publication, the X9 Secretariat received an original signed
release permitting such company names to appear in print.)
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
xii © ASC X9, Inc. 2019– All rights reserved
The X9F6 Cardholder Authentication and ICC’s group which developed this technical report had the
following members:
Steve Case, Chairman
Andrea Beatty, Project Editor
Dan Kinney, Project Editor
Charlie Harrow, Project Editor
Organization Represented Representative
ACI Worldwide ......................................................................................................... Doug Grote ACI Worldwide ......................................................................................................... Dan Kinney ACI Worldwide ......................................................................................................... Lisa McKee ACI Worldwide ......................................................................................................... Julie Samson American Bankers Association ................................................................................ Tom Judd American Express Company ................................................................................... Gail Chapman American Express Company ................................................................................... Alan Fong American Express Company ................................................................................... Michael Hyzer American Express Company ................................................................................... Kenneth Mealey American Express Company ................................................................................... David Moore American Express Company ................................................................................... Hing Too American Express Company ................................................................................... Clyde Van Blarcum American Express Company ................................................................................... Kevin Welsh Bank of America ....................................................................................................... Amanda Adams Bank of America ....................................................................................................... Dion Bellamy Bank of America ....................................................................................................... Peter Capraro Bank of America ....................................................................................................... Terrelle Carswell Bank of America ....................................................................................................... Andi Coleman Bank of America ....................................................................................................... Chuck Gruesbeck Bank of America ....................................................................................................... Joel Kazin Bank of America ....................................................................................................... Terry McKinney Bank of America ....................................................................................................... Chris Schrick Bank of America ....................................................................................................... Matthew Sharp Bank of America ....................................................................................................... Michael Smith Bank of America ....................................................................................................... Daniel Welch Bank of America ....................................................................................................... Terri Willis BBVA Compass ....................................................................................................... Omar Jarrar BetterBuyDesign ...................................................................................................... Steve Mott BlackBerry Limited ................................................................................................... Daniel Brown BlackBerry Limited ................................................................................................... John Goyo Bloomberg LP .......................................................................................................... Erik Anderson Capital One .............................................................................................................. Johnny Lee Cipherithm ................................................................................................................ Scott Spiker comforte AG ............................................................................................................. Henning Horst comforte AG ............................................................................................................. Michael Horst Conexxus, Inc. ......................................................................................................... David Ezell Conexxus, Inc. ......................................................................................................... Ann Seki Conexxus, Inc. ......................................................................................................... Alan Thiemann Conexxus, Inc. ......................................................................................................... Linda Toth CUSIP Global Services ............................................................................................ Scott Preiss Deixis, PBC .............................................................................................................. Pamela Bell Deixis, PBC .............................................................................................................. Allen Brown Deixis, PBC .............................................................................................................. Pat Santos Delap LLP ................................................................................................................ Andrea Beatty Delap LLP ................................................................................................................ Diane Bishop
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved xiii
Delap LLP .................................................................................................................David Buchanan Diebold Nixdorf .........................................................................................................Christoph Bruecher Diebold Nixdorf .........................................................................................................Rick Brunt Diebold Nixdorf .........................................................................................................Andrea Carozzi Diebold Nixdorf .........................................................................................................Bruce Chapa Diebold Nixdorf .........................................................................................................Scott Harroff Diebold Nixdorf .........................................................................................................Anne Konecny Diebold Nixdorf .........................................................................................................Michael Nolte Diebold Nixdorf .........................................................................................................Michael Ott Diebold Nixdorf .........................................................................................................David Phister Diebold Nixdorf .........................................................................................................Matthias Runowski Digicert ......................................................................................................................Tim Hollebeek Digicert ......................................................................................................................Steve Medin Discover Financial Services .....................................................................................Debbie Holfeld Discover Financial Services .....................................................................................David Kloser Discover Financial Services .....................................................................................Cheryl Mish Discover Financial Services .....................................................................................Diana Pauliks Discover Financial Services .....................................................................................Julie Quandt Discover Financial Services .....................................................................................Lakshmi Ramanathan Discover Financial Services .....................................................................................Jordan Schaefer Discover Financial Services .....................................................................................Jorge Vargas Federal Reserve Bank ..............................................................................................Patrick Adler Federal Reserve Bank ..............................................................................................Guy Berg Federal Reserve Bank ..............................................................................................Pieralberto Deganello Federal Reserve Bank ..............................................................................................Amanda Dorphy Federal Reserve Bank ..............................................................................................Ken Han Federal Reserve Bank ..............................................................................................Ainsley Hargest Federal Reserve Bank ..............................................................................................Bob Hunt Federal Reserve Bank ..............................................................................................Paul Nunnally Federal Reserve Bank ..............................................................................................Susan Pandy Federal Reserve Bank ..............................................................................................John Rhodes Federal Reserve Bank ..............................................................................................Patti Ritter First Data Corporation ..............................................................................................Scott Carpenter First Data Corporation ..............................................................................................Lisa Curry First Data Corporation ..............................................................................................Jodi Delaney First Data Corporation ..............................................................................................Jacqueline Dill First Data Corporation ..............................................................................................Angela Ghetu First Data Corporation ..............................................................................................Eddie Holland First Data Corporation ..............................................................................................Brian Kean First Data Corporation ..............................................................................................Andres Mendoza First Data Corporation ..............................................................................................Brian Murray First Data Corporation ..............................................................................................Michelle Starkjohn First Data Corporation ..............................................................................................Allisa Walker First National Bank of Omaha ..................................................................................Sherry Rewolinski First National Bank of Omaha ..................................................................................Kristi White FIS ............................................................................................................................Tami Harris Fiserv ........................................................................................................................Bud Beattie Fiserv ........................................................................................................................Dan Otten Futurex ......................................................................................................................Ryan Smith Futurex ......................................................................................................................Tim Weston GEOBRIDGE Corporation ........................................................................................Donna Gem GEOBRIDGE Corporation ........................................................................................Dean Macinskas GEOBRIDGE Corporation ........................................................................................Jason Way Gilbarco ....................................................................................................................Scott Turner Gilbarco ....................................................................................................................Bruce Welch Harland Clarke ..........................................................................................................John McCleary
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
xiv © ASC X9, Inc. 2019– All rights reserved
Hyosung TNS Inc. .................................................................................................... Joe Militello Hyosung TNS Inc. .................................................................................................... JaeWhan Shin IBM Corporation ....................................................................................................... Todd Arnold IBM Corporation ....................................................................................................... Wai Choi IBM Corporation ....................................................................................................... Richard Kisley ID TECH ................................................................................................................... Eric Lecesne Ingenico ................................................................................................................... Steven Bowles Ingenico ................................................................................................................... Wayne Burgess Ingenico ................................................................................................................... Steve McKibben ISARA Corporation .................................................................................................. Mike Brown ISARA Corporation .................................................................................................. Philip Lafrance ISARA Corporation .................................................................................................. Alexander Truskovsky ITS, Inc. (SHAZAM Networks) ................................................................................. Janet LaFrence ITS, Inc. (SHAZAM Networks) ................................................................................. Manish Nathwani J.P. Morgan Chase .................................................................................................. Kathleen Krupa J.P. Morgan Chase .................................................................................................. Jackie Pagán J.P. Morgan Chase .................................................................................................. Darryl Scott K3DES LLC .............................................................................................................. James Richardson Level 10 ................................................................................................................... Allan Elder Lusis Payments Inc. ................................................................................................. Brian Miller Lusis Payments Inc. ................................................................................................. Ki Roth MagTek, Inc. ............................................................................................................ Jeff Duncan MagTek, Inc. ............................................................................................................ Mimi Hart MasterCard Europe Sprl .......................................................................................... Mark Kamers MasterCard Europe Sprl .......................................................................................... Susie Thompson MasterCard Europe Sprl .......................................................................................... Michael Ward Member Emeritus..................................................................................................... Darlene Kargel Member Emeritus..................................................................................................... Lawrence LaBella Member Emeritus..................................................................................................... Richard Sweeney National Institute of Standards and Technology (NIST) .......................................... Elaine Barker National Institute of Standards and Technology (NIST) .......................................... Lawrence Bassham III National Institute of Standards and Technology (NIST) .......................................... Lily Chen National Institute of Standards and Technology (NIST) .......................................... David Cooper National Institute of Standards and Technology (NIST) .......................................... Morris Dworkin National Institute of Standards and Technology (NIST) .......................................... Randall Easter National Institute of Standards and Technology (NIST) .......................................... Sharon Keller National Institute of Standards and Technology (NIST) .......................................... Annabelle Lee National Institute of Standards and Technology (NIST) .......................................... Fernando Podio National Security Agency ......................................................................................... Paul Timmel NCR Corporation ..................................................................................................... Charlie Harrow NCR Corporation ..................................................................................................... Bradford Loewy NCR Corporation ..................................................................................................... Brian Wotherspoon PCI Security Standards Council .............................................................................. Leon Fell PCI Security Standards Council .............................................................................. Troy Leach PCI Security Standards Council .............................................................................. John Markh PCI Security Standards Council .............................................................................. Ralph Poore RSA, The Security Division of EMC ......................................................................... Steve Schmalz SafeNet Infotech Pvt. Ltd. ........................................................................................ Amit Sinha SafeNet Infotech Pvt. Ltd. ........................................................................................ Devesh Tewari TECSEC Incorporated ............................................................................................. Ed Scheidt TECSEC Incorporated ............................................................................................. Dr. Wai Tsang TECSEC Incorporated ............................................................................................. Jay Wack Thales UK Limited.................................................................................................... Colette Broadway Thales UK Limited.................................................................................................... Larry Hines Thales UK Limited.................................................................................................... James Torjussen The Clearing House ................................................................................................. Sharon Jablon
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
© ASC X9, Inc. 2019– All rights reserved xv
The Phoenix Group...................................................................................................Ron Davis The Phoenix Group...................................................................................................Candice Hoft U.S. Bank ..................................................................................................................Stephen Case U.S. Bank ..................................................................................................................Dave Esmond University Bank .........................................................................................................Stephen Ranzini University Bank .........................................................................................................Michael Talley USDA Food and Nutrition Service ............................................................................Erin McBride Utimaco Inc. ..............................................................................................................Susan Langford VeriFone, Inc. ...........................................................................................................John Barrowman VeriFone, Inc. ...........................................................................................................Dave Faoro VeriFone, Inc. ...........................................................................................................LeAnn Hostetler VeriFone, Inc. ...........................................................................................................Chris Madden VeriFone, Inc. ...........................................................................................................Doug Manchester VeriFone, Inc. ...........................................................................................................Joachim Vance VISA ..........................................................................................................................Adam Clark VISA ..........................................................................................................................Hans Van Tilburg VISA ..........................................................................................................................Kim Wagner Wayne Fueling Solutions ..........................................................................................Henry Fieglein Wells Fargo Bank .....................................................................................................Rao Abhijit Wells Fargo Bank .....................................................................................................Sotos Barkas Wells Fargo Bank .....................................................................................................William Felts, IV Wells Fargo Bank .....................................................................................................Andrew Garner Wells Fargo Bank .....................................................................................................Matthew Greenwell Wells Fargo Bank .....................................................................................................Phillip Griffin Wells Fargo Bank .....................................................................................................Sam Grosby Wells Fargo Bank .....................................................................................................Ryan Hegland Wells Fargo Bank .....................................................................................................Calvin Heng Wells Fargo Bank .....................................................................................................Jeff Jacoby Wells Fargo Bank .....................................................................................................Amanda Judge Wells Fargo Bank .....................................................................................................Brian Keltner Wells Fargo Bank .....................................................................................................Jan Kohl Wells Fargo Bank .....................................................................................................Eric Lengvenis Wells Fargo Bank .....................................................................................................Garrett Macey Wells Fargo Bank .....................................................................................................Olatunde Ojolola Wells Fargo Bank .....................................................................................................Brian Parks Wells Fargo Bank .....................................................................................................Doug Pelton Wells Fargo Bank .....................................................................................................Tim Plantand Wells Fargo Bank .....................................................................................................Mark Schaffer Wells Fargo Bank .....................................................................................................Jeff Stapleton Wells Fargo Bank .....................................................................................................Tony Stieber Wells Fargo Bank .....................................................................................................Tony Suarez White and Williams LLP ............................................................................................Clay Epstein White and Williams LLP ............................................................................................Sandra Lambert
This document is the second release of this technical report.
This document is used in conjunction with ANSI X9.24-2.
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.
ASC X9 TR 34–2019
16 © ASC X9, Inc. 2019– All rights reserved
Interoperable Method for Distribution of Symmetric Keys using Asymmetric Techniques: Part 1 – Using Factoring-Based Public Key Cryptography Unilateral Key Transport
1 Scope
This document describes a method consistent with the requirements of ANS X9.24-2 Retail Financial
Services Symmetric Key Management - Part 2: Using Asymmetric Techniques for the Distribution of
Symmetric Keys for the secure exchange of keys using asymmetric techniques between two devices that
share asymmetric keys. This method is designed to operate within the existing capabilities of devices
used in the retail financial services industry.
This is an implementation of the Unilateral Key Transport Method defined in ANS X9.24-2.
This document is not a security standard and is not intended to establish security requirements. It is
intended instead to provide an interoperable method of implementing security requirements and policies.
ANS X9.24-2 describes the security requirements for systems that distribute symmetric keys using
asymmetric techniques. The security requirements are consistent across all systems; ANS X9.24-2 does
not distinguish between types of systems or alter the security requirements depending upon the
environment of the entities in the system. While this is the correct approach for security requirements, the
implementation requirements on systems will vary depending upon the properties of the system.
This document specifies an interoperable method for one particular situation – the Distribution of
Symmetric Keys using Asymmetric Techniques from a Single Key Distribution Host (KDH) to many Key
Receiving Devices (KRDs). The KDH is assumed to be operated in a controlled environment (as
specified in reference 8); the KRDs may operate in uncontrolled environments.
This interoperable method could also be used to exchange keys between peers, where one is
administratively designated as the KDH and one as the KRD.
The KDH and the KRD are assumed to have an administrative understanding of the type and key
characteristics of the symmetric key that is exchanged, as for a terminal master key. As such, the key
exchanged is treated by this protocol as a binary blob.
This document uses the term KRD to denote the Key Receiving Device; The KRD is a Tamper Resistant
Security Module (TRSM) such as a PIN Encrypting Device (PED), an Encrypting PIN PAD (EPP), or a
Host Security Module (HSM).
Within the confines of this protocol, the KRD can only respond to commands from a KDH, i.e. the KRD is
a slave KRD. However, the communication may be initiated by the KRD, KDH or some other component
such as a terminal management system.
This part of TR34 describes an interoperable protocol for devices using:
This is a preview of "ASC X9 TR 34-2019". Click here to purchase the full version from the ANSI store.