当前位置：网站首页>Key and encryption mechanism in financial industry

Key and encryption mechanism in financial industry

2022-06-10 19:31:00 【Ink painting for a long time】

Key and encryption mechanism in the financial industry

One 、 The standard system of secret keys
Two 、 Secret key implementation
3、 ... and 、 Common terms
Four 、 Reference documents

One 、 The standard system of secret keys

At present, there are two key systems in the financial industry ：

One is 《Q/CUP 006.4-2015 Enterprise standard of China UnionPay Co., Ltd - Technical specification of China UnionPay bank card exchange system The first 4 part Data security transmission control specification 》
in < Key list of each layer >.

Two is 《ANSI 9.17 Financial Institution Key Management》 standard .

Two 、 Secret key implementation

Secret key management system based on UnionPay standard , It is divided into primary key MK、 Member master key MMK And data secret key data key( Such as PIK、MAK)
Common three-level secret key management system , namely LMK、ZMK、TMK etc. , The main implementation can refer to HSM Manuals , See reference document page 5、6 term .

3、 ... and 、 Common terms

Master key Master Key

Generally, the manual input at the terminal is stored in the password keyboard , It is divided into AB Two parts , Kept by different persons , It is also distributed remotely . Used to encrypt the working secret key . When the terminal equipment signs in , The host sends the encrypted working secret key , Then the terminal device decrypts and imports the corresponding working secret key .

Work key Working Key

PIN Key, It is used to transfer the account number and password PIN Generate PinBlock Ciphertext , Send it to the host in a message .
MAC Key, Used to generate messages Mac Check code , Prevent the message from being tampered with .
COM Key, Used for message communication encryption , Overall encryption , The difference in MAC Key Generate only check values for .

Four 、 Reference documents

1.《Q/CUP 006.4-2015 Enterprise standard of China UnionPay Co., Ltd 》- Technical specification of China UnionPay bank card exchange system The first 4 part Data security transmission control specification
2.《SJL05 Financial data encryption machine programmer's manual 》
3. 《 China's financial IC （IC） Card specification 》 or 《EMV Book》
4. 《PCI DSS》
5. 《SJL05 Financial data encryption machine programmer's manual 》
6. 《 Financial data cipher (SJJ1309-A) white paper 》

原网站

版权声明
本文为[Ink painting for a long time]所创，转载请带上原文链接，感谢
https://yzsam.com/2022/161/202206101829019587.html