ISO 11568-1:2005 pdf download – Banking – Key management (retail)—Part 1: Principles.
prIvate key
portion of an asymmetric key pair, the value of WhiCh is secret
public key
portion of an asymmetric key pair, the value of which can be made public
secret key
cryptographic key used In a symmetric cipher system
4 Aspects of key management
4.1 Purpose of security
Messages and transactions in a retail banking system contain both cardholder sensitive data and related financial informalion The use of cryptography to protect the data reduces the risk of financial loss by fraud, maintains the integrity and confidentiality of the systems. and instils user confidence in business provkter/retailer relationships. To this end, system security shall be incorporated into the total system design. The maintenance of security and system procedures over the keys in such systems is called key management.
4.2 Level of security
The level of security to be achieved needs to be related to a number of factors, including the sensitivity of the data concerned and the likelihood that ii will be intercepted; the practicality of any envisaged enpplierment process; and the cost of providing (and breaking) a particular means of security. It is therefore necessary for communicating parties to agree on the key management procedures and extent and detail of security as specified m ISO 13491 (all parts).
4.3 Key management objectives
The primary objectives of key management are to provide those keys needed to perform the required cryptographic operations and to control the use of those keys. Key management also ensures that those keys are protected adequately during their life cycle. The security objectives of key managen,ent are to minimize the opportunity for a breach of security, to minimize the consequences or damages of a security breach, and to maximize the probablity of detection of any dliclt access or change to keys that may occur, despite preventive measures. This applies to all stages of the generation, distribution, storage, use and archiving of keys, including those processes that occur in cryptographic equipment and those related to communication of cryptographic keys between communicating parties.
NOTE This part of ISO 11568 covers the above issues. Total system security also indudes such issues as protecting communications, data processing systems, eqtment and facilities.
5 Principles of key management
Compliance with the following principles is required in order to protect keys from threats to subvert a reta banking system.
a) Keys shall exist only in those forms permitted by ISO 11568,
b) No one person shall have the capability to access or ascertain any plaintexi secret/private key.
C) Systems shall prevent the disclosure of any secretlprivate key that has been or wiN be used to protect any data
d) Secrellprivate keys shall be generated using a process such that It is not possible to predict any resultant value or to determine that certain values are more probable than others from the total set of all the possible values
e) Systems should detect the attempted disclosure of any secreUpnvate key and the attempted use of a secretlpnvate key for other than its intended purpose.
I) Systems shall prevent or detect the use of a secret/private key, or portion of that key, for other than its intended purpose, and the accidental or unauthorized modification, use, substitution, deletion or insertion of any key.
g) A key shall be replaced with a new key within the time deemed feasible to determine the old key.
h) A key shall be replaced with a new key within the time deemed feasible to perform a successful dictionary attack on the data enciphered under the old key
i) A key shall cease to be used when its compromise is known or suspected
j) The compromise of a key shared among one group of parties shall not compromise keys shared among any other group of parties.
k) A compromised key shel not provide any information to enable the determination of its replacement.
I) A key shall only be loaded Into a device when it may be reasonably assured that the device is secure and has not been subjected to unauthorized modification or substitution.
6 Cryptosystems
6.1 Overview
A cryptosystem is a general term referring to a set of cryptographic primitives used to provide information security services. Most often the term is used in conjunction with primitives providing confklentiahty. i.e. encryption. Such systems are referred to as cipher systems. The key management practices descnbed in this part of ISO 11568 may utilize these cryptosystems or may be applied to the keys of these cryptosystems.
6.2 CIpher systems
A aptier system comprises an encipherment operation and the inverse decipherment operation. Additionally it may include other aspects such as padding rules and key management requirements. Encipherment transforms plaiitext to ciphertext using an encipherment key; decipherment transforms the ciphertext back to plawitext using a decipherment key. Retail banking applications employ cther systems to protect sensitive cardholder and fInancial transaction data. The data to be protected is enciphered by the originator and subsequently deciphered by the receiver. There are two types of cipher systems:
a) symmetric
b) asymmetric.
Whilst this clause Ilustrales cipher systems (or protecting data, the applicability of ISO 11568 includes the protection and management of keys used In other cryptographic techniques such as key derivation, message authentication, digital signatures and related functions.