2 OverviewANS X Part 1: Retail Financial Services Symmetric Key Management Part 1: Using Symmetric TechniquesFYI - Part 2 covers using asymmetric techniquesWhat it coversHow it compares to the key management model described in NIST SP , Recommendation for Key Management – Part 1: General (Revised)
3 High-level overviewX9.24Very focused on a particular application of symmetric key managementA product of X9F6 - Cardholder Authentication and ICCs Working GroupX9F6 focuses almost entirely on PIN securityAt least to date – X9.114 will extend to other sensitive transaction dataShould watch this oneSPA very broad and general document that covers a wide range of key management technologies and techniques
4 ApplicabilityX9.24Use is limited to the financial services industry and to the protection of sensitive financial informationThe “interchange environment”Widely followed by FIsBasically used for encrypting PINsSPUse nominally limited to US federal government, but many NIST documents become de facto standards for most of the worldIncluding this oneProvides basis for FIPS 140-2, et al.
5 Comparing contentX9.24Lacks a broad framework for general key managementA very narrow and focused set of requirements to support creating and use of PINsNo explicit states of keys listedSPA very broad frameworkMany requirements to choose from depending on applicationThe familiar model of states
6 What X9.24 does describe Key management requirements (Section 7) Key generationUse of TRSMSecure environmentKey distributionKey utilizationKey replacementKey destruction and archival
7 What X9.24 does describe Key management methods (Section 8) Methods requiring compromise prevention controlsFixed transaction keysA hierarchy of master keys and transaction keysMethods requiring compromise detection controlsDerived unique key per transaction (DUKPT)Key identification – one of these must be usedImplicit key identificationKey identification by nameMay (?) be of interest to OO groupSecurity Management Information Data (SMID) ElementTransport formatNot actually required by the standard
8 Final thoughts on X9.24No issues with SP , but there are compatibility issues with other NIST documentsX9.24 uses a KDF that is not approved by NIST, so can’t be used in FIPS compliant modeX9.24 also generates symmetric keys from a KDF, which is also not allowed by FIPS 140-2But, in general, we can assume that the key management states of X Part 1 are a subset of the states defined by SP