Professional Documents
Culture Documents
HSM
HSM
HSM
2007/03//16
HSM
(Integrity)
(Confidentiality)
(Authentication)
(Non-repudiation)
2007/03//16
2007/03//16
()
()
(
)
(Diversify)
2007/03//16
()
()
(Personal Identify Number, PIN)
PIN Block
(PIN
Protection Key)PIN Block
953
2007/03//16
()
(Message Authentication Code, MAC)
(Key Sync Check Item)
()
2007/03//16
()
FISC
ATM
2007/03//16
()
K1
K2
K3
Output
Input
E
Triple-DES Encryption
(K1 = K3) K2, Key Length 112 bits
K1 K2 K3, Key Length 168 bits
K1
Input
Output
E
Encryption
K1, Key Length 56 bits
2007/03//16
10
()
()
Card Verification Value (CVV)Card Verification
Code (CVC)
()
(Card Verification Key, CVK)
Service Code
3
2007/03//16
11
()
()
PIN Verification Value (PVV)
(PIN Verification Key, PVK)
4
()
2007/03//16
12
()
()
Authorization Request Cryptogram (ARQC)
(Diversify)
2007/03//16
13
()
UK-AC(L) = 3DES(MK-AC, 9937000001312000)
= 2F9752D23A2B708B
UK-AC(R) = 3DES(MK-AC, ~9937000001312000)
= 3DES(MK-AC, 66C8FFFFFECEDFFF)
= F4245DD9C25E8C89
OTmp = The last block of DES(UK-AC(L),
000000000128000000000000015880C00010000901071201409F1971
701C0001)
= C7F4200B4EA70AAF
ARQC = 3DES(UK-AC, OTmp 7B03A08000000000)
= 3DES(UK-AC, BCF7808B4EA70AAF)
= 2CAAEF006841ABED
MK-AC:Issuer Master Key-Authentication Cryptogram
UK-AC:User Key-Authentication Cryptogram
2007/03//16
14
Financial Electronic Data Interchange (FEDI)
()
2007/03//16
15
()
()
()
()
()
2007/03//16
16
()
hash
hash
Compare ?
Decrypt
Encrypt
Private Key
Public Key
2007/03//16
17
HSM
HSM
2007/03//16
19
()
(HSM)
2007/03//16
20
()
HSM
HSM
HSM
HSM
2007/03//16
21
HSM
82
83
92
(CD/ATM)
2007/03//16
22
HSM()
(Master Key)
2007/03//16
23
HSM()
()
2007/03//16
24
HSM
People
Technology
Process
2007/03//16
26
2007/03//16
27
()
2007/03//16
28
()
(Dual Control)
2007/03//16
29
()
()
()
2007/03//16
30
(2)
2007/03//16
31