Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • Shopping Cart
    There are no items in your cart
Please enter a keyword to search
Advanced search
Home
AS
AS 2805.6.4-2001

AS 2805.6.4-2001

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by

Electronic funds transfer - Requirements for interfaces Key management - Session keys - Terminal to acquirer

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Superseded date

24-05-2024

Superseded by

AS 2805.6.4-2006

Published date

01-01-2001

Publisher

Standards Australia

Preview
€65.33
Excluding VAT
EUR
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF 1 User - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20

1 - AS 2805.6.4-2001 ELECTRONIC FUNDS TRANSFER-REQUIREMENTS FOR INTERFACES - KEY MANAGEMENT-SESSION KEYS-TERMINAL TO ACQUIRER
4 - PREFACE
6 - CONTENTS
7 - FOREWORD
8 - 1 SCOPE
8 - 2 APPLICATION
8 - 3 REFERENCED DOCUMENTS
9 - 4 DEFINITIONS
9 - 4.1 Acquirer
9 - 4.2 Acquirer network
9 - 4.3 Amount transaction (AT)
9 - 4.4 Authentication
9 - 4.5 Back tracking
9 - 4.6 Card acceptor
9 - 4.7 Card acceptor identification code
9 - 4.8 Card issuer
9 - 4.9 Cardholder
9 - 4.10 Cipher text
9 - 4.11 Cryptographic key
9 - 4.12 Data Encipherment Algorithm (DEA)
10 - 4.13 Data key (KD)
10 - 4.14 Decipherment
10 - 4.15 Domain master key (KM)
10 - 4.16 Encipherment
10 - 4.17 Encipherment algorithm
10 - 4.18 Identification
10 - 4.19 Initialization card
10 - 4.20 Key
10 - 4.21 Key enciphering key (KEK)
10 - 4.22 Key storage
10 - 4.23 Key verification code (KVC)
10 - 4.24 MAC key (KMAC)
10 - 4.25 Message Authentication Code (MAC)
11 - 4.26 Modulo 2 addition
11 - 4.27 Multiple acquirer PIN pad security number (PPASN)
11 - 4.28 Node
11 - 4.29 Non-reversible transformation
11 - 4.30 One way function (OWF)
11 - 4.31 Other card data (OCD)
11 - 4.32 Personal identification number (PIN)
11 - 4.33 PIN block
11 - 4.34 PIN enciphering key (KPE)
11 - 4.35 PIN pad identification number (PPID)
11 - 4.36 PIN protection key (KPP)
11 - 4.37 Plain text
11 - 4.38 Point of service (POS)
11 - 4.39 POS terminal
11 - 4.40 Primary account number (PAN)
12 - 4.41 Privacy key
12 - 4.42 Request message
12 - 4.43 Response message
12 - 4.44 Security control module (SCM)
12 - 4.45 Session key (KS)
12 - 4.46 Systems trace audit number (STAN)
12 - 4.47 Statistically unique
12 - 4.48 Terminal
12 - 4.49 Terminal cryptographic unit (TCU)
12 - 4.50 Transaction
12 - 5 OVERVIEW
12 - 5.1 General
12 - 5.2 Objectives of scheme
12 - 5.2.1 General
12 - 5.2.2 Back track prevention
13 - 5.2.3 Different keys for each function
13 - 5.3 Key hierarchy and management
13 - 5.4 Proof of end points
13 - 5.5 Initialization
13 - 6 DESCRIPTION OF FUNCTIONAL ELEMENTS
13 - 6.1 One Way Function (OWF)
13 - 6.1.1 General
14 - 6.2 Key verification code (KVC)
14 - 6.2.1 General
14 - 6.2.2 Inputs
14 - 6.2.3 Algorithm
14 - 6.3 PIN pad identification numbers (PPID)
14 - 6.3.1 General
14 - 6.3.2 Acquirer PIN pad security number (PPASN)
14 - 6.4 Terminal KEK update
14 - 6.4.1 General
14 - 6.4.2 Inputs
14 - 6.4.3 Algorithm KEK1 update
15 - 6.4.4 Algorithm KEK2 update
16 - 6.5 Key enciphering key variants (KEKVn)
16 - 6.5.1 General
16 - 6.5.2 Inputs
16 - 6.5.3 Algorithm
16 - 6.6 PIN enciphering key (KPE)
16 - 6.6.1 General
17 - 6.6.2 Inputs
17 - 6.6.3 Algorithm
17 - 7 OPERATION
17 - 7.1 General
18 - 7.2 Initialization
18 - 7.2.1 General
18 - 7.2.2 Security of initialization procedure
18 - 7.2.3 Key establishment in the TCU
19 - 7.2.4 Terminal initialization procedure
19 - 7.2.5 Acquirer initialization procedures
19 - 7.2.6 Key mismatch
19 - 7.3 Key enciphering key change
19 - 7.4 Changing session keys
19 - 7.4.1 General
19 - 7.4.2 Session key set change
19 - 7.4.3 Resynchronization
20 - 7.5 Model for key management
20 - 7.5.1 General
20 - 7.5.2 Sequence of events
20 - 7.5.3 Service primitives
21 - 7.5.4 Responses
22 - 7.5.5 Security related information
22 - 7.5.6 Sequences of primitives
26 - APPENDIX A - NOTATION
26 - A1 SCOPE
26 - A2 OPERATORS
26 - A3 FUNCTIONS
26 - A4 FIELD NAMES
26 - A4.1 Construction
26 - A4.2 Type letter group
27 - A4.3 Usage letter group
27 - A4.4 Qualifying letter group
27 - A4.5 Suffix
27 - A5 FIELD CONTENTS
28 - A6 EXAMPLES
29 - APPENDIX B - GUIDANCE ON UNDERSTANDING THE MODEL FOR KEY MANAGEMENT
29 - B1 INTRODUCTION
29 - B2 PURPOSE OF MODEL
29 - B3 APPLICATION ENTITY
29 - B4 SECURE SERVICES SYSTEMS
30 - AMENDMENT CONTROL SHEET

Specifies key management techniques for keys used in the authentication, encryption and decryption of electronic messages relating to financial transactions using session keys. Includes security interface procedures between terminals and acquirers, methods of interchange of the various enciphering keys used for securing transactions, and ensures that messages can only be authenticated at their correct destination.

Committee
IT-005
DocumentType
Standard
ISBN
0 7337 3728 5
Pages
22
PublisherName
Standards Australia
Status
Superseded
SupersededBy
Supersedes
UnderRevision

This Standard specifies key management techniques for keys used in the authentication, enciphering and deciphering of electronic messages relating to financial transactions using session keys.In particular, this Standard(a) defines security interface procedures between terminals and acquirers;(b) defines methods of interchange of the various enciphering keys used for securing transactions; and(c) ensures that messages can only be authenticated at their correct destination.NOTE: Principles concerning key management and physical security are dealt with in AS 2805.6.1.

First published as AS 2805.6.4-1988.
Second edition 2001.

AS 2805.6.5.1-2000 Electronic funds transfer - Requirements for interfaces Key management - TCU initialization - Principles
AS 2805.6.3-2000 Electronic funds transfer - Requirements for interfaces Key management - Session keys - Node to node (Reconfirmed 2013)
AS 3524-1988 Identification cards - Financial transaction cards
AS 2805.2-2000 Electronic funds transfer - Requirements for interfaces Message structure, format and content
AS 2805.6.1-1988 Electronic funds transfer - Requirements for interfaces Key management - Principles
AS 2805.3-2000 Electronic funds transfer - Requirements for interfaces - PIN management and security
AS 2805.5.4-2000 Electronic funds transfer - Requirements for interfaces Ciphers - Data encipherment algorithm 3 (DEA 3) and related techniques
AS 2805.12.1-1999 Electronic funds transfer - Requirements for interfaces Message content - Structure and format
AS 2805.6.5.2-2000 Electronic funds transfer - Requirements for interfaces Key management - TCU initialization - Symmetric
AS 3523-1988 Identification cards - Numbering system and registration procedure for issuer identifiers
AS 2805.4.1-2001 Electronic funds transfer - Requirements for interfaces Message authentication - Mechanisms using a block cipher (Reconfirmed 2016)
AS 2805.6.5.3-1992 Electronic funds transfer - Requirements for interfaces Key management - TCU initialization - Asymmetric

AS 2805.6.5.3-2004 Electronic funds transfer - Requirements for interfaces Key management - TCU initialization - Asymmetric

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us