• Shopping Cart
    There are no items in your cart

BS ISO 11568-4:2007

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by

Banking. Key management (retail) Asymmetric cryptosystems. Key management and life cycle

Available format(s)

Hardcopy , PDF

Superseded date

02-03-2023

Superseded by

BS ISO 11568:2023

Language(s)

English

Published date

31-07-2007

€231.38
Excluding VAT

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Uses of asymmetric cryptosystems in retail financial
  services systems
  4.1 General
  4.2 Establishment and storage of symmetric keys
  4.3 Storage and distribution of asymmetric public keys
  4.4 Storage and transfer of asymmetric private keys
5 Techniques for the provision of key management services
  5.1 Introduction
  5.2 Key encipherment
  5.3 Public key certification
  5.4 Key separation techniques
  5.5 Key verification
  5.6 Key integrity techniques
6 Asymmetric key life cycle
  6.1 Key life cycle phases
  6.2 Key life cycle stages - Generation
  6.3 Key storage
  6.4 Public key distribution
  6.5 Asymmetric key pair transfer
  6.6 Authenticity prior to use
  6.7 Use
  6.8 Public key revocation
  6.9 Replacement
  6.10 Public key expiration
  6.11 Private key destruction
  6.12 Private key deletion
  6.13 Public key archive
  6.14 Private key termination
  6.15 Erasure summary
  6.16 Optional life cycle processes
Annex A (normative) Approved algorithms
Bibliography

Describes techniques for the protection of symmetric and asymmetric cryptographic keys in a retail financial services environment using asymmetric cryptosystems and the life cycle management of the associated asymmetric keys.

Committee
IST/12
DevelopmentNote
Supersedes 95/645153 DC. (03/2007) Supersedes 05/30112566 DC. (07/2007)
DocumentType
Standard
Pages
32
PublisherName
British Standards Institution
Status
Superseded
SupersededBy
Supersedes

This part of ISO11568 specifies techniques for the protection of symmetric and asymmetric cryptographic keys in a retail financial services environment using asymmetric cryptosystems and the life cycle management of the associated asymmetric keys. The techniques described in this part of ISO11568 enable compliance with the principles described in ISO11568-1. For the purposes of this document, the retail financial services environment is restricted to the interface between:

  • a card-accepting device and an acquirer;

  • an acquirer and a card issuer;

  • an ICC and a card-accepting device.

Standards Relationship
ISO 11568-4:2007 Identical

ANSI X9.30.1 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY - PART 1: THE DIGITAL SIGNATURE ALGORITHM (DSA)
ISO 15782-1:2009 Certificate management for financial services Part 1: Public key certificates
ANSI X9.57 : 1997 PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES INDUSTRY: CERTIFICATE MANAGEMENT
ISO/IEC 18032:2005 Information technology Security techniques Prime number generation
ISO/IEC 14888-3:2016 Information technology — Security techniques — Digital signatures with appendix — Part 3: Discrete logarithm based mechanisms
ISO 11568-2:2012 Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle
ISO/IEC 11770-2:2008 Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques
ISO 13491-2:2017 Financial services — Secure cryptographic devices (retail) — Part 2: Security compliance checklists for devices used in financial transactions
ISO/IEC 18033-2:2006 Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers
ISO/IEC 18033-3:2010 Information technology Security techniques Encryption algorithms Part 3: Block ciphers
ISO/IEC 9796-3:2006 Information technology — Security techniques — Digital signature schemes giving message recovery — Part 3: Discrete logarithm based mechanisms
ISO 13491-1:2016 Financial services — Secure cryptographic devices (retail) — Part 1: Concepts, requirements and evaluation methods
ISO 16609:2012 Financial services — Requirements for message authentication using symmetric techniques
ISO 9807:1991 Banking and related financial services Requirements for message authentication (retail)
ISO 9564-1:2017 Financial services — Personal Identification Number (PIN) management and security — Part 1: Basic principles and requirements for PINs in card-based systems
ISO 11568-1:2005 Banking — Key management (retail) — Part 1: Principles
ISO/IEC 9796-2:2010 Information technology Security techniques Digital signature schemes giving message recovery Part 2: Integer factorization based mechanisms
ISO/IEC 9797-1:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 1: Mechanisms using a block cipher
ISO/IEC 15946-3:2002 Information technology Security techniques Cryptographic techniques based on elliptic curves Part 3: Key establishment
ISO 21188:2006 Public key infrastructure for financial services Practices and policy framework
ISO/IEC 9797-2:2011 Information technology Security techniques Message Authentication Codes (MACs) Part 2: Mechanisms using a dedicated hash-function
AS 2805.5.3-2004 Electronic funds transfer - Requirements for interfaces - Ciphers Data encipherment algorithm 2 (DEA 2)
ISO/IEC 10116:2017 Information technology — Security techniques — Modes of operation for an n-bit block cipher
ISO/IEC 11770-1:2010 Information technology Security techniques Key management Part 1: Framework
ANSI X9.42 : 2003(R2013) PUBLIC KEY CRYPTOGRAPHY FOR THE FINANCIAL SERVICES: AGREEMENT OF SYMMETRIC KEYS USING DISCRETE LOGARITHM CRYPTOGRAPHY
ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.