{"id":424957,"date":"2024-10-20T06:54:17","date_gmt":"2024-10-20T06:54:17","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-iso-115682023\/"},"modified":"2024-10-26T13:00:04","modified_gmt":"2024-10-26T13:00:04","slug":"bs-iso-115682023","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-iso-115682023\/","title":{"rendered":"BS ISO 11568:2023"},"content":{"rendered":"<h4>PDF Catalog<\/h4>\n<table border=\"1px\" class=\"des-table\">\n<tr>\n<th>PDF Pages<\/th>\n<th>PDF Title<\/th>\n<\/tr>\n<tr>\n<td><b>2<b><\/td>\n<td>National foreword  <\/td>\n<\/tr>\n<tr>\n<td><b>7<b><\/td>\n<td>Foreword  <\/td>\n<\/tr>\n<tr>\n<td><b>8<b><\/td>\n<td>Introduction  <\/td>\n<\/tr>\n<tr>\n<td><b>9<b><\/td>\n<td>1 Scope <br \/> 1.1 General <br \/> 1.2 Scope exclusions <br \/> 2 Normative references  <\/td>\n<\/tr>\n<tr>\n<td><b>10<b><\/td>\n<td>3 Terms and definitions  <\/td>\n<\/tr>\n<tr>\n<td><b>20<b><\/td>\n<td>4 Key management requirements <br \/> 4.1 General <br \/> 4.1.1 Key management strategy <br \/> 4.1.2 Dual control and split knowledge of secret or private keys <br \/> 4.1.3 Permissible key forms  <\/td>\n<\/tr>\n<tr>\n<td><b>22<b><\/td>\n<td>4.1.4 Logging <br \/> 4.1.5 Cryptographic strength  <\/td>\n<\/tr>\n<tr>\n<td><b>23<b><\/td>\n<td>4.1.6 Key locations <br \/> 4.1.7 Single-purpose key usage  <\/td>\n<\/tr>\n<tr>\n<td><b>25<b><\/td>\n<td>4.2 Secure cryptographic device <br \/> 4.2.1 General requirements  <\/td>\n<\/tr>\n<tr>\n<td><b>26<b><\/td>\n<td>4.2.2 Additional SCD requirements for devices used in SKDAT  <\/td>\n<\/tr>\n<tr>\n<td><b>27<b><\/td>\n<td>4.3 Additional CA requirements <br \/> 4.4 Additional RA requirements  <\/td>\n<\/tr>\n<tr>\n<td><b>28<b><\/td>\n<td>4.5 Key blocks <br \/> 4.5.1 Overview of key blocks  <\/td>\n<\/tr>\n<tr>\n<td><b>29<b><\/td>\n<td>4.5.2 Key attributes <br \/> 4.5.3 Integrity of the key block <br \/> 4.5.4 Key and sensitive attributes field  <\/td>\n<\/tr>\n<tr>\n<td><b>30<b><\/td>\n<td>4.6 Key creation <br \/> 4.6.1 Symmetric key creation  <\/td>\n<\/tr>\n<tr>\n<td><b>31<b><\/td>\n<td>4.6.2 Asymmetric key creation <br \/> 4.7 Key component and key share creation  <\/td>\n<\/tr>\n<tr>\n<td><b>32<b><\/td>\n<td>4.8 Check values <br \/> 4.8.1 Introduction <br \/> 4.8.2 Symmetric key check value calculation  <\/td>\n<\/tr>\n<tr>\n<td><b>33<b><\/td>\n<td>4.8.3 Asymmetric key check value calculation <br \/> 4.9 Key distribution <br \/> 4.9.1 Symmetric key distribution  <\/td>\n<\/tr>\n<tr>\n<td><b>36<b><\/td>\n<td>4.9.2 SKDAT asymmetric key distribution  <\/td>\n<\/tr>\n<tr>\n<td><b>38<b><\/td>\n<td>4.10 Key loading <br \/> 4.10.1 General  <\/td>\n<\/tr>\n<tr>\n<td><b>39<b><\/td>\n<td>4.10.2 Loading key components or shares <br \/> 4.11 Key utilization <br \/> 4.11.1 General key utilization requirements  <\/td>\n<\/tr>\n<tr>\n<td><b>40<b><\/td>\n<td>4.11.2 Additional key utilization requirements for SKDAT  <\/td>\n<\/tr>\n<tr>\n<td><b>41<b><\/td>\n<td>4.12 Key storage <br \/> 4.12.1 Cleartext key component and share storage <br \/> 4.12.2 Public key storage <br \/> 4.13 Key replacement  <\/td>\n<\/tr>\n<tr>\n<td><b>42<b><\/td>\n<td>4.14 Key destruction <br \/> 4.14.1 General  <\/td>\n<\/tr>\n<tr>\n<td><b>43<b><\/td>\n<td>4.14.2 Key destruction from an SCD <br \/> 4.14.3 Destruction of a key in cryptogram form <br \/> 4.14.4 Component and share destruction <br \/> 4.15 Key backup  <\/td>\n<\/tr>\n<tr>\n<td><b>44<b><\/td>\n<td>4.16 Key archiving <br \/> 4.17 Key compromise  <\/td>\n<\/tr>\n<tr>\n<td><b>46<b><\/td>\n<td>5 Transaction key management techniques <br \/> 5.1 General <br \/> 5.2 Method: master keys or transaction keys <br \/> 5.3 Derived unique key per transaction <br \/> 5.3.1 General  <\/td>\n<\/tr>\n<tr>\n<td><b>47<b><\/td>\n<td>5.3.2 DUKPT key management  <\/td>\n<\/tr>\n<tr>\n<td><b>49<b><\/td>\n<td>5.3.3 Unique initial keys  <\/td>\n<\/tr>\n<tr>\n<td><b>50<b><\/td>\n<td>5.3.4 AES DUKPT  <\/td>\n<\/tr>\n<tr>\n<td><b>53<b><\/td>\n<td>5.3.5 KSN compatibility mode  <\/td>\n<\/tr>\n<tr>\n<td><b>54<b><\/td>\n<td>5.3.6 Derived key OIDs <br \/> 5.3.7 Keys and key sizes  <\/td>\n<\/tr>\n<tr>\n<td><b>55<b><\/td>\n<td>5.3.8 Helper functions and definitions  <\/td>\n<\/tr>\n<tr>\n<td><b>56<b><\/td>\n<td>5.3.9 Key derivation function algorithm  <\/td>\n<\/tr>\n<tr>\n<td><b>57<b><\/td>\n<td>5.3.10 Derivation data  <\/td>\n<\/tr>\n<tr>\n<td><b>58<b><\/td>\n<td>5.3.11  \u201cCreate Derivation Data\u201d (local subroutine)  <\/td>\n<\/tr>\n<tr>\n<td><b>59<b><\/td>\n<td>5.3.12 Security considerations  <\/td>\n<\/tr>\n<tr>\n<td><b>60<b><\/td>\n<td>5.3.13 Host security module algorithm  <\/td>\n<\/tr>\n<tr>\n<td><b>61<b><\/td>\n<td>5.3.14 General <br \/> 5.3.15 &#8220;Derive Initial Key&#8221;  <\/td>\n<\/tr>\n<tr>\n<td><b>62<b><\/td>\n<td>5.3.16 &#8220;Host Derive Working Key&#8221; <br \/> 5.3.17 Intermediate derivation key derivation data examples  <\/td>\n<\/tr>\n<tr>\n<td><b>63<b><\/td>\n<td>5.3.18 Working key derivation data examples  <\/td>\n<\/tr>\n<tr>\n<td><b>64<b><\/td>\n<td>5.3.19 Transaction-originating device algorithm  <\/td>\n<\/tr>\n<tr>\n<td><b>69<b><\/td>\n<td>5.4 Host-to-host UKPT  <\/td>\n<\/tr>\n<tr>\n<td><b>71<b><\/td>\n<td>Annex A (informative) Key and component check values  <\/td>\n<\/tr>\n<tr>\n<td><b>75<b><\/td>\n<td>Annex B (normative) Split knowledge during transport  <\/td>\n<\/tr>\n<tr>\n<td><b>77<b><\/td>\n<td>Annex C (informative) Trust models and key establishment  <\/td>\n<\/tr>\n<tr>\n<td><b>85<b><\/td>\n<td>Annex D (informative) Symmetric key life cycle  <\/td>\n<\/tr>\n<tr>\n<td><b>87<b><\/td>\n<td>Annex E (informative) Asymmetric key life cycle phases  <\/td>\n<\/tr>\n<tr>\n<td><b>90<b><\/td>\n<td>Annex F (normative) Approved algorithms  <\/td>\n<\/tr>\n<tr>\n<td><b>91<b><\/td>\n<td>Annex G (informative) AES DUKPT pseudocode notation  <\/td>\n<\/tr>\n<tr>\n<td><b>94<b><\/td>\n<td>Annex H (informative) AES DUKPT test vectors  <\/td>\n<\/tr>\n<tr>\n<td><b>95<b><\/td>\n<td>Annex I (informative) TDEA-derived unique key per transaction  <\/td>\n<\/tr>\n<tr>\n<td><b>116<b><\/td>\n<td>Annex J (informative) Roles in payment environment  <\/td>\n<\/tr>\n<tr>\n<td><b>119<b><\/td>\n<td>Annex K (informative) Roles in symmetric key distribution using asymmetric techniques  <\/td>\n<\/tr>\n<tr>\n<td><b>122<b><\/td>\n<td>Bibliography  <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p><b>Financial services. Key management (retail)<\/b><\/p>\n<table class=\"shortdes-table\" style=\"width: 100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>Published By<\/td>\n<td>Publication Date<\/td>\n<td>Number of Pages<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/pdfstandards.shop\/product-category\/publishers\/bsi\/\"><b>BSI<\/b><\/a><\/td>\n<td>2023<\/td>\n<td>124<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":424966,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[696,2641],"product_tag":[],"class_list":{"0":"post-424957","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-35-240-40","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/424957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/424966"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=424957"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=424957"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=424957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}