DEP Key Entry Guide · 2020. 12. 21. · DEP Key Entry Guide (04.02) Classification: Public....

Version: 04.02 Classification: Public

Haachtsesteenweg 1442 1130 Brussels Belgium

DEP Key Entry Guide

DEP Documentation

Atos Worldline - Technology & Products / Engineering / DEP Page: 2/67 DEP Key Entry Guide (04.02) Classification: Public Version Management Report Version Name(s) Date Comments 03.00 H. Colbrant 29/04/2003 Initial document 03.01 F. Demaertelaere 08/08/2003 Update layout 03.02 EGS Technical Writer 18/01/2010 Key reconstruction in DEP description

added for ENC2, XOR2, and XOR3 methods and instructions added. Diagrams changed and added to be compatible for key reconstruction in CZD (version 3.x and above) for all key entry methods.

03.03 EGS Technical Writer 07/05/2010 Additional updates related to instructions and diagrams related to key reconstruction in DEP and CZD.

03.04 David Lheureux 18/06/2010 Review before publishing. 04.00 Anna Papayan 21/04/2011 Minor changes. RSA entry “02” is no

more supported. 04.01 Anna Papayan 27/05/2011 Add Supplied CV and KBR conflict

error troubleshooting. 04.02 Anna Papayan 08/06/2011 Add Key Def and KBR mismatch error

COPYRIGHT NOTICE The information contained in this document is subject to change without notice. Atos Worldline assumes no responsibility for any errors or omissions that may appear in this document. The contents of this document must not be reproduced in any form whatsoever, by or on behalf of third parties, without prior written consent of Atos Worldline.

Atos Worldline - Technology & Products / Engineering / DEP Page: 3/67 DEP Key Entry Guide (04.02) Classification: Public

TABLE OF CONTENTS

TABLE OF CONTENTS ............................................................................................ 3

1. SCOPE OF THE DOCUMENT ......................................................................... 6

1.1. REFERENCES ................................................................................................... 6 1.2. CONTACTING ATOS WORLDLINE ............................................................... 6

2. KEY ENTRY GUIDELINES .............................................................................. 7

2.1. PRINCIPLES ..................................................................................................... 7 2.1.1. Key Reconstruction Methods ................................................................. 7

2.1.1.1. Key Reconstruction in CZD .................................................................................... 7 2.1.1.1.1. The key parts and key sub-parts ......................................................................... 7 2.1.1.1.2. Examples ............................................................................................................ 8

2.1.1.1.2.1. Example 1 .................................................................................................. 8 2.1.1.1.2.2. Example 2 .................................................................................................. 9

2.1.1.2. Key Reconstruction in DEP .................................................................................... 9 2.1.1.2.1. Example ........................................................................................................... 10

2.1.2. The Check Value Levels ....................................................................... 10 2.1.2.1. Standard Check Value Method ............................................................................. 11 2.1.2.2. Additional Remarks .............................................................................................. 11 2.1.2.3. Examples for Key Reconstruction in CZD ............................................................ 12

2.1.2.3.1.1. Example 1 ................................................................................................ 12 2.1.2.3.1.2. Example 2 ................................................................................................ 13 2.1.2.3.1.3. Example 3 ................................................................................................ 14 2.1.2.3.1.4. Example 4 ................................................................................................ 15 2.1.2.3.1.5. Example 5 ................................................................................................ 16

2.1.2.4. Examples for Key Reconstruction in DEP ............................................................ 17 2.1.2.4.1. Example 1 ........................................................................................................ 17 2.1.2.4.2. Example 2 ........................................................................................................ 18 2.1.2.4.3. Example 3 ........................................................................................................ 18

2.2. THE KEY ENTRY (CZD) ................................................................................ 19 2.2.1. The Entry Modes .................................................................................. 19 2.2.2. RAND Entry Mode (00) ........................................................................ 20

2.2.2.1. C-ZAM/DEP Instructions for Key Generation in CZD ......................................... 20 2.2.3. DEF Entry Mode (02) .......................................................................... 20

2.2.3.1. Key Composition .................................................................................................. 20 2.2.3.2. Important Note ...................................................................................................... 21 2.2.3.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 21

2.2.3.3.1. Step one ........................................................................................................... 21 2.2.3.3.2. Step two ........................................................................................................... 22 2.2.3.3.3. Step three ......................................................................................................... 22

2.2.4. XOR2 Entry Mode (05) ........................................................................ 23 2.2.4.1. Key Composition .................................................................................................. 23

2.2.4.1.1. Key Reconstruction in CZD ............................................................................. 23 2.2.4.1.2. Key Reconstruction in DEP ............................................................................. 24

2.2.4.2. CZAM/DEP Instructions for Key Reconstruction in DEP .................................... 25 2.2.4.2.1. Step one ........................................................................................................... 25 2.2.4.2.2. Step two ........................................................................................................... 25 2.2.4.2.3. Step three ......................................................................................................... 25 2.2.4.2.4. Advice .............................................................................................................. 25

2.2.4.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 26 2.2.4.3.1. Step one ........................................................................................................... 26


2.2.4.3.2. Step two ........................................................................................................... 26 2.2.4.3.3. Step three ......................................................................................................... 27

2.2.5. XOR3 Entry Mode (06) ........................................................................ 28 2.2.5.1. Key Composition .................................................................................................. 28


2.2.5.2. CZAM/DEP Instructions for Key Reconstruction in DEP .................................... 30 2.2.5.2.1. Advice .............................................................................................................. 31

2.2.5.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 31 2.2.5.3.1. Step one ........................................................................................................... 31 2.2.5.3.2. Step two ........................................................................................................... 32 2.2.5.3.3. Step three ......................................................................................................... 32

2.2.6. ENC2 Entry Mode (0A) ........................................................................ 34 2.2.6.1. Key Composition .................................................................................................. 35


2.2.6.2. C-ZAM/DEP Instructions for Key Reconstruction in DEP ................................... 37 2.2.6.2.1. Advice .............................................................................................................. 37

2.2.6.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 38 2.2.6.3.1. Preliminary ....................................................................................................... 38 2.2.6.3.2. Step one ........................................................................................................... 38 2.2.6.3.3. Step two ........................................................................................................... 38 2.2.6.3.4. Step three ......................................................................................................... 38

2.2.7. XR2A Entry Mode (07) ......................................................................... 39 2.2.7.1. Key Composition .................................................................................................. 40 2.2.7.2. Advice ................................................................................................................... 40 2.2.7.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 40


2.2.8. XR3A Entry Mode (08) ......................................................................... 43 2.2.8.1. Key Composition .................................................................................................. 43 2.2.8.2. Advice ................................................................................................................... 44 2.2.8.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 44


2.2.9. ENC Entry Mode (04) .......................................................................... 47 2.2.9.1. Key Composition .................................................................................................. 48 2.2.9.2. Advice ................................................................................................................... 48 2.2.9.1. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 48


2.2.10. DX3 Entry Mode (09) ........................................................................... 50 2.2.10.1. Key Composition .................................................................................................. 51 2.2.10.2. Advice ................................................................................................................... 52 2.2.10.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 53

2.2.10.3.1. Step one ......................................................................................................... 53 2.2.10.3.2. Step two ......................................................................................................... 54 2.2.10.3.3. Step three ....................................................................................................... 54

2.2.11. POOL Entry Mode (03) ........................................................................ 57 2.2.11.1. Key Composition .................................................................................................. 57 2.2.11.2. Advice ................................................................................................................... 58 2.2.11.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 58

2.2.11.3.1. Step one ......................................................................................................... 58 2.2.11.3.2. Step two ......................................................................................................... 60


2.2.11.3.3. Step three ....................................................................................................... 60 2.2.12. DS2 BACKUP Entry Mode (01) ........................................................... 61

2.2.12.1. C-ZAM/DEP Instructions for Key Reconstruction in CZD .................................. 62 2.3. CHECK VALUE ALGORITHMS ........................................................................ 62

2.3.1. CV NORM ............................................................................................ 62 2.3.1.1. CV NORM for DES Keys ..................................................................................... 62 2.3.1.2. CV NORM for AES Keys ..................................................................................... 62

2.3.2. CV FULL .............................................................................................. 63 2.3.3. ISO-10118-2 ......................................................................................... 64

3. TROUBLESHOOTING .................................................................................... 65

3.1. SUPPLIED CV AND KBR CONFLICT ............................................................... 65 3.2. KEY DEF AND KBR MISMATCH ..................................................................... 66


1. SCOPE OF THE DOCUMENT

There are different methods to introduce encryption keys in the C-ZAM/DEP: clear key introduction, XORed key introduction, encrypted key introduction, etc. Key introduction can be protected by several levels of check values. This document describes how the Security Officer can introduce the secret keys in the C-ZAM/DEP and DEP Crypto Module.

1.1. REFERENCES

This document contains references to other documents about the DEP. This paragraph gives a list of all the documents referred to.

• DEP PC-AUX Program User Manual • DEP C-ZAM/DEP User Manual • DEP Key Backup Conversion Guide

There are no references made to the following documents, but they could be useful to understand this document.

• DEP Introduction to DEP • DEP General Architecture • DEP Glossary

1.2. CONTACTING ATOS WORLDLINE

You can visit Atos Worldline on the World Wide Web to find out about new products and about various other fields of interest. URL: www.atosworldline.com. For the documentation visit http://www.banksys.com web page. For support on issues related to DEP, customers, partners, resellers, and distributors can send an email to the DEP Hotline: mailto:[email protected].

http://www.atosworldline.com/�

http://www.banksys.com/�

mailto:[email protected]�


2. KEY ENTRY GUIDELINES

2.1. PRINCIPLES

2.1.1. Key Reconstruction Methods

There are two key reconstruction methods available: key reconstruction in C-ZAM/DEP (CZD) and key reconstruction in DEP Crypto Module. In case of key reconstruction in C-ZAM/DEP, the key component divided into key sub-parts, the security officers enter only a part of their keys at a time and then check values are performed on those parts and then they resume entering the next part of their keys and so on. In case of the key reconstruction in CZD, key is reconstructed and stored in C-ZAM/DEP’s memory. Using the DEP key reconstruction method, each security officer enters his own whole key component and Check Value and then key components are reconstructing by the DEP to produce the entire key. This greatly simplifies the security officer’s tasks and shortens the key reconstruction process and is more secure method of reconstructing the key. The reconstructed key is stored in DEP Crypto Module. The user should also be aware that the key reconstruction in DEP uses different menu items in the C-ZAM/DEP device than the menu items for key reconstruction in the CZD. Currently in DEP, the keys can only be reconstructed using the XOR2, XOR3 and ENC2 key entry methods.

2.1.1.1. Key Reconstruction in CZD

2.1.1.1.1.

An important principle in the method of creating keys in the C-ZAM/DEP is that each key is created by blocks of eight bytes, called key parts. A single-length DES is made up of one key part; a double-length DES of two key-parts, etc. A key part is never introduced but is created in the C-ZAM/DEP from the key sub-parts entered by the Security Officers.

The key parts and key sub-parts

A key part can be divided into several key sub-parts, required to create the key part. In contrast to the key part, a key sub-part is introduced in the C-ZAM/DEP. A key sub-part can correspond to:

• a value needed to construct the key itself; • a value needed to construct a transport key used to decrypt a key.

The creation of a key part is done in a vertical way, meaning that the horizontal key parts are created from their vertical key sub-parts. In the paragraph 2.1.1.1.2.2 on page 9

Atos Worldline - Technology & Products / Engineering / DEP Page: 8/67 DEP Key Entry Guide (04.02) Classification: Public (example 2), key part 1 is first created from all its sub-parts (key sub-part 1/9…3/9), then key part 2, … Remark: The number in the upper left corner of the boxes indicates the sequence of the key entry.

2.1.1.1.2.

2.1.1.1.2.1. Example 1

Examples

In this example, a single-length DES key is created in the XOR3 entry mode. The first Security Officer introduces key sub-part 1/3, an eight bytes block. Then, the second Security Officer introduces key sub-part 2/3. Finally, the third Security Officer introduces key sub-part 3/3. When the last key sub-part is introduced, the three key sub-parts are XORed in the C-ZAM/DEP to produce key part 1. Notice that, in this case:

• a key sub-part (key sub-part 1/3…3/3) corresponds to the totality of a Security Officer’s key;

• the key part created (key part 1) corresponds to complete key created in the C-ZAM/DEP

1st 8 bytes creation

Secu

rity

Offi

cer's

key

2C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys

key part 1

key sub-part 1/31

XOR

XOR3

key sub-part 2/3

key sub-part 3/3

2

3

Secu

rity

Offi

cer's

key

3Se

curit

y O

ffice

r'ske

y 1


2.1.1.1.2.2. Example 2

In this example, a triple-length DES key is created in the XOR3 entry mode. The same procedure as in the previous example is now applied three times. The three Security Officers successively introduce the first eight bytes block of their horizontal key (key sub-part 1/9 … 3/9). Once these three key sub-parts are introduced, a key part (key part 1) is created in the C-ZAM/DEP. Then, the Security Officers proceed in the same way for the second and for the third eight bytes blocks of their horizontal key. This example demonstrates that the vertical creation of a key implies that the Security Officers possessing a horizontal key, can never introduce all their key sub-parts in only once.


C-Z

AM

DEP

'ske

y

vertical

keys

horizontal keys

2nd 8 bytes creation 3th 8 bytes creation

key part 1 key part 2 key part 3

key sub-part 1/91

key sub-part 4/94

key sub-part 7/97

XOR

XOR3

key sub-part 2/9 key sub-part 5/9 key sub-part 8/9


2 85

3 6 6

Secu

rity

Offi

cer's

key

2

Secu

rity

Offi

cer's

key

3Se

curit

y O

ffice

r'ske

y 1

2.1.1.2. Key Reconstruction in DEP

Whereas in the C-ZAM/DEP key reconstruction method of each key is created by blocks of eight bytes, called key parts, the DEP key reconstruction method differs mainly in that each key component is entered in one complete block instead of sub-blocks of 8 bytes. In other words, key components are not

The Key reconstruction in DEP is available for the following key entry modes:

divided into key sub-parts. This greatly simplifies the key-entry process without compromising security standards.

• XOR2 • XOR3 • ENC2


2.1.1.2.1.

XOR3 key reconstruction in DEP

Example

Key Component 1/3Se

curi

ty O

ffic

er's

key

1D

EP

key

vertical

keys

2 CV 2 (security officer’s key1)

XOR3 DEP

Secu

rity

Off

icer

'ske

y 2


7 CV DEP Key

XOR

Secu

rity

Off

icer

'ske

y 3


1

Key Component 2/3

Key Component 3/3

3

5

Key

Full block creation AES 128, 192, 256 bit or single DES, double DES, triple DES

As can be seen in the diagram above, there are no key sub-parts, but each security officer enters his key component in one block. Each key component is introduced separately in the DEP. When the DEP has received all necessary components, the key is reconstructed and stored in the DEP key table.

2.1.2. The Check Value Levels

A check value level represents a stage in the key entry process after which a check value must be introduced. There are three check value levels:

• A check value defined at the CV1 level is introduced after the introduction of every key sub-part. Note that for key reconstruction in DEP CV1 level does not exist.

• A check value defined at the CV2 level is introduced after the introduction of a

complete Security Officer’s key (the last key sub-part of each Security Officer’s key).

• A check value defined at the CV3 level is introduced in last position, after the

introduction of the last key sub-part of the last Security Officer’s key.


At the three check value levels, the values on which a check value can be computed are:

• a key sub-part (key sub-part x/x on the schemes); • a key part (key part x on the schemes); • the Security Officer’s key (Security Officer’s key 1, Security Officer’s key 2,

Security Officer’s key 3 on the schemes); • the final key (C-ZAMDEP’s key or the DEP key on the schemes).

2.1.2.1.Standard Check Value Method

Although there are some variants depending on the key entry mode, the standard

calculation of check values is defined as:

• CV1: check value calculated on every key sub-part, • CV2: check value calculated on every Security Officer’s key, • CV3: check value calculated on the created C-ZAM/DEP or DEP key.

2.1.2.2. Additional Remarks

When using check values, the following remarks should be considered:

• When several check values must be introduced consecutively (see paragraph 2.1.2.3.1.1 on page 12), the priority is always given to the check values at CV1 level, then at CV2 level, finally at CV3 level.

• The check values levels are defined in the Key Definition Lists. Every level can

have a different check value (NONE, NORM, FULL, ISO10118). For more information see paragraph 2.3 on page 62.

1st 8 bytes creation Se

curit

y O

ffice

r's

key

1 C

-

key

v e r t i c a l k e y s

horizontal keys

2nd 8 bytes creation 3rd 8 bytes creation


2 CV1 level

key sub-part 1/6 1

6 CV1 level

key sub-part 3/6 5

10 CV1 level

key sub-part 5/6 9

11 CV2 level

15 CV3 level

4 CV1 level 8 CV1 level 13 CV1 level

XOR

XOR2

Secu

rity

Offi

cer's

ke

y 2

14 CV2 level

key sub-part 2/6 3

key sub-part 4/6 7

key sub-part 6/6 12


• The three check value levels are optional and can be defined as NONE in the

DEP PC-AUX Program. They are then skipped during the key creation.

• As soon as a check value is refused, the correct check value is displayed, all the key parts created are deleted and all the procedure must be restarted as from the introduction of the first key sub-part.

• In key reconstruction in CZD, a key is definitively stored in the C-ZAM/DEP’s

memory after the introduction of the last check value at the highest level. For instance, if a check value was defined at CV1 and CV2 levels but not at CV3 level, the key will be stored in C-ZAM/DEP’s memory after the correct introduction of the check value at the last position (position 8 in the example described in paragraph 2.1.2.3.1.5 on page 16).

• In key reconstruction in DEP, CV2 is for the key components and CV3 is for the

reconstructed key.

• For the key reconstruction in DEP, the C-ZAM/DEP is only used as key entry device. No information is stored on it. The C-ZAM/DEP communicates directly with the DEP, the DEP receives the CV, verifies it and sends a status message to the C-ZAM/DEP.

2.1.2.3. Examples for Key Reconstruction in CZD

In the following examples, the boxes indicating that a check value must be introduced CV(…) have the same gray value as the boxes indicating the value on which the check value is computed. Remark that for every entry mode, a dedicated procedure is described in paragraph 2.2 on page 19.

2.1.2.3.1.1. Example 1

In this theoretical example, the Security Officers introduce consecutively their one key sub-part, a check value at CV1 level (computed on key sub-part 1…3) and a check value at CV2 level (computed on Security Officer’s key 1…3). A check value at CV3 level (computed on C-ZAM/DEP key) is finally required in position 10.



Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys

key part 1

CV(1/3)

key sub-part 1/31

2

CV(Security Officer's key 1)3

CV(C-ZAMDEP's key)10

CV(2/3)5

XOR

XOR3

CV(3/3)8

key sub-part 2/3

key sub-part 3/3

4

7

CV2 levelcomputed on



Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3





CV(Security Officer's key 2)


6

2.1.2.3.1.2. Example 2

In this example, a check value at CV1 level is computed on each key sub-part (key sub-part 1/9…9/9). The first check value at CV2 level (computed on Security Officer’s key 1) is introduced in fifteenth position, when the Security Officer finishes introducing the last key sub-part of his horizontal key. Finally, the check value at CV3 level is computed on C-ZAM/DEP key in position 22. Notice that the introduction of the last key sub-part (position 19) is followed by the introduction of three check values! The logic of the sequence of the introduction (described in paragraph 2.1.2 on page 10) must be interpreted as: “A key sub-part was introduced, so a check value at CV1 level must be entered; the key sub-part being the last eight bytes block of a Security Officer’s key, a check value at CV2 level must be typed; the key sub-part is moreover the last key sub-part of the last Security Officer’s key, which implies that a CV3 level check value is needed”.


1 st 8 bytes creation

Secu

rity

Offi

cer's

key

1C-

ZAM

/DEP

'ske

yvertical

keys

horizontal keys

2 nd 8 bytes creation 3 th 8 bytes creation


2 CV( key sub- part 1/9)

key sub- part 1/91


key sub- part 4/97


key sub- part 7/913

15 CV( Security Officer' s key 1)

22 CV(C- ZAM/DEP' s key)

4 CV( key sub- part 2/9) 10 CVkey sub- part (5/9) 17 CV( key sub- part 8/9)

XOR

XOR3

6 CV( key sub- part 3/9) 12 CV( key sub- part 6/9) 20 CVkey sub- part (9/9)

key sub- part 2/9 key sub- part 5/9 key sub- part 8/9

key sub- part 3/9 key sub- part 6/9 key sub- part 9/9

3 169

5 11 19

Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3



2.1.2.3.1.3. Example 3

In this example, only the check value at CV2 level (computed on Security Officer’s key 1…3) was defined in the Key Definition List.



C-Z

AM

/DEP

'ske

y

vertical

keys

horizontal keys



key sub-part 1/91

key sub-part 4/94

key sub-part 7/97

XOR

XOR3



2 95

3 6 11

Secu

rity

Offi

cer's

Key

3CV(Security Officer's key 1)8



Secu

rity

Offi

cer's

Key

2Se

curit

y O

ffice

r'sK

ey 1

2.1.2.3.1.4. Example 4

This example intends to demonstrate that a check value defined at a level must be introduced at a stage in the key entry process but can be computed on a different value according to the key entry mode (see paragraph 2.2 on page 19). After having read this example, compare with the Example 1, for each check value level, the values (the keys) on which the check values are computed. A check value at CV1 level was defined in the Key Definition List but notice, that for the key sub-part TK key sub-part 1/2 (the transport key) no check value is required. This characteristic is specific for this key entry mode. After the introduction of ENC key sub-part 2/2 (the encrypted key), three check values must be introduced. In position 3, a check value at CV1 level is computed on the key part created key part 1; in position 4, a check value at CV2 level is computed on C-ZAM/DEP key; in position 5, a check value at CV3 level is finally also computed on C-ZAM/DEP key. If the values on which the check values at CV2 and CV3 levels will be computed are the same, do not forget that the check value algorithm can differ (see paragraph 2.1.2 on page 10).



Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys

key part 1

CV(key part 1)

2

3

ENC

DEC

DES

TK key sub-part 1/21

CV(C-ZAM/DEP's key)

CV(C-ZAM/DEP's key)5

ENC key sub-part 2/22

Secu

rity

Offi

cer's

key

2

4




2.1.2.3.1.5.Example 5

In this example, only the check values at CV2 level (computed on Security Officer’s key 1…3) and CV3 (computed on the C-ZAM/DEP key) were defined in the Key Definition List.



C-Z

AM

/DEP

'ske

yvertical

keys

horizontal keys

2nd 8 bytes creation 3rd 8 bytes creation


key sub-part 1/61

key sub-part 3/63

key sub-part 5/65

XOR

XOR2

key sub-part 2/6 key sub-part 4/6 key sub-part 6/62 74



Secu

rity

Offi

cer's

Key

2Se

curit

y O

ffice

r'sK

ey 1


2.1.2.4. Examples for Key Reconstruction in DEP

2.1.2.4.1.

This is the example of Triple DES XOR 2 with the check values at CV2 level (computed on Security Officer’s key 1and 2) and CV3 (computed on the DEP key) were defined in the Key Definition List.

Example 1

Key Component 1/2

Secu

rity

Off

icer

'ske

y 1

DE

Pke

y

vertical

keys


XOR2 DEP

Secu

rity

Off

icer

'ske

y 2


5 CV DEP Key

XOR

1

Key Component 2/23

Key


2.1.2.4.2.

This is the example of AES 256 bits with the check values at CV2 level (computed on Security Officer’s key 1 and 2) and CV3 (computed on the DEP key) were defined in the Key Definition List.

Example 2

Key Component 1/3Se

curi

ty O

ffic

er's

key

1D

EP

key

vertical

keys


XOR3 DEP

Secu

rity

Off

icer

'ske

y 2


7 CV DEP Key

XOR

Secu

rity

Off

icer

'ske

y 3


1

Key Component 2/3

Key Component 3/3

3

5

Key

2.1.2.4.3.

This is the example of Triple DES ENC2, with the check values at CV2 level (computed on Security Officer’s key 1) and CV3 (computed on the DEP key) were defined in the Key Definition List.

Example 3


DED

DES

Total block creationvertical

keys

horizontal keys

Sec

urity

Off

icer

'ske

y 1

2 CV 2 (security officers key )

ENC2

DE

P's

key

key key

CV(DEP's key)4

ENC key 1

transport key

tran

spor

tD

EP

's k

ey

CV(DEP's key)3

2.2. THE KEY ENTRY (CZD)

The following sections intend to explain how to create a C-ZAM/DEP key by illustrating every existing key entry mode. All the examples are based on triple-length DES. They can be applied from single-length DES to ten-length DES. For the XOR2, XOR3, and ENC2 entry modes, the key reconstruction in DEP is also explained.

2.2.1. The Entry Modes

To take advantage of the key entry management, you have to work with the DEP PC-AUX program from version 3.1 or above and to use the new Key Definition List format (see DEP PC-AUX Program User Manual). You also have to work with a C-ZAM/DEP from version 3.x. Two hexadecimal characters identify each key entry mode. The identifier of the entry mode specifies if the key is:

• randomly generated; • imported from a DS2 Key Backup file; • manually introduced.

For accessing the CREATE KEY menu in the C-ZAM/DEP, see the DEP C-ZAM/DEP User Manual.

Atos Worldline - Technology & Products / Engineering / DEP Page: 20/67 DEP Key Entry Guide (04.02) Classification: Public Keep in mind that the schemes in the paragraphs below have the following properties:

• the sequence of the key introduction is displayed in the upper left corner of every box

• the gray scale of every check value box is the same as the gray scale of the key box on which the check value is calculated

2.2.2. RAND Entry Mode (00)

The RAND entry mode generates randomly a key in the C-ZAM/DEP. No check value can be defined. The value of the key is never shown on the display. This makes it possible to generate full random keys and store them on DCC with a dedicated secret sharing so that nobody knows the clear value of the key. The key generation in DEP is also possible and it is explained in the C-ZAM/DEP user manual.

2.2.2.1. C-ZAM/DEP Instructions for Key Generation in CZD

The key creation takes several seconds and is followed by a message warning that the key creation is done.

2.2.3. DEF Entry Mode (02)

The DEF entry mode is used for introducing a key in clear text in the C-ZAM/DEP. Remember that this is not a very secure way of introducing keys and it is no more supported for the RSA keys. The standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied.

2.2.3.1. Key Composition

A triple-length DEF key consists of one horizontal key (Security Officer’s key 1) of 24 bytes introduced by blocks of eight bytes (key sub-part 1/3…3/3). The key sub-parts introduced in clear are identical to the key parts created in the C-ZAM/DEP



Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys



2 CV(key sub-part 1/3)

key sub-part 1/31


key sub-part 2/33


key sub-part 3/35

7 CV(Security Officer's key 1)

8 CV(C-ZAM/DEP's key)

DEF

2.2.3.2. Important Note

Because this entry mode works with clear keys, it is highly recommended to avoid using this key entry mode in a live DEP Environment to enter keys. But when applying this key entry method, use only the CVs at the first level to avoid complexity. Nevertheless, use this key entry method for introducing “passwords” in the DEP Crypto Module.

2.2.3.3. C-ZAM/DEP Instructions for Key Reconstruction in CZD

2.2.3.3.1.

Enter the first key sub-part (key sub-part 1/3) and its check value at CV1 level computed on the value introduced. If the check value is correct, key part 1 is created.

Step one


2.2.3.3.2.

Enter the second key sub-part (key sub-part 2/3) and its check value at CV1 level computed on the value introduced. If the check value is correct, key part 2 is created.

Step two

2.2.3.3.3.

Enter the third key sub-part (key sub-part 3/3) and its check value at CV1 level computed on the value introduced. If the check value is correct, key part 3 is created.

Step three

Enter finally the check values at CV2 and CV3 levels:

• CHECK VALUE KEY 1 is the check value at CV2 level computed on Security Officer’s key 1.


• CHECK VALUE CZD KEY is the check value at CV3 level computed on C-ZAM/DEP key.

2.2.4. XOR2 Entry Mode (05)

The XOR2 entry mode performs an XOR operation with the two Security Officer’s keys introduced in the C-ZAM/DEP in order to create the C-ZAM/DEP key. The standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied. This mode is supported for both key reconstruction in DEP and key reconstruction in CZD


2.2.4.1.1.

A triple-length DES XOR2 key consists of two keys (Security Officer’s key 1…2) of 24 bytes introduced successively by blocks of eight bytes (key sub-part 1/6…6/6). Every time two key sub-parts were introduced, they are XORed to create a key part (key part 1…3). The three key parts give the final C-ZAM/DEP key.

Key Reconstruction in CZD



Secu

rity

Offi

cer's

key

1C

-ZA

MD

EP's

key

vertical

keys

horizontal keys




key sub-part 1/61


key sub-part 3/65


key sub-part 5/69




key sub-part 2/63


key sub-part 4/67


key sub-part 6/612

XOR

XOR2

Secu

rity

Offi

cer's

key

2


2.2.4.1.2.

In the DEP key reconstruction method, there are no security officer key sub parts, but each security officer enters his own whole key component and then the two key components are XORed together by the DEP to produce the entire key.

Key Reconstruction in DEP

Key Component 1/2

Secu

rity

Off

icer

'ske

y 1

DE

Pke

y

vertical

keys


XOR2 DEP

Secu

rity

Off

icer

'ske

y 2


5 CV DEP Key

XOR

1

Key Component 2/23

Key


2.2.4.2. CZAM/DEP Instructions for Key Reconstruction in DEP

For instructions on how to perform the procedure on the C-ZAM/DEP for key reconstruction in DEP, refer to section 7.2.3 in the C-ZAM/DEP User Manual.

2.2.4.2.1.

Security Officer1 enters his Key Component.

Step one

2.2.4.2.2.

Next the security officer1 enters the check value for his key component.

Step two

2.2.4.2.3.

CV3 is done in DEP on the computed key.

Step three

Then Security Officer2 repeats the above steps

2.2.4.2.4.

Use rather the CVs on the Security Officers’ keys to avoid too much complexity during the introduction process.

Advice



2.2.4.3.1.

Enter the two first key sub-parts (key sub-part 1/6…2/6) and their check value at CV1 level computed on the values introduced. If the check values introduction succeeds, key part 1 is created.

Step one

2.2.4.3.2.

Repeat Step one until position 8. If the check values introduction succeeds, key part 2 is created.

Step two


2.2.4.3.3.

key sub-part 5/6 is followed by a check value at CV1 level and by a check value at CV2 level computed on Security Officer key 1.

Step three

Enter the key sub-part 5/6 and the CV1.

Enter the check value on the Security Officer’s key 1 (CHECK VALUE KEY 1).

Finally, key sub-part 6/6 is followed by a check value at CV1 level and by a check value at CV2 level computed on Security Officer’s key 2 and by the check value at CV3 level computed on the created C-ZAM/DEP key. Enter the key sub-part 6/6 and the CV1.


Enter the CHECK VALUE KEY 2 (CV2), computed on Security Officer’s key 2.

Finally, enter the CHECK VALUE CZD KEY** at CV3 level computed on C-ZAM/DEP key.

If the check values introduction succeeds, C-ZAM/DEP key is definitively stored in the C-ZAM/DEP’s memory.

2.2.5. XOR3 Entry Mode (06)

The XOR3 entry mode performs an XOR operation with the three Security Officer’s keys introduced in the C-ZAM/DEP in order to create the C-ZAM/DEP key. The standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied. This mode is supported for both key reconstruction in C-ZAM/DEP and for key reconstruction in DEP Crypto Module.


2.2.5.1.1.

A triple-length DES XOR3 key consists of three keys (Security Officer’s key 1…3) of 24 bytes introduced successively by blocks of eight bytes (key sub-part 1/9…9/9). Every time


Atos Worldline - Technology & Products / Engineering / DEP Page: 29/67 DEP Key Entry Guide (04.02) Classification: Public three key sub-parts were introduced, they are XORed to create a key part (key part 1…3). The three key parts give the final C-ZAM/DEP.


Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys




key sub-part 1/91


key sub-part 4/97


key sub-part 7/913



4 CV(key sub-part 2/9) 10 CVkey sub-part (5/9) 17 CV(key sub-part 8/9)

XOR

XOR3

6 CV(key sub-part 3/9) 12 CV(key sub-part 6/9) 20 CVkey sub-part (9/9)



3 169

5 11 19

Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3



2.2.5.1.2.

The DEP Key reconstruction for the XOR3 method is described in the diagram below.



Key Component 1/3

Secu

rity

Off

icer

'ske

y 1

DE

Pke

y

vertical

keys


XOR3 DEP

Secu

rity

Off

icer

'ske

y 2


7 CV DEP Key

Total block creation (AES 128 bit, 192 bit, 256 bit, and triple DES )

XOR

Secu

rity

Off

icer

'ske

y 3


1

Key Component 2/3

Key Component 3/3

3

5

Key

2.2.5.2.CZAM/DEP Instructions for Key Reconstruction in DEP

See key entry instructions in the section above for XOR2 key entry method. The difference is there are 3 Security officers instead of 2.


2.2.5.2.1.

Use rather the CVs on the Security Officers’ keys to avoid too much complexity during the introduction process.

Advice


2.2.5.3.1.

Enter the three first key sub-parts (key sub-part 1/9…3/9) and their check value at CV1 level computed on the values introduced. If the check values introduction succeeds, key part 1 is created.

Step one


2.2.5.3.2.

Repeat Step one until position 12. If the check values introduction succeeds, key part 2 is created.

Step two

2.2.5.3.3.

key sub-part 7/9 is followed by a check value at CV1 level and by a check value at CV2 level computed on Security Officer key 1.

Step three



Enter now the CHECK VALUE KEY 1 computed on Security Officer key 1.

Proceed in the same way for key sub-part 8/9 … Finally, key sub-part 9/9 is followed by a check value at CV1 level and by a check value at CV2 level computed on Security Officer’s key 3 and by the check value at CV3 level computed on the final C-ZAM/DEP key. Enter the key sub-part 9/9 and the CV1.

Enter now the CHECK VALUE KEY 3 (CV2) computed on Security Officer key 3.




2.2.6. ENC2 Entry Mode (0A)

The ENC2 entry mode decrypts an encrypted key with a transport key already available in the C-ZAM/DEP. The transport key can be introduced independently in every entry mode. The Key Definition List defines the properties of the transport key. It can be defined in the Key Definition List which transport key will be used to decrypt an encrypted key. Refer to the DEP PC-AUX Program User Manual for more information. The decryption mode is Triple-DES Decrypt-Encrypt-Decrypt (DED) with the following properties:

• if the transport key is a single length key, the DES key is constituted with K1+K1+K1

• if the transport key is a double length key, the DES key is constituted with K1+K2+K1

• if the transport key is a triple length key, the DES key is constituted with K1+K2+K3

This mode is supported for both key reconstruction in DEP and key reconstruction in CZD. For key reconstruction in CZD, the Transport Key and the transported key are both DES keys. The decryption mode is 3DES DED. For key reconstruction in DEP, the Transport key and transported key can be DES or AES type.

Atos Worldline - Technology & Products / Engineering / DEP Page: 35/67 DEP Key Entry Guide (04.02) Classification: Public Whichever the chosen length, do not forget that an important security principle requires that the transport key is as long as the encrypted key. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:

• CV1: check value calculated on every • CV2: check value calculated on the

key part, C-ZAM/DEP key.


2.2.6.1.1.

A triple-length DES ENC2 key consists of two horizontal keys:


• Transport C-ZAM/DEP key: the transport key that has to be first introduced in

the C-ZAM/DEP memory as another key. Notice that this key will never be sent to the DEP Crypto Module.

• Security Officer’s key: an encrypted key of 24 bytes divided into blocks of eight

bytes (key ENC sub-parts 1/3…3/3). Every time an encrypted key sub-part is introduced, the transport key decrypts the encrypted key to produce a key part (key part 1…3). When all the key parts are created, the C-ZAM/DEP’s key is created.

DED

DES

1st 8 bytes creationvertical

keys

horizontal keys


Secu

rity

Offi

cer's

key

1

2 CV(key part 1)

3

6 CV(key part 3)

5

ENC2

DED

DES

DED

DES

CV(CZD's key)7

4 CV(key part 2)

C-Z

AM

/DEP

'ske

y key part 1 key part 2 key part 3

CV(CZD's key)8

ENC key sub-part 1/3 ENC key sub-part 2/3 ENC key sub-part 3/31 3 5

transport key part 1 transport key part 2

tran

spor

tC

-ZA

M/D

EP's

key

transport key part 3


2.2.6.1.2.

The key reconstruction in DEP for the ENC2 key entry method is described in the diagram below. Note that the Transport key and the cryptogram are introduced in one block. Note that if the Transport key is AES 192 bits, the transported key (clear key) must be padded (right-padded with zeros or random) to 192 bits before encryption.


For TK DES, the decryption function is DES_ECB_DED. For TK AES, the decryption function is simply AES_DECRYPT. The diagram below is for DES.

Transport Key

DE

P tr

ansp

ort

key

DE

P ke

y

vertical

keys

ENC Key

ENC2 DEP

DEC

DES

2 CV DEP Key

Secu

rity

Off

icer

'ske

y

Key

3 CV DEP Key

Total 8, 16, 24 bytes creation

1

The diagram below is for AES.


Total 128, 192, 256 bits creation

Transport Key

DE

P tr

ansp

ort

key

DE

P ke

yvertical

keys

ENC Key

ENC2 DEP

2 CV DEP Key

Secu

rity

Off

icer

'ske

y

Key

3 CV DEP Key

1

AES

AES Decrypt

2.2.6.2.C-ZAM/DEP Instructions for Key Reconstruction in DEP

C-ZAM/DEP screens for key and check value entry will look like the following:

2.2.6.2.1.

Because the CV2 and CV3 check values are calculated on the C-ZAM/DEP key, it is advised to use the CVs at the third level only to avoid complexity.

Advice



2.2.6.3.1.

Before introducing an ENC2 key, the transport key that will be used for the decryption operation must be introduced independently in the C-ZAM/DEP. Because the transport key can be introduced through whatever entry mode, this key entry procedure is not included in this paragraph. See the DEP PC-AUX Program User Manual for more information.

Preliminary

2.2.6.3.2.

Enter first ENC2 key sub-part 1/3. This encrypted key sub-part is decrypted by the transport C-ZAM/DEP key according to the Decrypt-Encrypt-Decrypt mode taking into account the length of the transport key. This operation produces key part 1.

Step one

After, enter the check value at CV1 level computed on key part 1.

2.2.6.3.3.

Repeat Step one until position 4.

Step two

2.2.6.3.4.

key sub-part 3/3 is followed by a check value at CV1 level and by a check value at CV2 level and CV3 level both computed on the final C-ZAM/DEP key.

Step three



Enter the CHECK VALUE CZD KEY * is the check value at CV2 level computed on C-ZAM/DEP key1

.

Finally, enter the CHECK VALUE CZD KEY ** at CV3 level also computed on C-ZAM/DEP key.


2.2.7. XR2A Entry Mode (07)

The principle of this entry mode is the same as the XOR2 Entry Mode (05) (see paragraph 2.2.4 on page 23).

1 When a check value is computed on the C-ZAM/DEP key at level 2, only one star is displayed in the C-ZAM/DEP’s screen while two stars are displayed for a check value on the C-ZAM/DEP key at CV3 level.

Atos Worldline - Technology & Products / Engineering / DEP Page: 40/67 DEP Key Entry Guide (04.02) Classification: Public There is only a difference concerning the check values mechanism. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:

• CV1 of the last Security Officer’s key: check value calculated on every • CV2

key part of the last Security Officer’s key: check value calculated on the


C-ZAM/DEP key

A triple-length XR2A key has the same composition as a triple-length XOR2 key (see paragraph 2.2.4.1 on page 23).


Secu

rity

Offi

cer's

key

1C

-ZA

MD

EP's

key

vertical

keys

horizontal keys




key sub-part 1/61


key sub-part 3/65


key sub-part 5/69



4 CV(key part 1)

key sub-part 2/63

8 CV(key part 2)

key sub-part 4/67

13 CV(key part 3)

key sub-part 6/612

XOR

XR2A

Secu

rity

Offi

cer's

key

2


2.2.7.2. Advice

Use the XOR2 instead of the XR2A and use a check value at level three to obtain the same security level.


2.2.7.3.1.

Enter the two first key sub-parts (key sub-part 1/6…2/6) and their check value.

Step one


2.2.7.3.2.


Step two

2.2.7.3.3.

key sub-part 5/6 is followed by a check value at CV1 level computed on the value introduced and by a check value at CV2 level computed on Security Officer key 1, which is now complete.

Step three




Finally, key sub-part 6/6 is followed by a check value at CV1 level computed on key part 3 and by a check value at CV2 and CV3 levels computed on the final C-ZAM/DEP key. Enter the key sub-part 6/6 and the CV1.

Enter the CHECK VALUE CZD KEY * at CV2 level computed on C-ZAM/DEP key.




2.2.8. XR3A Entry Mode (08)

The principle of this entry mode is the same as the XOR3 Entry Mode (06) (see paragraph 2.2.5 on page 28). There is only a difference concerning the check values mechanism. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:




C-ZAM/DEP key

A triple-length XR3A key has the same composition as a triple-length XOR3 key (see paragraph 2.2.5.1 on page 28).



Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys




key sub-part 1/91


key sub-part 4/97


key sub-part 7/913



4 CV(key sub-part 2/9) 10 CVkey sub-part (5/9) 17 CV(key sub-part 8/9)

XOR

XR3A

6 CV(key part 1) 12 CV(key part2 ) 20 CVkey part 3)



3 169

5 11 19

Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3



2.2.8.2. Advice

Use the XOR3 instead of the XR3A and use a check value at level three to obtain the same security level.


2.2.8.3.1.

Enter the three first key sub-parts (key sub-part 1/9…3/9) and their check value at CV1 level.

Step one


2.2.8.3.2.


Step two

2.2.8.3.3.

key sub-part 7/9 is followed by a check value at CV1 level computed on the value introduced and by a check value at CV2 level computed on Security Officer key 1, which is now complete.

Step three

Atos Worldline - Technology & Products / Engineering / DEP Page: 46/67 DEP Key Entry Guide (04.02) Classification: Public Enter the key sub-part 7/9 and the CV1.


Proceed in the same way for key sub-part 8/9… Finally, key sub-part 9/9 is followed by a check value at CV1 level computed on key part 3 and by a check value at CV2 and CV3 levels computed on the final CZAMDEP’s key. Enter the key sub-part 9/9 and the CV1.



Finally, enter the CHECK VALUE CZD KEY at CV3 level computed on C-ZAM/DEP key.


2.2.9. ENC Entry Mode (04)

The ENC entry mode requires introducing two keys. The first one, the transport key, decrypts the second one, the encrypted key. The transport key used is always a single DES length and has to be repeated (or can be different) for every key part. The ENC entry mode is a light version of the ENC2 entry mode. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:

• There are no check values on the first Security Officer’s key (transport key) • CV1 of the last Security Officer’s key: check value calculated on every • CV2

key part of the last Security Officer’s key: check value calculated on the C-

ZAM/DEP key



A triple-length ENC key consists of two horizontal keys (Security Officer’s key 1…2) of 24 bytes introduced successively by blocks of eight bytes (key sub-parts 1/6…6/6). Every time a transport key (TK sub-part 1/6, 3/6, 5/6) and an encrypted key sub-part (ENC key sub-parts 2/6, 4/6, 6/6) are introduced, the transport key decrypts the encrypted key to produce a key part (key part 1…3). When all the key parts are created, the C-ZAM/DEP’s key is created.


Secu

rity

Offi

cer's

key

1C

-ZA

M/D

EP's

key

vertical

keys

horizontal keys



TK sub-part 3/64

TK sub-part 5/67

3 CV(key part 1)

2

6 CV(key part 2)

5

9 CV(key part 3)

ENC

DEC

DES

TK sub-part 1/6

DEC

DES

DEC

DES

1

10 CV(C-ZAMDEP's key)

ENC key sub-part 2/6 ENC key sub-part 4/6 ENC key sub-part 6/62 5 8

Secu

rity

Offi

cer's

key

2


2.2.9.2.Advice

The ENC2 entry mode replaces efficiently the ENC entry mode. It is recommended to avoid using this ENC entry mode.

2.2.9.1.C-ZAM/DEP Instructions for Key Reconstruction in CZD

2.2.9.1.1.

Enter the first key sub-part (TK sub-part 1/6) of the transport key.

Step one


Enter the first key sub-part (ENC sub-part 2/6) of the encrypted key and the CV1.

2.2.9.1.2.


Step two

2.2.9.1.3.

Enter the first key sub-part (TK sub-part 5/6) of the transport key.

Step three




Finally, enter the CHECK VALUE CZD KEY at CV3 level computed on C-ZAM/DEP key.


2.2.10. DX3 Entry Mode (09)

The DX3 entry mode requires introducing two keys. The first one, the transport key, decrypts the second one, the encrypted key. The transport key used is always a single DES length and has to be repeated (or can be different) for every key part.

Atos Worldline - Technology & Products / Engineering / DEP Page: 51/67 DEP Key Entry Guide (04.02) Classification: Public The DX3 entry mode combines the XOR3 and ENC entry modes. The transport key is first created according to the XOR3 entry mode. Then, this transport key decrypts the encrypted key according to the ENC entry mode. The DX3 entry mode is a light version of the ENC2 entry mode. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:



2.2.10.1.Key Composition

C-ZAM/DEP key

A triple-length DES ENC key consists of four horizontal keys (Security Officers’ key 1…4) of 24 bytes introduced successively by blocks of 8 bytes (key sub-parts 1/12…12/12). Every time a temporary transport key (Transport key part 1…3) is created in the C-ZAM/DEP and an encrypted key sub-part (ENC key sub-parts 4/12, 8/12, 12/12) is introduced, the temporary transport key decrypts the encrypted key to produce a key part (key part 1…3). When all the key parts are created, the C-ZAMD/DEP key is created.



tem

pora

rytr

ansp

ort

key

vertical

keys

horizontal keys


transport key part 1 transport key part 2 transport key part 3

26 CV(temporary transport key)

XOR

DX3

CZD

's D

EC k

ey


8 CV(key part 1) 16 CV(key part 2) 28 CV(key part 3)

DEC

DES

DEC

DES

DEC

DES

29 CV(CZD's DEC key)

30 CV(CZD's DEC key)

ENC key sub-part 4/12 ENC key sub-part 8/12 ENC key sub-part 12/12277 15

Secu

rity

Offi

cer's

key

4

2 cv(key sub-part 1/12)

key sub-part 1/121


key sub-part 5/129


key sub-part 9/1217


4 cv(key sub-part 212) 12 cv(key sub-part 6/12) 21 cv(key sub-part 10/12)

6 cv(key sub-part 3/12 14 cv(key sub-part 7/12) 24 cv(key sub-part 11/12)



3 2011

5 13 23

Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3



Secu

rity

Offi

cer's

key

1

XO

R 3

ent

ry m

ode

EN

C e

ntry

mod

e

2.2.10.2.Advice

The ENC2 entry mode replaces efficiently the DX3 entry mode. It is recommended to avoid using this DX3 entry mode because of complexity.



2.2.10.3.1.

Enter the three sub-parts of the XOR3 key plus the check values at CV1 level computed on the values introduced in order to constitute transport key part 1.

Step one


The transport key part 1 is now created in the C-ZAM/DEP’s memory. Enter now the encrypted key sub-part (ENC sub-part 4/12) and its check value at CV1 level.

2.2.10.3.2.

Repeat Step one position 16.

Step two

2.2.10.3.3.

key sub-part 9/12 is followed by a check value at CV1 level and by a check value at CV2 level computed on Security Officer’s key 1, which is now complete.

Step three



Enter now the CHECK VALUE KEY 1 computed on Security Officer key 1.

Repeat Step three for the introduction of the key sub-part 10/12. Enter the key sub-part 11/12 followed by a check value at CV1 level and by a check value at CV2 level and by the check value at CV3 level computed on the temporary transport key.


Enter the last key sub-part ENC key sub-part 12/12. It is followed by three check values at the three levels (position 28, 29, 30).



2.2.11. POOL Entry Mode (03)

The POOL entry mode requires introducing two keys. The first one, the transport key, decrypts the second one, the encrypted key. The transport key used is always a single DES length and has to be repeated (or can be different) for every key part. Each key sub-part introduced is a four bytes block that needs two separate introductions in order to constitute the entire sub-part. This key entry mode forces an exception on the standard check value principle as described in paragraph 2.1.2.1 on page 11 is applied:




C-ZAM/DEP key

A triple-length POOL key consists of four horizontal keys (Security Officers’ key 1…4) of twelve bytes introduced in three rounds successively by blocks of four bytes (key sub-parts 1/12…12/12). Every time a transport key part (transport key part 1…3) and an encrypted key part (ENC key part 1…3) are created, the transport key decrypts the encrypted key to produce a key part (key part 1…3). When all the key parts are created, the C-ZAMD/DEP key is created.



Secu

rity

Offi

cer's

key

1C

-ZA

MD

EP's

key

vertical

keys

horizontal keys



6

5 CV( key part 1)

4

10 CV(key part 2) 15 CV(key part 3)

14

POOL

1


7 12

3 813

2

tem

pora

ry e

ncry

pted

key


TK sub-part 5/12(4 bytes)


ENC key sub-part 4/12(4 bytes)


ENC key sub-part 12/ 12 (4 bytes)








transport key part 2 transport key part 3transport key part 1

ENC key part 1 ENC key part 2 ENC key part 3

DEC

DES

DEC

DES

DEC

DES

1

2

3

4

6

7

8

9

11

12

13

14

Secu

rity

Offi

cer's

key

2Se

curit

y O

ffice

r'ske

y 3

Secu

rity

Offi

cer's

key

4te

mpo

rary

tran

spor

t key

2.2.11.2.Advice

The ENC2 entry mode replaces efficiently the POOL entry mode. It is recommended to avoid using this entry mode (because of complexity).


2.2.11.3.1.

Enter the two first 4 byte transport key sub-parts. . No check value is required.

Step one


Enter the third and the fourth encrypted key sub-parts.

After the introduction of the fourth key-sub part, transport key part 1 is constituted by appending TK key sub-part 1/12 with TK key sub-part 2/12 and ENC key part 1 is constituted by appending ENC key sub-part 3/12 with ENC key sub-part 4/12. When this operation is achieved, the transport key decrypts the encrypted key in order to produce key part 1. Enter the CV1 after the ENC key sub-part 4/12.


The first check value at CV1 level is computed on key part 1 resulting from the decryption of the encrypted key by the transport key:

2.2.11.3.2.


Step two

2.2.11.3.3.

Enter the TK sub-part 9/12 , TK sub-part 10/12, ENC sub-part 11/12 and ENC sub-part 12/12, followed by the CV1.

Step three


Enter the CHECK VALUE CZD KEY * at CV2 level (position 16) computed on C-ZAM/DEP key.

Enter the CHECK VALUE CZD KEY ** at CV3 level (position 17) computed on C-ZAM/DEP key.


2.2.12.DS2 BACKUP Entry Mode (01)

For this entry mode, the CREATE KEY menu does not allow creating the key. The key must be imported from a DS2 Key Backup. In this case, for each key defined with this key entry mode in the C-ZAM/DEP (and coming from the Key Definition List), the application will attempt to read the corresponding encrypted keys in the DS2 Key Backup.


No check value can be defined for this entry mode. The check values are securely included in the DS2 Key Backup.


See the DEP Key Backup Conversion Guide for more information.

2.3. CHECK VALUE ALGORITHMS

To know more about the keys used in the check value algorithms, consult the entry mode schemes as well as the Key Composition sections.

2.3.1. CV NORM

2.3.1.1.CV NORM for DES Keys

The NORM check value algorithm realizes an encryption of eight null bytes with the key. A Triple DES encryption (Encrypt-Decrypt-Encrypt) algorithm is applied to calculate the check values, taking into account the length of the key:

• for a single-length DES key: K1 = K2 = K3 • for a double-length DES key: K1 = K3

EDE

DES

K 1 || K 2 || K3

cv = 6 leftmost digits

8 null bytes

The check value consists of the six leftmost digits of the encryption’s result. Remark that this type of check value does not protect keys longer than triple length keys.

2.3.1.2.CV NORM for AES Keys

This is for key reconstruction in DEP only.


ENC

AES

16 bytes encrypted


16 null bytes

AES key 128, 192 or 256 bits

2.3.2. CV FULL

This CV method is available only for key reconstruction in CZD. The FULL check value algorithm realizes a triple DES encryption (Encrypt-Decrypt-Encrypt) of the complete key with (a part of) the key. A standard CBC-MAC algorithm is used to protect the complete key. This algorithm supports check values on keys longer than triple-length DES keys (maximum 10-length):

• for a single-length DES key: K1 = K2 = K3 • for a double-length DES key: K1 = K3 • for a quadruple-length DES key and higher: only the 3 first blocks of the key are

used as for a triple-length MAC key

EDE

DES

K1 || K2 || K3


EDE

DES

CBC MAC

XOR

...EDE

DES

XOR

K1 K2 Kn

K1 || K2 || K3 K1 || K2 || K3

The check value consists of the six leftmost digits of the obtained MAC result.


2.3.3. ISO-10118-2

The ISO-10118-2 check value algorithm is a hash function computed on the key. The check value consists of the six leftmost digits of the hash result.


3. TROUBLESHOOTING

This paragraph contains the description of root causes and the troubleshooting procedures of common errors which can occur during the real time key ceremony and will be regularly updated. It will help to have a better understanding of why these errors occur, as well as to understand how to bypass them. If you need assistance with other problems than those discussed in this paragraph, address your questions to the DEP Hotline at the following address: mailto:[email protected]

3.1. SUPPLIED CV AND KBR CONFLICT

The Supplied CV and KBR conflict error is thrown by the C-ZAM/DEP. The error stands for Supplied Check Value and Key Buffer Record conflict. It means that the supplied key check value CV3 gives conflict with the key recorded in the buffer.

This paragraph explains the root causes of this conflict, and gives the ways to bypass it. The Supplied CV and KBR conflict occurs during the key reconstruction in DEP using the XOR2 or XOR3 key entry methods, if:

1. the key is defined with CV2 and CV3 in key definition list, 2. first security officer has entered his key component, correct key CV2 and the

correct key CV3 values

Key component

, Key CV2 entry

mailto:[email protected]�


. Key CV3 entry

3. second or the third security officer (XOR3) has entered his key component, correct

key CV2 and the key CV3, which is not equal to key CV3 entered by the first security officer.

When this kind of error is occurred, the key reconstruction procedure is aborted. To avoid this type of conflict it is recommended:

• to skip CV3 value introduction for all key components and to enter it only after the introduction of the last component by the last security officer. For example, in case of XOR3 key entry method the first and the second security officers should send their key components to the DEP without key CV3 value. Pressing the red STOP key in the screen below will be considered as no key CV3 input for current security officer. And the last security officer should enter the key CV3 value.

• to type the same key CV3 each time the security officers enter their key

components.

3.2. KEY DEF AND KBR MISMATCH

The Key Def and KBR mismatch error is thrown by the C-ZAM/DEP. The error stands for Key Definition and Key Buffer Record mismatch. It means that the type of the key component sent by the C-ZAM/DEP does not match with the key definition in DEP.

Atos Worldline - Technology & Products / Engineering / DEP Page: 67/67 DEP Key Entry Guide (04.02) Classification: Public For example, this error will be thrown during the triple DES key (DES3) reconstruction in DEP if the key is defined as DES1 or DES2 in C-ZAM/DEP key definition list. To avoid this type of error, define the keys in key definition list according with the key type referenced in delivered Software DFS document. For more information on how to define the keys refer to the DEP PC-AUX User Manual.

Date post:	19-Jan-2021
Category:	Documents
Upload:	others
View:	7 times
Download:	0 times

DEP Key Entry Guide · 2020. 12. 21. · DEP Key Entry Guide (04.02) Classification: Public....

Documents