ISO 11568-2:2012 pdf download.Financial services — Key management (retail) — Part 2: Symmetric ciphers, their key management and life cycle.
ISO 11568 is one of a series of standards describing procedures for the secure management of cryptographic keys used to protect messages in a retail financial services environment, for instance, messages between an acquirer and a card acceptor, or an acquirer and a card issuer.
This part of ISO 11568 addresses the key management requirements that are applicable in the domain of retail financial services. Typical of such services are point-of-sale/point-of-service (POS) debit and credit authorizations and automated teller machine (ATM) transactions.
This part of ISO 11568 describes key management techniques which, when used in combination, provide the key management services identified in ISO 11568-1. These services are:
— key separation:
— key substitution prevention;
— key identification;
— key synchronization;
— key integrity;
— key confidentiality;
— key compromise detection.
The key management services and corresponding key management techniques are cross-referenced in Clause 7.
This part of ISO 11568 also describes the key life cycle in the context of secure management of cryptographic keys for symmetric ciphers. It states both requirements and implementation methods for each step in the life of such a key, utilizing the key management principles, services and techniques described herein and in ISO 11568-1. This part of ISO 11568 does not cover the management or key life cycle for keys used in asymmetric ciphers, which are covered in ISO 11568-4.
In the development of ISO 11568, due consideration was given to ISO/IEC 11770; the mechanisms adopted and described in this part of ISO 11568 are those required to satisfy the needs of the financial services industry.
This part of ISO 11568 specifies techniques for the protection of symmetric and asymmetric cryptographic keys in a retail banking environment using symmetric ciphers and the life-cycle management of the associated symmetric keys. The techniques described enable compliance with the principles described in ISO 11568-1.
The techniques described are applicable to any symmetric key management operation.
The notation used in this part of ISO 11568 is given in Annex A.
Algorithms approved for use with the techniques described in this part of ISO 11568 are given in Annex B.ISO 11568-2:2012 pdf download.
ISO 11568-2:2012 download
PS:Thank you for your support!