Cryptosec RKL

Executive Summary

NDEX
INTRODUCTION ........................................................................................................................................ 3

Payment Media Security ........................................................................................................................... 4

INDUSTRY STANDARDS AND SPECIFICATIONS .......................................................................................... 6

RKL Migration Impact ............................................................................................................................... 8

The Realsec Solution ................................................................................................................................. 9

RKL Server Operating Model ................................................................................................................ 10

Cryptosec RKL Overview ...................................................................................................................... 11

Opportunities And Benefits .................................................................................................................... 13

Cryptosec RKL | NDEX

INTRODUCTION

In this document, we present the bid of Cryptosec-RKL Server from Realsec, a multivendor system for remote loading of the ATMs Initial Keys, using techniques of certificates and electronic signatures with asymmetric key. In the following chapters we explain the features of Cryptosec-RKL and describe its technical architecture, and define the system requirements.

Cryptosec RKL | / INTRODUCTION

Payment Media Security

With the aim of achieving confidentiality, integrity and non-repudiation of electronic transactions, it is necessary to protect by cryptographic coding processes, certain sensitive information, such as the PIN - the customers secret personal number. The security of a cryptographic system is based on the secrecy of the keys that are used to encrypt the transmission of sensitive data between a Point of Sale terminal, which initiates a transaction and a Host remains secret. For this purpose, the keys used in cryptographic procedures must be stored in a physically secure device, i.e. in a cryptographic module, which in the case of POS is called Pinpad and in self-services terminals - EPP. Brand names(VISA and MasterCard) and financial networks define a set of security requirements which specify not only the physical security requirements to be met by the devices used for keying the PIN and handling sensitive information but also the techniques for managing the secret keys and cryptographic algorithms to be used. Physical security requirements: Brands define the Pinpad and the EPP as physically secure devices, that should prevent (Tamper resistant) and also detect (tamper-evident) fraudulent attacks, in a way that it is non-viable to penetrate the device without causing serious damages and going unnoticed subsequently, in addition to requiring the frustration of any attacks as soon as they are detected. Logical security requirements: Some of the logical security requirements demand that the PIN entry devices are designed in such away that: o It is unfeasible to reveal the entered or contained secret information, neither through some determined function nor through a particular combination of functions. The PIN encryption key is not to be used for any other cryptographic purpose except for encryption of PIN blocks. The PIN encryption key shall be unique for each device. The PINs shall be encrypted inside the Pinpad. The device should implement protection against exhaustive PIN search attempts. Key Management requirements: The rules also define the key management techniques to be used during the entire life cycle of the keys, from the moment of its generation until its destruction. In their Rules and Security Standards, Visa and MasterCard pay also special attention to the techniques to be used to transfer the keys into the EPP security module in order to preserve their integrity. Cryptosec RKL | Payment Media Security 4

o o o o

Therefore, it is required that they are always transmitted encrypted with other keys that are already installed in the EPP. However, the problem arises when it is needed to be entered the very first key (the Initial or Master Key) of the defined key hierarchy into the EPP, since there is no any other key at this moment in the security module. The traditional method for loading the initial key that resolves this problem is the separation of the key into at least two key components and shipping them to the custodians by using different channels of communication, thereby fulfilling the principle of partial knowledge and dual control. However, the complicated logistics and inefficiency (proper of all manual processes) makes the manual loading procedure for a relatively large number of ATMs, if done in compliance with all the requirements of VISA (T&L expenses, staff hours, etc. registering every process involved for later VISA auditing) will translate into a tedious administrative burden and increased cost for Financial Institutions.

Cryptosec RKL | Payment Media Security

Industry Standards and Specifications

In the mid-90s, important standards and specifications that govern the policies on logical security with regard to the management of PIN and passwords were created.

ANSI X9
The X9 series, published and reviewed by the X9 committee, formed the basis for many posterior specifications Recently there have been three major changes in two of the standards ANSI X9.8 Y ANSI X9.24 which state that: The PIN must be encrypted with a double key (16 bytes or 32 characters) hence therequirement to use TDES for the encryption of the PIN. Any key that encrypts another key must be a double length key. From this requirement stems the fact that the Initial Key is 16 bytes, because the other keys of the key hierarchy depend on this Initial Key. Use of unique keys for each EPP device. Coinciding in time, the concerns of the industry regarding traditional techniques for loading keys, with the available technology of asymmetric cryptography, the VISA and Master Card also initiated a review of the ANSI X9.24 standard: Symmetric Key Management using asymmetric cryptographic techniques ANSI X9.24-2 in order to include the functionality of remote key loading of the initial symmetric key using public cryptography techniques, thus defining a new framework for security and global acceptance. The remote key loading allows for the elimination of a lot of costs that would have been incurred by using the manual process, as it eliminates the need to move staff to transfer the keys in the EPP, its handling as well as management. Besides, based on the technology of asymmetric cryptography and digital certificates/signatures, the RKL enables Bilateral Authentication and establishment of a secure session with the Host before the downloading of the Initial Key. Financial Organizations, however, did not have all their needs satisfied by the standard X9.24 as they also required interoperability and widespread functionality. The fundamental problem is that the X9.24 does not define the interface, neither the implementation details of the Remote Key Loading scheme and it does not allow for an approximation towards a unique interface for the different ATM manufacturers. The main consequence of this lack of specificity has been that each manufacturer has implemented a different Remote Key Loadings scheme using signatures(NCR and Wincor), certificates(Diebold), or legacy systems (Fujitsu).

XFS SPECIFICATIONS

Cryptosec RKL | Industry Standards and Specifications

The XFS standard consists basically devises (pinpads, receipt printers, Microsoft Windows programming, applications become independent access.

of a set of specifications for access to financial card readers, dispensers, etc.) defined around with the aim of ensuring that the financial of the underlying device hardware which they

At the same time that the revision 2 of the X9.24 standard was published, a parallel revision of the XFS standard was initiated to include the functionality of the remote loading keys. However, each of the manufacturers had already implemented a different interface of the functionality of the remote loading keys. Currently, in the last revision of the XFS 3.3 standard, the Diebold (based on certificates) and NCR (based on signatures) Remote Key Loading schemes have been included making these two standards de facto. This scenario raises the issue of Financial Institutions need to implement a remote loading key solution for each of their suppliers, while at the same time taking into account upgrading developments in accordance with standards evolution and emerging technologies.

Cryptosec RKL | Industry Standards and Specifications

RKL Migration Impact

Host
Upgrading the HSM (Host Security Module) firmware with new cryptographic algorithms and functions (RSA) Host Processes integration and developments.

ATM
Self-service processes integration and developments Changes in the financial protocols POS/ATM/ networks. Migration to XFS 3.3 Standard.

PinPAD
PCI Certification Unique RSA key pair Mechanism for authenticating the Host public RSA key component by means of signatures or certificates. Thus, to carry out migration to the remote loading keys, Financial institutions are bound o undertake changes at hardware level (including new HSM, EPP or firmware) and at software level (new developments in the Host and Self-service applications). In order to minimize the impact of migration, Diebold has designed a solution that eliminates the need to make changes in the hardware and software in the Host and in the self-service application.

Cryptosec RKL | RKL Migration Impact

The Realsec Solution

The solution proposed by Realsec is a Remote Key Distribution Server (hereinafter, server Cryptosec- RKL or RKL), which implements the RKL schemes of the major ATM manufacturers (Diebold, NCR,Wincor and Fujitsu) and provides: An open and multi-vendor solution Independence of the Host processes Based on XFS standart This solution does not require changes in the hardware and software in the Host when it comes to integrating this project with the Host operations and processes, also, the need does not arise to make changes in the current self-service application. It is therefore a solution that possesses complete autonomy and does not require any integration with the Host systems and ATM

Cryptosec RKL | The Realsec Solution

RKL Server Operating Model

The Cryptosec-RKL solution consists of different software modules that run on a RACK, except for an agent that runs on the ATM. The Cryptosec-RKL uses a security tamperresistant and tamper-responsive module HSM, in which protected memory is generated in random way the Initial key of all the ATMs and the secret component of the Host RSA key pair. As mentioned above, a component (Cryptosec Agent) is installed in each ATM, which during the start-up of the Self-service initiates a RKL request to the RKL Server for the loading of the Initial Key, if the status of the EPP indicates it has not been initialized with the key hierarchy yet). On reception of a RKL request from an ATM, the CryptosecRKL carries out at first the process of mutual authentication between the ATM and the RKL Server, to ubsequently establish a secure session and send the corresponding Initial Master key of that ATM. On completion of the transmission session of the Initial key for the ATM in question, the Cryptosec- RKL communicates the Initial Key to the HSM/Host. The ATM is now prepared to launch financial operations against the Host in the habitual manner without any necessity from now on to communicate with the Cryptosec-RKL, as long as the equipment being referred to has not had its software reinstalled or its EPP decommissioned. In the latter two cases just mentioned, the RKL request will be launched again by the Selfservice application, in a transparent and automatic manner without involvement neither of the technical staff nor of the bank branchs staff.

Cryptosec RKL | RKL Server Operating Model

10

Cryptosec RKL Overview

CRYOTOSEC-RKL SOFTWARE COMPONENTS
Rt-Core Receives and processes RKL requests from the installed base or group of ATMs. It is responsible for HSM crypto primitive programming, so as to provide the required functionality according to RKL specific scheme of each of the self-service manufacturers. Among its main characteristics we can enumerate the support provided for the establishment of the secure session (Bilateral Authentication) and the transport of the initial key to the installed base or group of ATMs. Rt-Interfaces The Cryptosec-RKL solution communicates with the RKL agents that resides in each Self-service via interfaces. The interfaces carry out communications between the Cryptosec RKL Server Server system and the outside world. They are responsible for executing the specific RKL protocol for each and every manufacturer, by first carrying out Bilateral Authentication, and later by using the secure channel established to transmit the initial key of the Self-service. All messages sent between RtCore and RtInterfaces, are formatted according to a specific protocol of each manufacturer. The communication between the RtInterfaces and the agents in the Self-services will be realized using the TCP/IP standard as the communications protocol.

Rt-Office The Component responsible for data base management processes and handling of necessary data for the correct functioning of the system and reports generation.

Cryptosec RKL | Cryptosec RKL Overview

11

Rt-Admin This GUI admin module permits the configuration of the RKL Server solution and its management for optimal functioning. Rt-Agent A component residing in the ATM that determines during start-up the need to initiate the process of requesting the initial key from Cryptosec RKL Server. HSMConsole HSM Management console, through this console, users of the HSM and their rights of access can be defined, as well as the importation of the Zone Transport Keys generated by the HSM of the Host, according to the principles of dual control and split knowledge.

Cryptosec RKL | Cryptosec RKL Overview

12

Opportunities And Benefits

With the solution provided by Diebold there is a minimization of the impact posed by migration to RKL for financial institutions thus freeing them of the technical complexity involved in the realization of new developments. The automation of the process ensures compliance with safety standards. Elimination of the manual key entry process that requires personnel and transport of the same. The interoperability at a global level is beneficial for the financial institution and provides flexibility in their choice of ATMs to buy. Nevertheless, the greatest benefit of the adaptation to RKL, is the drastic reduction in the total cost of operations, but by no means should we despise or underestimate the opportunity that the financial institutions would have in terms of gaining in image and being prepared to confront new challenges in the future in the payment media industry.

Cryptosec RKL | Opportunities And Benefits

13

Cryptosec RKL | Opportunities And Benefits

14