90.20 Standard under periodical review Oct 15, 2024
ISO
ISO/TC 68/SC 2 Financial Services, security
International Standard
35.240.40 IT applications in banking
This document describes a data element related to key management which can be transmitted either in transaction messages to convey information about cryptographic keys used to secure the current transaction, or in cryptographic service messages to convey information about cryptographic keys to be used to secure future transactions.
This document addresses the requirements for the use of the data element related to key management within ISO 8583-1, using the following two ISO 8583-1 data elements for DEA and TDEA:
— security related control information (data element 53);
— key management data (data element 96).
The data element related to key management for DEA and TDEA is constructed from the concatenation of two ISO 8583-1 message elements, data element 53 — security related control information, and data element 96 — key management data. It conveys information about the associated transaction's cryptographic key(s) and is divided into subfields including a control field, a key-set identifier and additional optional information. For AES implementations, the data elements are summarized in one field.
This document is applicable to either symmetric or asymmetric cipher systems.
WITHDRAWN
ISO 13492:2007
PUBLISHED
ISO 13492:2019
90.20
Standard under periodical review
Oct 15, 2024