X9.17 is a standard of the American National Standards Institute describing the key handling recommendations for the financial industry. It proposes a hierarchy of keys:
X9.17 uses a symmetric key cryptosystem and the following general principle applies.
|1.||Whenever two nodes encipher data using a symmetric key cryptosystem, the key must be available at both nodes.|
|2.||Whenever two nodes compute a message authentication code (MAC) using a symmetric key cryptosystem, the key must be available at both nodes.|
Depicted in Figure 16.6 is a three-level hierarchy; in each level, keys are stored in a secure database identified by (NID_xy, key_xy) where #x and #y identify the node and level with which the key will be used.
– key = KD, cleartext = data message, or
– key = KK, cleartext = KD.
Triple DEA encipherment with syntax may be used to deliver ...