IPP MS
DUKPT C
AND
OMMUNICATIONS
MS-Specific Packets
320
M
X
800 S
P
ERIES
ROGRAMMERS
P
ACKETS
Table 60
Response Packet 04 GISKE Key Block Format (Continued)
Data
Characteristic
Element
Key Usage
2AH
Attribute (KUA)
Algorithm
1AH
G
UIDE
Comments
Only when master key is present at address [a]:
AN: ANY: The key is available in the IPP, but
•
was not loaded using GISKE format.
D0: Data encryption
•
I0: IV
•
T0: control vector
•
K0: key encryption or wrapping
•
G0: MAC generation
•
M0: MAC verification
•
P0: PIN encryption
•
V0: PIN verification
•
C0: CVK (card verification key)
•
B0: BDK (base derivation key [A])
•
00: ISO 9797-1 MAC algorithm 1 (1–56 bits)
•
10: ISO 9797-1 MAC algorithm 1 (1–112 bits)
•
20: ISO 9797-1 MAC algorithm 2 (2–112 bits)
•
30: ISO 9797-1 MAC algorithm 3 (3–112 bits)
•
40: ISO 9797-1 MAC algorithm 4 (4–112 bits)
•
50: ISO 9797-1 MAC algorithm 5 (5–56 bits)
•
60: ISO 9797-1 MAC algorithm 5 (5–112 bits)
•
(optional) Only if the master key is present at
address [a]. The value is stored in the Key
Attributes register.
D: DES [0]
•
R: RSA [1]
•
A: AES [2]
•
S: DSA [3]
•
T: TDES [4]
•
U: Unknown [5]
•
E: Elliptic Curve [6]
•
[7]–[F] = Reserved
•
To save storage space in RAM, the
Note:
algorithm attribute is converted to [x], a
hex number ranging form 0–F (4 bits). In
the response packet (to packet 04), the
IPP converts the number back to
characters used in GISKE specification.