Ingenico 6500 ユーザーズマニュアル
94
Chapter 9 Key Architecture
Section 9.4 Application Based Keys
9.4
Application Based Keys
9.4.1
Special Keys
Special keys are loaded encrypted under the KTK. The SSA will have a key structure
matrix indexed by application ID. These keys can be both single-length DES keys and
double-length triple DES keys.
matrix indexed by application ID. These keys can be both single-length DES keys and
double-length triple DES keys.
These two Application Special Keys are only used if the Prompts Authentication Key
security option is set to 1 (application based, see section 9.5.1 on page 96). If Prompt
MACing is also enabled, the Secure Text and Clear Text prompts will be verified with these
two keys. If the Prompts Authentication Key is set to 0 (terminal based), the terminal-based
keys are used instead (see section 9.3 on page 93).
security option is set to 1 (application based, see section 9.5.1 on page 96). If Prompt
MACing is also enabled, the Secure Text and Clear Text prompts will be verified with these
two keys. If the Prompts Authentication Key is set to 0 (terminal based), the terminal-based
keys are used instead (see section 9.3 on page 93).
Key Name
Index
Length Description of Key
Secure Text Entry
Form Authorization
Key
1
8/16
This key is loaded encrypted under the KTK.
All prompts and/or screens used for Secure
Text Entry of the application will be
authenticated using this key if the Prompts
Authentication Key security option is set to
application based (1).
Clear Text Entry
Form Authorization
Key
2
8/16
This key is loaded encrypted under the KTK.
All prompts and/or screens used for Clear Text
Entry of the application will be authenticated
using this key if the Prompts Authentication
Key security option is set to application based
(1).
9.4.2
Master Keys
Master keys are loaded encrypted under the KTK or current Master Key. For application-
based financial keys, the SSA will have a key structure matrix indexed by application ID.
based financial keys, the SSA will have a key structure matrix indexed by application ID.
The device can accommodate up to ten master keys per application, or 64 master keys per
terminal. Each key is independent and used to transport the corresponding working
(session) key. Available indexes for master keys are 0 – 9 per application or 0 – 63 per
terminal. These keys can be both single-length DES keys and double-length triple DES
keys.
terminal. Each key is independent and used to transport the corresponding working
(session) key. Available indexes for master keys are 0 – 9 per application or 0 – 63 per
terminal. These keys can be both single-length DES keys and double-length triple DES
keys.
The device supports four types of master keys.
Key Name
Description of Key
Master Terminal
PIN Key (MTPK)
This key is used to encrypt the Working (session) Terminal PIN
Key (WTPK).
Master Message
Authentication
Code Key
(MMACK)
This key is used to encrypt the Working (session) Message
Authentication Code Key (WMACK).
Master
Communication
K
(MCK)
This key is used to encrypt the Working (session) Communication
Key (WCK).