Customer Service:
Mon - Fri: 8:30 am - 6 pm EST
Back
Standards PDF Cover Page preview

 Historical

ISO 11568-1:2005

Banking - Key management (retail) - Part 1: Principles

ISO 11568-1:2005 specifies the principles for the management of keys used in cryptosystems implemented within the retail-banking environment. The retail-banking environment includes the interface between a card accepting device and an acquirer, an acquirer and a card issuer, an ICC and a card-accepting device.

An example of this environment and threats associated with the implementation of ISO 11568-1:2005 in the retail-banking environment are also described.

ISO 11568-1:2005 is applicable both to the keys of symmetric cipher systems, where both originator and recipient use the same secret key(s), and to the private and public keys of asymmetric cryptosystems, unless otherwise stated. The procedure for the approval of cryptographic algorithms used for key management is specified.

The use of ciphers often involves control information other than keys, e.g. initialization vectors and key identifiers. This other information is collectively called "keying material". Although ISO 11568-1:2005 specifically addresses the management of keys, the principles, services, and techniques applicable to keys may also be applicable to keying material.

ISO 11568-1:2005 is appropriate for use by financial institutions and other organizations engaged in the area of retail financial services, where the interchange of information requires confidentiality, integrity, or authentication. Retail financial services include but are not limited to such processes as POS debit and credit authorizations, automated dispensing machine and ATM transactions, etc.

ISO 9564 and ISO 16609 specify the use of cryptographic operations within retail financial transactions for personal identification number (PIN) encipherment and message authentication, respectively. The ISO 11568 series of standards is applicable to the management of the keys introduced by those standards. Additionally, the key management procedures may themselves require the introduction of further keys, e.g. key encipherment keys. The key management procedures are equally applicable to those keys.

Available for Subscriptions Available in Packages

Content Provider
International Organization for Standardization [iso]

Others Also Bought

ISO 11568-2:2005
Banking - Key management (retail) - Part 2: Symmetric ciphers, their key management and life cycle
Add to cart
ISO 9564-2:2005
Banking - Personal Identification Number management and security - Part 2: Approved algorithms for PIN enciphe ...
Add to cart
ISO 9564-1:2002
Banking - Personal Identification Number (PIN) management and security - Part 1: Basic principles and requirements ...
Add to cart
Document History
Revises:
Revised By:
Included in Packages
This standard is also available in these packages:
Amendments & Corrections
We have no amendments or corrections for this standard.
ANSI Logo

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.

Useful Links
CUSTOMER SERVICE
NEW YORK OFFICE
ANSI HEADQUARTERS
2024 © American National Standards Institute (ANSI) All Rights Reserved.