The three-level key system of the bank card network security system,

The three-level key system of the bank card network security system,

The bank card network security system adopts a three-level key management system, from top to bottom, which is the master key, key exchange key, and data key. The upper-level key is used to encrypt the lower-level key, as follows:

1. The CMK is used to encrypt the key exchange key and data key for local storage;

2. The key exchange key is used to encrypt the data key for network transmission;

3. Data keys are used to encrypt and decrypt data.

Three-level key system:

Three-level key system

Description of level-3 key systems

At the first layer, the LMK is the master key and has 50 pairs of different lmks. It adopts the double standard DES key (up to 112 bits), which is stored in the HSM, it is used to encrypt all other keys and encrypted data stored locally. Different lmks are used to encrypt different data or keys. Because other local keys and encrypted data are both encrypted by LMK. Therefore, LMK is the most important key.

The second layer is usually called a Key-encryption key or a Key-encryption key, including keys such as TMK and ZMK. It is used to encrypt the data keys that need to be transferred on the communication line. In this way, data keys are automatically allocated. Local or shared network. Different communication sites use different key encryption keys (keks) to implement division of work management of keys. They are stored locally and encrypted under the Local LMK.

The third layer is usually known as a data encryption key or work key. Including TPK, TAK, ZPK, ZAK, PVK, CVK and other keys. It is used to encrypt different types of data. In this way, data confidentiality, information authentication, and digital signature functions are implemented. These data keys are stored locally and encrypted under the Local LMK.