11

I'm tasked with implementing a decryption functionality against a device using the DUKPT protocol/scheme/algorithm.

The encryption algorithm itself is just DESede which is easy to work with and have good library support(JCE, BouncyCastle).

The problem is the DUKPT part. I have the Base Derivation Key(a shared secret), the Key Serial Number and the cipher text but I am not able to figure out what to do next.

As much as possible, I do not want to write my own implementation and I would prefer to use a well tested library instead.

Is there such a thing available?

Note: DUKPT = Derived Unique Key Per Transaction

Hyangelo
  • 4,644
  • 4
  • 22
  • 33
  • 1
    I couldn't find anything when I tried 2 years ago, and the product vendor simply advised our company to buy the specs. The specs are pretty difficult to understand & work with, and eventually my colleague took on the task, and with lots of work he finally cracked it. It wasn't easy. Sorry, I can't do better than that! – laher Mar 30 '12 at 19:02
  • That's what our product vendor told us as well. I did some reading and most of the literature say something about an HSM(Hardware Security module). Did a quick google and saw http://www.thalesgroup.com/Pages/PressRelease.aspx?id=5689 But we don't want to make a mountain out of a molehill and it was my initial impression that all this can be done using software. I'm wondering if your colleague was able to perform the key derivation and subsequent decryption all using the ANSI document and pure software? – Hyangelo Mar 30 '12 at 19:37
  • Yes, he was able to, using plain Java. It was for a MagTek encrypted magstripe reader, and the salesman gave us a few other clues, i.e. the example keys mentioned in the spec were also the keys used on the test device, which we had. There are several stages to the decryption, and there was just enough info in the spec to confirm the program's accuracy at the different stages. So, it's definitely possible, but you really have to bend your head around some poorly worded specifications. It took a lot of banging heads together at certain points. Sorry I can't give you the source!! Good luck – laher Apr 01 '12 at 03:44
  • And no, you don't need an HSM(!) That's one other thing - just to remember that the spec is mainly for fully-blown payment terminals, but if you're like us then you may be working with something a bit simpler. I think there's also mention of PIN codes in there, which we had to ignore aswell. – laher Apr 01 '12 at 03:47
  • 1
    Yes, im doing this for a magtek device as well. Thanks for the information, I guesa ill just have to rtfm – Hyangelo Apr 01 '12 at 18:50

2 Answers2

5

I don't know exactly how DUKPT works, but using the excellent Thales Simulator Project, I took the DUKPT code and ported it to a Java library, my very own crypto-utils project.

Disclaimer: This was a learning exercise for myself and is NOT production code. It may be of help

John Oxley
  • 13,918
  • 17
  • 49
  • 76
  • You can take a look at this one: http://security.stackexchange.com/questions/13309/what-is-the-dukpt-key-derivation-function It is not that detailed but it does help with the high-level understanding. The low level details are found in the ANSI X9.24 document which is not free. – Hyangelo Jul 30 '12 at 12:18
  • Also, I took a look at your code and I think you made a mistake in the handling of the KSN descriptor. The descriptor is a 3 digit hex number so if I am not mistaken you have to call the Integer.parseInt with a correct radix instead of using the default base 10. – Hyangelo Jul 30 '12 at 13:17
  • Your answer is not really complete but since it is the best so far, I am marking this as correct(unless someone offers a better answer). – Hyangelo Jul 30 '12 at 16:04
-4

To implement security using symmentric keys only, an HSM is required - not for performance reasons, but because in software there's no way to store the key securely. So you won't find much in terms of well supported software that implements DUKPT, because it has no practical use.

Michael Kyritsis
  • 3
  • 3