IBM Crypto Education Community

IBM Crypto Education Community

IBM Crypto Education Community

Join the IBM Crypto Education community to explore and understand IBM cryptography technology. This community is operated and maintained by the IBM Crypto Development team.

 View Only
Back to discussions
Expand all | Collapse all

How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

  • 1.  How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Thu August 04, 2022 02:19 PM
    Hi All,

    Can any one help me on how to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key/Token (CSNBKTB). and Using this new DKYGENKY - DYL1 how can use it to generate ARQC for CVN18.

    Thanks

    DJ

    ------------------------------
    Dipin Jose
    ------------------------------


  • 2.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Thu August 04, 2022 03:32 PM
    It is not possible to generate a DKYL1 from a DKYL0 as that is the wrong direction of derivation.

    ------------------------------
    Eric Rossman
    ------------------------------

    Original Message


  • 3.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 02:10 AM
    Can I reinstall existing MDK - DKYL0 and DKYL1? Will it changes the KCV value?

    ------------------------------
    Dipin Jose
    ------------------------------

    Original Message


  • 4.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 09:15 AM
    If you have the clear key material, you can create a DKYL0 and DKYL1 with the same key material and they would have the same KCV. However, if you do not have the clear key material, this will be much more complicated (beyond the scope of this community) and you will need to open a Q&A (assuming your company is entitled to this).

    ------------------------------
    Eric Rossman
    ------------------------------

    Original Message


  • 5.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 02:18 AM
    Can I reinstall existing MDK -DKYGENKY - DKYL0 to new MDK - DKYGENKY - DKYL1? Will it changes the KCV value?

    ------------------------------
    Dipin Jose
    ------------------------------

    Original Message


  • 6.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Thu August 04, 2022 04:20 PM
    Here is a sample:
    https://community.ibm.com/community/user/ibmz-and-linuxone/blogs/anna-deng1/2021/02/09/rexx-sample?CommunityKey=6593e27b-caf6-4f6c-a8a8-10b62a02509c

    ------------------------------
    Eleanor Chan
    ------------------------------

    Original Message


  • 7.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 02:20 AM
    This Rexx only works if my MDK DKYGENKY Key is DKYL1; but mine is DKYL0. I guess there is a way I can generate new DKYGENKY - DKYL1, but not sure how.

    ------------------------------
    Dipin Jose
    ------------------------------

    Original Message


  • 8.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 07:18 AM
      |   view attached
    Hello ,

    I leave you an example to create generate the key.

    Keep in mind the rules to verify or generate the ARQC, in your notes I see that you want to use the pad to complete and that is not necessary, the API does it.

    Table H–4: Example 3: Terminal and Card Input for CVN 18 with ATC '0001'


    Terminal Input

    Tag

    Name

    Value

    '9F02'

    Amount, Authorized

    '000000000100'

    '9F03'

    Amount, Other

    '000000000000'

    '9F1A'

    Terminal Country Code

    '0840'

    '95'

    Terminal Verification Results

    '0000000000'

    '5F2A'

    Transaction Currency Code

    '0840'

    '9A'

    Transaction Date

    '181231'

    '9C'

    Transaction Type

    '01'

    '9F37'

    Unpredictable Number

    'ABCDEF10'

    Card Input

    '82'

    Application Interchange Profile

    '1800'

    '9F36'

    Application Transaction Counter

    '0001'

    '9F10'

    Issuer Application Data

    '06011203000000'

    Padded String:

    '00000000010000000000000008400000000000084018123101ABCDEF101800000106011203000000'  NO HACE LA API LO HACE 80000000000000'

    LENGTH 80 CHAR 40  HEX

    MOVE 3 TO RULE-ARRAY-COUNT 
    MOVE SPACES TO RULE-ARRAY 
    MOVE 'EMVMACD ' TO REGLA1  
    MOVE 'ONLY ' TO REGLA2
    MOVE 'MACLEN8 ' TO REGLA3 

    Slds.,
    Gustavo

    ------------------------------
    Gustavo Ramirez
    ------------------------------

    Attachment(s)

    txt
    SSCOCKEY.txt   18 KB 1 version
    Original Message


  • 9.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Fri August 05, 2022 09:13 AM
    In the sample I guess you are  using DKYL1 key. 
    SRV-ID-CLV2    PIC  X(64) VALUE 'DES.DKY1.PRUEBA.DESA'.
    We have MDK label with Key usage DKYL0. For CVN 18 I need to generate Session Key first using ATC then using CSNBMGN and Crypto value I can generate ARQC. But not sure how I can generate Session Key using my MDK label with usage DKYL0. Any idea. I am sharing you two logs one for CVN10 and other for CVN18, which was generated by the Card Producer as sample for our testing. They use same key for both.

    ------------------------------
    Dipin Jose
    ------------------------------

    Attachment(s)

    txt
    CVN18_trx log.txt   45 KB 1 version
    txt
    CVN 10_trx log.txt   42 KB 1 version
    Original Message


  • 10.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Sun March 10, 2024 08:19 PM

    "Hello, Gustavo! I'm using your program, could you help me with how I can generate the field:":

    *    CV  DMAC DKY1
           05  CV             PIC X(16) VALUE X'00724400034800000072440003280000'

    i've MDKA-MDKB and the KCV. I'm missing the entry key.




    ------------------------------
    Luis Romero
    ------------------------------

    Original Message


  • 11.  RE: How to generate DKYGENKY - Key access DYL1 using DYL0 Master Derivation Key

    Posted Sun March 10, 2024 08:19 PM

    Hola gustavo

    Me podrías ayudar de como poder obtener el valor del campo: 

    *    CLAVE                                                                 
           05  CLAVE-ENTRADA  PIC X(16) VALUE X'371A1354673170D5A17FF79D01C2A7EA'.

    Como podría realizarlo, solo tengo la MDKA y MDKB estándar, KCV (Check value)



    ------------------------------
    Luis Romero
    ------------------------------

    Original Message


Related Content