Derived Unique Key Per Transaction
In cryptography, Derived Unique Key Per Transaction (DUKPT) is a key management scheme in which for every transaction, a unique key is used which is derived from a fixed key. Therefore, if a derived key is compromised, future and past transaction data are still protected since the next or prior keys cannot be determined easily. DUKPT is specified in ANSI X9.24 part 1.
DUKPT allows the processing of the encryption to be moved away from the devices that hold the shared secret. The encryption is done with a derived key, which is not re-used after the transaction. DUKPT is used to encrypt electronic commerce transactions. While it can be used to protect information between two companies or banks, it is typically used to encrypt PIN information acquired by Point-Of-Sale (POS) devices.
DUKPT is not itself an encryption standard; rather it is a key management technique. The features of the DUKPT scheme are:
- enable both originating and receiving parties to be in agreement as to the key being used for a given transaction,
- each transaction will have a distinct key from all other transactions, except by coincidence,
- if a present key is compromised, past and future keys (and thus the transactional data encrypted under them) remain uncompromised,
- each device generates a different key sequence,
- originators and receivers of encrypted messages do not have to perform an interactive key-agreement protocol beforehand.
Read more about Derived Unique Key Per Transaction: Overview, Algorithms, Practical Matters (KSN Scheme)
Famous quotes containing the words derived, unique and/or key:
“Jesus wept; Voltaire smiled. From that divine tear and from that human smile is derived the grace of present civilization.”
—Victor Hugo (1802–1885)
“I feel free as a bird. I’m in a unique position because I’m the boss. I buy what I like. I initiate things. I can experiment with all kinds of things I think the kids might be interested in. Nobody interferes. For me, it’s no chore to go to work. Most people never get to do this at any time in their lives.”
—Sarah Houghton, U.S. librarian. As quoted in Working, book 9, by Studs Terkel (1973)
“This is not a book. This is libel, slander, defamation of character. This is not a book, in the ordinary sense of the word. No, this is a prolonged insult, a gob of spit in the face of Art, a kick in the pants to God, Man, Destiny, Time, Love, Beauty ... what you will. I am going to sing for you, a little off key perhaps, but I will sing.”
—Henry Miller (1891–1980)