Chapter 1. Basic Knowledge
There are three master keys of the issuer of the financial IC card, which are MDKac/MDKenc/MDKmac (6 if it supports national and standard encryption), which are used for application encryption respectively. , script encryption, MAC generation and verification. There are also three card keys UDK in each card, which are obtained by dispersing the master key of the bank respectively, and the dispersing factor is obtained by complementing the combination of card number pan and card serial number.
ARQC is the Authorization Request Cryptogram, which is generated by the card according to the transaction data and the card counter ATC. In the UnionPay 55 domain of the terminal, it is uploaded to the bank for verification, and the ac key is used.
ARPC is the Authorization Response Cryptogram, which is generated by the party according to ARQC and ARC, verified by the card, and uses the ac key.
The script MAC is generated by the Xingfang Financial IC card system according to the script and the mac algorithm of pboc3.0. The MAC algorithm is the same as the ARQC calculation algorithm. It is verified by the card and uses the mac key. (qq:22066821)
Chapter 2. Key Dispersion
For national and standard encryption, the key distribution process is the same, standard encryption uses 3des (double-length key), national encryption uses sm4, and the keys are both 16 byte. Suppose the issuer master key is as follows:
MDK_AC F0C34A8124CEE0A91A0B034AA97D6EAC
MDK_ENC D30F45EABC12AC3EF56B0C0D7F8654DE
MDK_MAC 12B1AC4AF070CC35612BFE2D30AB600D
2.1. Card key UDK
Calculated Card Number: 6210220110002707355
Card Serial Number: 01 (2 characters)
1.X1: The card number is spliced with the card serial number to form X1, 621022011000270735501 2. X2: X1 is filled with n 0s on the left, and the 16 bits on the right are taken to form X2, 2011000270735501 3.X3: X2 and 16 F, get DFEEFFFD8F8CAAFE 4.X4: X2 and X3, get 2011000270735501DFEEFFFD8F8CAAFE 5.UDK=MDKac(X4), can be 3des: B8A15DA5F7043C317D9FD8F8DFE2BD75, can be sm4: 444C0CC00E41656019B95779DFC68F32
2.2. Process Key (Working Key)
Application Counter ATC:03D3 (2 bytes)
1.Y1=ATC left complement 12 0,000000000000003D3 2. Y2=(ATC and FFFF) 12 zeros are added to the left to get 000000000000FC2C 3. Y3=Y1 and Y2, get 00000000000003D3000000000000FC2C 4. SKEY=encrypt Y3 with udk, 3des: 4A43440B2D932ACDC4E2776ED562EE43, sm4: A5D7FD7A3A1A686F47EA68180F330EB1
Chapter 3. MAC Algorithm
3.1.
In the 3des algorithm of the standard encryption algorithm Pboc3.0, the high-order single key operation (KMA) is always used, and a completed 3des encryption operation is not performed until the last step, as shown in the figure below. red frame.
The initial value IV is 0x00 of 8 bytes, and the original grouping principle is:
1. Add a byte 0x80 after the original position; 2. Group according to a group of 8 bytes. If there are less than 8 bytes, use 0x00 to make up 8 bytes.
The calculation steps are as follows:
3.2.
The sm4 algorithm of the national secret algorithm Pboc3.0 is a standard cbc algorithm, and the key is not segmented.
The initial value IC is 0x00 of 16 bytes, and the original grouping principle is:
1. Add a byte 0x80 after the original position; 2. Group according to a group of 16 bytes. If there are less than 16 bytes, use 0x00 to make up 16 bytes.
Chapter 4. ARQC Generation -
The generation of 8-byte ARQC is mainly divided into two parts, one is the assembly of the source text, and the other is the calculation result according to the MAC algorithm using the process key. The MAC is described above, and the original text is clearly specified in pboc:
Chapter 5. ARPC generates -8-byte
authorization response code ARC: 3030 (2 bytes)
ARQC: 81A9DC9310F88856, 35042BB77AE0CDF5.
1. Z1=ARC fills 12 0s on the right to get 3030000000000000; 2. Z2=ARQC XOR Z1, get B199DC9310F88856; 3. Z3=Z2 is filled with 16 0s on the right [this step is required for national secrets]; 4. ARPC=encrypt Z3 with skey, 84DD63A221F915CA; 5. Take the left 8 bytes of ARPC, 84DD63A221F915CA.
Chapter 6. MAC Generation - 4 or 8-byte
script MAC is generated in the same way as ARQC, the knowledge key uses the MAC key distributed by MDKmac, and the original text uses the script.