This Internbcional Standard specifies methods for the management of keying material used for the encipherment, decipherment and authentication of messages exchanged in the course of wholesale financial transactions. It specifies requirements for
i) the control during its life of keying material to prevent unauthorised disclosure, modification, substitution, and replay;
ii) the manual or automatic distribution of keying material, to permit interoperability between cryptographic equipment or facilities using the same algorithm;
iii) ensuring the integrity of keying material during all phases of its life, including its generation, distribution, storage, entry, use, archival and destruction;
iv) recovery in the event of failure of the key management process or when the integrity of the keying material is questioned.
It thus provides a means whereby an audit trail can be identified for all keying material.
This International Standard is designed for the use of symmetric algorithms for key distribution, where originator and recipient use the same key. It is designed for messages formatted and transmitted in coded character sets. It is intended that provision will, in due course, be made to cover the use of asymmetric algorithms for key distribution.
This standard does not provide a means to distinguish cryptographically between two physical parties when they share a common key.
The procedures specified are appropriate for use by financial institutions and by their corporate and government customers, and in other relationships where the interchange of information requires confidentiality, protection and authentication.