DECODER KEY GENERATION ALGORITHM (DKGA)
In mathematics and computer science, an algorithm is a finite sequence of well-defined, computer-implementable instructions, typically to solve a class of specific problems or to perform a computation (Wikipedia).
To the STSA's knowledge, none of its algorithms have ever been compromised.
Algorithm types
Various algorithm types exist in a STS based system:
- Algorithms used to create decoder keys from vending keys (DKGA = Decoder Key Generation Algorithm)
- Encryption Algorithms used to create and/or decrypt tokens in the meter and vending system (EA = Encryption Algorithm)
A DKGA is an algorithm used by the security module to create a decoder key for a payment meter from various input parameters:
- Primary Account Number (PAN), made up of the International identification number (IIN), and the Decoder Reference Number (DRN)
- Key Type (KT)
- Tariff index (TI)
- Key revision number (KRN)
- Vending key (VK)
- Supply group code (SGC)
- Base date (DKGA04 only)
DKGA's in use:
- Currently, the following DKGA's are specified:
- DKGA01 (64 bit DES - not recommended for use)
- DKGA02 (64 bit DES - current use)
- DKGA03 (triple DES - not recommended for use)
- DKGA04 (HMAC-SHA256 - available for use)
Encryption/Decryption Algorithm (EA)
Encryption: An algorithm used to render readable data into un-readable data by making use of public or secret keys.
Decryption: An algorithm used to render un-readable data into readable data by making use of secret keys.
The STS standard supports the following encryption algorithms (EA):
Algorithm | Description | Usage | DKGA |
EA07 | STA 64-bit DES based | Legacy, still in use | 02, 04 |
EA11 | MISTY – 128-bit key, 64-bit payload | High security algorithm. | 04 |
Real & Sample Tables
The STA encryption algorithm uses a set of tables for the encryption and decryption of token data. These tables are available from the STSA for members by visiting the website and applying for a copy of the tables. Sample tables are supplied in the IEC62055-41 specification for test purposes, but cannot be used for final STS compliant systems.
References: IEC62055-41, STS600-4-2