An Introduction to TR-31 and Thales Key Blocks

Jan Bilek
7.10.2022

In financial cryptography and PCI standards, a Key Block is an encrypted key stored with its metadata in a cryptographically secure way. That means that the key’s usage information and other parameters can’t be altered by an attacker by tampering with the encrypted key.

Key Blocks are an important method to help protect payment security. They prevent the misuse of cryptographic keys and protect the keys from malevolent hackers who could exploit weaknesses and substitute other keys and perform similar attacks against payment systems.

  • Key Blocks provide a standard way of protecting the integrity of cryptographic keys and defining and restricting their use to their intended functions.
  • Key Blocks can be used to protect both Triple Data Encryption Algorithm (TDEA), sometimes referred to as 3DES or TripleDES, and Advanced Encryption Standard (AES) keys.
  • Key Blocks are used to protect the secrecy and integrity of the encrypted key.

There are already several key block implementations hanging around, which are in an active use:

  • Atalla Key Block
  • BASE24 Key Exchange
  • IBM CCA
  • MasterCard OBKM
  • PKCS#8 Cryptogram
  • TR-31
  • Thales Key Block

In this article we will have a closer look at TR-31 and Thales Key Block and share some useful information.

TR-31 Key Blocks

TR-31 Key Blocks are described in the ANSI X9.24-1-2017 specification. The key block structure consists of three parts (Header, Encrypted key data and MAC).

TR-31 Key-blocks structure

 

Header: is the least sensitive part of the key block. It defines the key block type, key usage and key type
Encrypted key data: Contains all the key sensitive data including the actual key key value, its size. It can optionally contain the ciphering mode used and data padding options.
MAC: (The Message Authentication Code) is an integrity check of the Header and Key data and ensures that the key block has not been modified.

Let’s take a closer look onto a Thales Key block.

Thales key block

The Thales key block is based on the TR-31 key block that has been standardized for key exchange between communicating parties. A Thales key block refines and extends the TR-31 key block specification.

Two types of Thales Key Block LMKs are supported by the PayShield 9000 & PayShield 10k:

  • DES Keyblock LMK – contains a triple-length 3DES key. This key provides a security strength of 112-bits, and can be used to protect subordinate DES, RSA & HMAC keys.
  • AES Keyblock LMK – based on a 256-bit AES key. This key provides a security strength of 256-bits, and can be used to protect subordinate AES, DES, RSA & HMAC keys.

The ability to support Thales Key Blocks was initially introduced in the HSM 8000 in software release v3.0, and is also available on the PayShield 9k++ from its v1.0 firmware.

Structure

The Thales Key Block is denoted by key scheme “S”, it consists of four parts:

Thales Key-blocks structure

Header

The Header determines how the key contained in the key block may be used. Only specific field values for the Header are permitted for HSM commands. If a key block with the “wrong” Header is submitted in a command message then the HSM will return an error code.
It is a 16-byte (clear) header, which defines the key usage (e.g. Visa PVV) and mode of use (e.g. verification only), the algorithm with which the key is used (e.g. 3DES) and the limitations on the exportability of the key (e.g. no export permitted); the Header also identifies the LMK used to encrypt the key in the key block.

Thales Key Block Header

Keyblock header values MUST be chosen with care. They SHOULD also be chosen to be as restrictive as possible for the particular key type and key usage; special attention SHOULD be given to:

  • Key Usage – define the primary usage of the key contained in the key block. In most cases, a key block simply replaces a “variant-encrypted” key in an HSM command message.
  • Mode of Use – defines the operation that the key contained in the key block can perform.
  • Exportability – the conditions under which the key contained in the key block can be exported outside the cryptographic domain in which the key is found. A key is defined to be trusted if it is in either Thales key block or TR-31 key block format. Any other format key is said to be untrusted.

Note: Some changes to keyblock header values are permitted (via a host command), but only to restrict key usage further. For example, a key initially designated as a “MAC generate and verify” key can later have its header changed to make it a “MAC generate only” key, but the reverse change is not permitted. Similarly, if a key is designated as “non-exportable” then it cannot later be changed to “exportable”.

Optional header

The Optional Header comprises a number of Optional Header blocks, each with the following structure:

Thales Key Block’s Optional Header

The Optional header block contains clear text unencrypted values and could be used,for example, to define the validity period for the key contained in the key block. The maximum length of an Optional Header block is 255 bytes (and the minimum length is 4 bytes). In theory, a key block may have a maximum of 99 optional blocks. In practice, however, only a small number of different types of optional blocks have been defined and each optional block identifier must be unique and may not be repeated.

Thales Optional Header Block ID

Encrypted key block

The only part of the key block that is encrypted is the Key Data, which contains the actual key stored in the key block. The encryption algorithm used to protect the Key Data depends on the specific Keyblock scheme being used:

  • When using a DES Keyblock LMK, the Key Data portion of the key block is encrypted using 3DES Cipher Block Chaining (CBC), using bytes 0-7 of the Header as the Initialization Vector (IV). The encryption key will be a variant of the LMK.
  • When using an AES Keyblock LMK, the Key Data portion of the key block is encrypted using AES Cipher Block Chaining (CBC), using bytes 0-15 of the Header as the Initialization Vector (IV). The encryption key will be cryptographically derived from the LMK.

Thales Encrypted Key Block

Note: The minimum padding necessary for AES, RSA and HMAC keys will always be applied.

Authentication

The Key Block Authenticator ensures the integrity of the Key Block, and is calculated over the Header, Optional Header Blocks and the Key Data. The authentication algorithm used depends on the specific Key Block LMK being used:

  • When using a DES Key Block LMK, the Key Block Authenticator is calculated using a 3DES CBC-MAC, with a zero IV. (No padding is required, as the data to be authenticated is always a multiple of 8 bytes in length.) The left-most 4 bytes of the result will be used as the Authenticator. The authentication key will be a variant of the LMK.
  • When using an AES Key Block LMK, the Key Block Authenticator is calculated using an AES CMAC over the clear Key Block. The left-most 8 bytes of the result will be used as the Authenticator. The authentication key will be cryptographically derived from the LMK.

The key types that may be included in a Thales key block are DES and 3DES keys, HMAC keys and RSA public and private keys. Note that an RSA public key is not encrypted, but the key block is still authenticated.

Migrating to the new key block formats will be complicated task, just like any cryptographic migration as the definition of Cryptographic Key Blocks by the standard is very rigorous and requires a strict implementation. All PCI:DSS requirements are now migrating towards the use of new key blocks, such as TR-31.

Legacy applications will need to be changed.

 

Sources / Links to follow:

Share