In this article we will focus on fleet cards issued by banks and/or follow a payment card association scheme (Visa, MasterCard, etc.) and the necessary transition from 3DES to AES encryption.
We may refer to these fleet cards as “AFD” cards (or AFD-Fleet cards), where AFD stands for Automated Fuel Dispenser. Like traditional bank cards, these cards and the infrastructure behind them need to also consider moving from 3DES to AES if they already use a chip or are directly integrating AES if they are migrating to EMV.
Upgrading from 3DES to AES is much more complicated in the card payment environment than in a software scheme (like for the TLS module of browsers, for example).
- The payment environment is clearly different because much cryptography is involved.
- Today, there are very few issuers processing ARQC using AES in the United States.
- When migrating to AES, you need to consider larger cryptographic block sizes, and this involves changing the key bundle block, as well.
- AES key exchange is now described by the latest version of the ANS X9 TR-31. Key blocks can now be secured by AES instead of triple-DES.
Fleet cards that use payment networks must operate within a PCI environment. Therefore, they must implement key blocks before the deadlines of June 2021 and 2023, as set by the PCI Council .
Another reason for fleet cards to migrate to AES is related to the latest version of ANS X9.24 part 3 that now allows Derived Unique Key Per Transaction, aka DUKPT, to use AES.
DUKPT is a very popular key derivation scheme used to generate session keys to cipher data between zones. There are several HSMs that support DUKPT AES. Therefore, it is reasonable to believe that triple DES could be abandoned in the near future inside the payment networks
Reasons Why AES is Better than 3DES
Here are some of the reasons why AES is better than 3DES:
- 3DES relies on single-DES, which is a broken algorithm. There are several attacks that can break 2-key DES and 3-key DES in contexts where the keys can be isolated as single-DES keys with known corresponding ciphertexts.
- 3DES is deprecated, AES is the future. NIST, the National Institute of Standards and Technology has withdrawn the approval for the 2-key 3DES algorithm at the end of 2015. Even if 3-key 3DES is still approved by NIST, its security is no better than 2-key 3DES. It is now recommended to phase out 3-key 3DES before 2031.
- Overall, AES is a better algorithm. AES is faster and is considered more secure. The AES DUKPT can generate two billion keys before rekeying (instead of 1 million for TDE-based DUKPT). Since the AES key space is so much larger (256 bits instead of 112 bits for 2 keys - 3DES), AES keys have a longer crypto period than 3DES keys. This reduces the need for complex and costly key exchange ceremonies.
- AES should have better resistance to quantum computing attacks. Advances in quantum computing show that AES should resist quantum attacks much better than 3DES.
Fleet cards using payment networks should adopt an AES-based algorithm and make sure they migrate to AES and do not use the deprecated 3DES algorithm. For this migration, it is very important to select the right HSM as not all hardware security modules are able to provide efficient and robust AES algorithms, especially the newest AES DUKPT.
- Information Supplement: Cryptographic Key Blocks (2017), by the PTS Working Group PCI Security Standards Council
-  Phase 1 – Implement key blocks for internal connections and key storage within service provider environments. This would include all applications and databases connected to hardware security modules (HSM). Effective date: June 2019.
Phase 2 – Implement key blocks for external connections to associations and networks. Estimated timeline for this phase is 24 months following Phase 1, or June 2021.
Phase 3 – Implement key blocks to extend to all merchant hosts, point-of-sale (POS) devices and ATMs. Estimated timeline for this phase is 24 months following Phase 2, or June 2023.
Blog post by Martin Rupp and Dr. Ulrich Scholten