Skip to main content

7.2.2. X9.17 Key Generation

The American National Standards Institute has specified the following method for generating a sequence of keys [X9.17]:

  • s₀ is the initial 64 bit seed.
  • gₙ is the sequence of generated 64-bit key quantities
  • k is a random key reserved for generating this key sequence.
  • t is the time at which a key is generated, to as fine a resolution as is available (up to 64 bits).
  • DES ( K, Q ) is the DES encryption of quantity Q with key K.

Then:

g    = DES ( k, DES ( k, t ) XOR s  )
 n                                n

s    = DES ( k, DES ( k, t ) XOR  g  )
 n+1                               n

If g sub n is to be used as a DES key, then every eighth bit should be adjusted for parity for that use, but the entire 64 bit unmodified g should be used in calculating the next s.

Last updated on