Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

KCV Value - 3DES Encryption

Tags:

.net

security

encryption

What is KCV (Key Check Value) in the context of 3-DES Encryption? Is there good documentation on what is KCV and how it can be used in 3-DES Encryption?

like image 423
K2M Avatar asked Mar 11 '26 20:03

K2M

2 Answers

"6.15 Key Check Value
Purpose: The data is used to prove that a card/processor has access to aspecific DES key value.
Format: Binary, 3 bytes
Contents: The three leftmost bytes of the result of encrypting eight bytes of zeros by the DES key concerned" (source)
__
"The Key Check Value for any DES key will be computed by encrypting 8 bytes of '00' using ECB 3DES with the key concerned" (source)
__
"The key check value (abbreviated KCV or CV) of a DES/3DES key is the result of encrypting 16 hexadecimal zeroes using the key. For example, the key check value of the single-length DES key 0123456789ABCDEF is equal to D5D44FF720683D0D. This information is useful when transmitting DES/3DES keys in an encrypted fashion and is usually send by the sender to ensure that the recipient has correctly received the key." (source)
__
To me, it seems this is some sort of checksum.

like image 115
RobIII Avatar answered Mar 13 '26 10:03

RobIII

KCV's are used within e.g. the PKCS#11 standard for hardware security devices. Imagine you need to import secret keys, possibly in multiple parts. Then you need to verify that the import succeeded. You simply check a block encrypt of all zeros (or the leftmost part of it) against a previously calculated KCV value. As symmetric algorithms are supposed to be invulnerable against known plain text/cipher text attacks, you don't leak any information about the key.

For hardware security devices the keys are normally not extractable; they may therefore not be available for hash methods, or the hash method itself may not even be available. So performing a key encryption on all zero's is a nice method of creating a secure checksum. For other keys, such as RSA keys, hashing (SHA-1) is normally used instead of encryption to identify the (value of the) key.

In software you can simply create a block containing only zero's and then perform ECB encryption or CBC encryption with an IV set to all zero's. Then take x bytes as the KCV. The number of bytes in the KCV depends on the standard used. If you use less than 3 bytes you may run into keys with the same value even by accident.

Note that a KCV does leak a bit of information; it shows what a ciphertext encryption a block of all zero's looks like. If you perform CBC encryption with a random IV, that should not matter much. On the other hand, if you use CTR mode encryption with a zero IV, you might leak the first 3 bytes of the key stream (and therefore plaintext).

Lets keep in line with RobIII: source (note: FTP)

like image 39
Maarten Bodewes Avatar answered Mar 13 '26 10:03

Maarten Bodewes
Sign in to Comment

Related questions

Set Property of Instance without Setter [duplicate]
Flashing Window not working for TabbedThumbnail (custom taskbar preview)
How to get latest changed events of IObservable<IObservable<T>>?
In c#.Net using IoC, is it OK to pass dependency to a method directly without using constructor?
Is it possible to communicate with WCF TCP service with app in java or python?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!