Previous topic |
Next topic |
Contents |
Index |
Contact z/OS |
Library |
PDF
IBM PIN Algorithms z/OS Cryptographic Services ICSF Application Programmer's Guide SA22-7522-16 |
|
This section describes the IBM PIN generation algorithms, IBM PIN offset generation algorithm, and IBM PIN verification algorithms. 3624 PIN Generation AlgorithmThis algorithm generates a n-digit PIN based on an account-related data or person-related data, namely the validation data. The assigned PIN length parameter specifies the length of the generated PIN. The algorithm requires the following input parameters:
The service uses the PIN generation key to encipher the validation data. Each digit of the enciphered validation data is replaced by the digit in the decimalization table whose displacement from the leftmost digit of the table is the same as the value of the digit of the enciphered validation data. The result is an intermediate PIN. The leftmost n digits of the intermediate PIN are the generated PIN, where n is specified by the assigned PIN length. Figure 14 illustrates the 3624 PIN generation algorithm. German Banking Pool PIN Generation AlgorithmThis algorithm generates a 4-digit PIN based on an account-related data or person-related data, namely the validation data. The algorithm requires the following input parameters:
The validation data is enciphered using the PIN generation key. Each digit of the enciphered validation data is replaced by the digit in the decimalization table whose displacement from the leftmost digit of the table is the same as the value of the digit of enciphered validation data. The result is an intermediate PIN. The rightmost 4 digits of the leftmost 6 digits of the intermediate PIN are extracted. The leftmost digit of the extracted 4 digits is checked for zero. If the digit is zero, the digit is changed to one; otherwise, the digit remains unchanged. The resulting four digits is the generated PIN. Figure 15 illustrates the German Banking Pool (GBP) PIN generation algorithm. PIN Offset Generation AlgorithmTo allow the customer to select his own PIN, a PIN offset is used by the IBM 3624 and GBP PIN generation algorithms to relate the customer-selected PIN to the generated PIN. The PIN offset generation algorithm requires two parameters in addition to those used in the 3624 PIN generation algorithm. They are a customer-selected PIN and a 4-bit PIN check length. The length of the customer-selected PIN is equal to the assigned-PIN length, n. The 3624 PIN generation algorithm described in the previous section is performed. The offset data value is the result of subtracting (modulo 10) the leftmost n digits of the intermediate PIN from the customer-selected PIN. The modulo 10 subtraction ignores borrows. The rightmost m digits of the offset data form the PIN offset, where m is specified by the PIN check length. Note that n cannot be less than m. To generate a PIN offset for a GBP PIN, m is set to 4 and n is set to 6. Figure 16 illustrates the PIN offset generation algorithm. 3624 PIN Verification AlgorithmThis algorithm generates an intermediate PIN based on the specified validation data. A part of the intermediate PIN is adjusted by adding an offset data. A part of the result is compared with the corresponding part of the customer-entered PIN. The algorithm requires the following input parameters:
The rightmost m digits of the offset data form the PIN offset, where m is the PIN check length.
When a nonzero PIN offset is used, the length of the customer-entered PIN is equal to the assigned PIN length. Figure 17 illustrates the PIN verification algorithm. German Banking Pool PIN Verification AlgorithmThis algorithm generates an intermediate PIN based on the specified validation data. A part of the intermediate PIN is adjusted by adding an offset data. A part of the result is extracted. The extracted value may or may not be modified before it compares with the customer-entered PIN. The algorithm requires the following input parameters:
The rightmost 4 digits of the offset data form the PIN offset.
Figure 18 illustrates the GBP PIN verification algorithm. |
Copyright IBM Corporation 1990, 2014
|