Unique Key per Transaction Schemes

Unique key per transaction (UKPT) schemes are so-called because they establish a new key each time they are used.

Motivation for UKPT schemes

Most of the previous key establishment mechanisms involve one, or both, of the following:

• Use of long-term (top-level) secret keys—for example, the use of master keys or key encrypting keys in key hierarchies.

• A special transfer of data explicitly for key establishment. This applies to every technique we have discussed so far, except key redistribution.

While these are acceptable features in many environments, they may not be desirable in others. The first requires devices that can securely store and use long-term keys, and the second introduces a communication overhead.

One of the reasons most of the previous schemes require these features is that the new key being established has been generated independently in the sense that it has no relationship with any existing data (including existing keys). An alternative methodology is to generate new keys by deriving them from information already shared by Alice and Bob. We discussed derivation earlier, where the shared information was an existing secret known to Alice and Bob. However, importantly, this shared information does not need to be a long-term secret. Rather, it could be a short-term key, other data, or a combination of the two.

There are two clear advantages of using key derivation to generate new keys from short-term secrets already shared between Alice and Bob:

1. Alice and Bob don’t need to store a long-term key.

2. Alice and Bob aren’t required to engage in any special communication solely for key establishment.

Application of UKPT schemes

UKPT schemes adopt the methodology we have just described by updating keys using a key derivation process after each use. A good example of an application of UKPT schemes is retail point-of-sale terminals, which merchants use to verify PINs and approve payment card transactions.