The HSM Local Master Keys (LMKs) are numbered from key 00 to key 99. They are used in pairs and each pair has a function, as shown in the table.
|
LMK Pair |
Function |
|
00 - 01 |
Contains the two Smartcard “keys” (Passwords if the HSM is configured for Password mode) required for setting the HSM into the Authorized state. |
|
02 - 03 |
Encrypts the PINs for Host storage. |
|
04 - 05 |
Encrypts Zone Master Keys and double-length ZMKs. Encrypts Zone Master Key components under a Variant. |
|
06 - 07 |
Encrypts the Zone PIN keys for interchange transactions. |
|
08 - 09 |
Used for random number generation. |
|
10 - 11 |
Used for encrypting keys in HSM buffer areas. |
|
12 - 13 |
The initial set of Secret Values created by the user; used for generating all other Master Key pairs. |
|
14 - 15 |
Encrypts Terminal Master Keys, Terminal PIN Keys, and PIN Verification Keys. Encrypts Card Verification Keys under a Variant. |
|
16 - 17 |
Encrypts Terminal Authentication Keys. |
|
18 - 19 |
Encrypts reference numbers for solicitation mailers. |
|
20 - 21 |
Encrypts ‘not on us’ PIN Verification Keys and Card Verification Keys under a Variant. |
|
22 - 23 |
Encrypts Watchword Keys. |
|
24 - 25 |
Encrypts Zone Transport Keys. |
|
26 - 27 |
Encrypts Zone Authentication Keys. |
|
28 - 29 |
Encrypts Terminal Derivation Keys. |
|
30 - 31 |
Encrypts Zone Encryption Keys. |
|
32 - 33 |
Encrypts Terminal Encryption Keys. |
|
34 - 35 |
Encrypts RSA Keys. |
|
36 - 99 |
Reserved for future use. |
|
There are Variants of some keys to suit particular requirements. |
|
|
LMK Pair |
Standard Test LMK Set |
|||||||
|
00-01 |
0101 |
0101 |
0101 |
0101 |
7902 |
CD1F |
D36E |
F8BA |
|
02-03 |
2020 |
2020 |
2020 |
2020 |
3131 |
3131 |
3131 |
3131 |
|
04-05 |
4040 |
4040 |
4040 |
4040 |
5151 |
5151 |
5151 |
5151 |
|
06-07 |
6161 |
6161 |
6161 |
6161 |
7070 |
7070 |
7070 |
7070 |
|
08-09 |
8080 |
8080 |
8080 |
8080 |
9191 |
9191 |
9191 |
9191 |
|
10-11 |
A1A1 |
A1A1 |
A1A1 |
A1A1 |
B0B0 |
B0B0 |
B0B0 |
B0B0 |
|
12-13 |
C1C1 |
0101 |
0101 |
0101 |
D0D0 |
0101 |
0101 |
0101 |
|
14-15 |
E0E0 |
0101 |
0101 |
0101 |
F1F1 |
0101 |
0101 |
0101 |
|
16-17 |
1C58 |
7F1C |
1392 |
4FEF |
0101 |
0101 |
0101 |
0101 |
|
18-19 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
|
20-21 |
0202 |
0202 |
0202 |
0202 |
0404 |
0404 |
0404 |
0404 |
|
22-23 |
0707 |
0707 |
0707 |
0707 |
1010 |
1010 |
1010 |
1010 |
|
24-25 |
1313 |
1313 |
1313 |
1313 |
1515 |
1515 |
1515 |
1515 |
|
26-27 |
1616 |
1616 |
1616 |
1616 |
1919 |
1919 |
1919 |
1919 |
|
28-29 |
1A1A |
1A1A |
1A1A |
1A1A |
1C1C |
1C1C |
1C1C |
1C1C |
|
30-31 |
2323 |
2323 |
2323 |
2323 |
2525 |
2525 |
2525 |
2525 |
|
32-33 |
2626 |
2626 |
2626 |
2626 |
2929 |
2929 |
2929 |
2929 |
|
34-35 |
2A2A |
2A2A |
2A2A |
2A2A |
2C2C |
2C2C |
2C2C |
2C2C |
|
36-37 |
2F2F |
2F2F |
2F2F |
2F2F |
3131 |
3131 |
3131 |
3131 |
|
38-39 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
0101 |
|
Password 1 = 0101 0101 0101 0101 |
||||||||
|
Password 2 = NOW IS THE TIME FOR A |
||||||||
The check value is 2686 0474 4491 2422.