Appendix c. guide on decrypting data – MagTek MagneSafe V5 User Manual

89

APPENDIX C. GUIDE ON DECRYPTING DATA

The key that was used to encrypt each data block can be determined by using the Key Serial
Number field along with the Base Derivation Key associated with this reader. The resulting
DUKPT key, as described in ANS X9.24 Part 1, is the key which was used to encrypt the data.
(The key is described as the PIN key in the standard but since there are no PINs being used in
this application, the derived key is used.)

These sequences are based on the following data:

• Derivation Key: 0123 4567 89AB CDEF FEDC BA98 7654 3210

• Initially Loaded Key Serial Number (KSN): FFFF 9876 5432 10E0 0000
• Initially Loaded PIN Entry Device Key: 6AC2 92FA A131 5B4D 858A B3A3 D7D5 933A

When a data field consists of more than one block, Cipher Block Chaining (CBC) method is used
by the encrypting algorithm.

To decrypt this group of data, follow these steps:
• Start decryption on the last block.

• The result of the decryption is then XORed with the previous block.

• Continue until reaching the first block.

• The first block can skip the XOR operation.