These files are a supplement to ANSI X9.24-3-2017 and are a set of source code that can be used as a reference implementation of the AES DUKPT algorithm on a transaction-originating SCD or a receiving SCD. AES DUKPT is used to derive transaction key(s) from an initial terminal DUKPT key based on the transaction number. Keys that can be derived include symmetric encryption/decryption keys, authentication keys, and HMAC (keyed-hash message authentication code) keys. AES DUKPT supports the derivation of AES-128, AES-192, AES-256, double length TDEA, and triple length TDEA keys from AES-128, AES-192, and AES-256 initial keys.

While the included source code contains a reference implementation of the AES DUKPT algorithm, in no way should the included source code be considered an implementation of the entirety of the requirements of the ANSI X9.24 Part 3 standard. Care must be taken to follow all requirements when deploying a complete implementation of the standard.
 

• Description of Python source code. Click here to download python source code document.
• Python source code that was used to generate the test vectors. Click here to download python source code.
• Test vectors for validating the algorithm described in ANSI X9.24-3-2017. Click here to download vectors.

Notice to Users:

X9 has tried to ensure the accuracy and reliability of computer code and information provided on this web page and site. However, the information is provided “as is” without warranty of any kind. X9 does not accept any responsibility or liability for the accuracy, content, completeness, or reliability of the computer code and information contained on this page and website. No warranties expressed or implied are given to the nature or accuracy of the information. X9 shall not be liable for any loss or damage of whatever nature whether arising in contract, tort or otherwise, which may arise as a result of your use of (or inability to use) the computer code or information herein.