Tag: AES
Changes in PCI PTS HSM v5.0: Who do they affect and what does it mean for the future of payments?
On May 18, 2026, the PCI SSC released version 5.0 of the PCI PTS HSM standard (or simply PCI HSM). This standard includes numerous changes that may affect, directly or indirectly, compliance with other PCI standards.
The Importance of Encryption Modes in Cryptography
When using encryption, a robust algorithm and an acceptable key length is not enough. There are two other very important parameters that are often forgotten: Encryption mode and initialization vector parameterization (Initialization Vector, IV). These...
Cryptographic hash with key: fundamentals and characteristics
One of the significant improvements that the PCI DSS standard incorporated in its version 4.0 was the use of keyed cryptographic hash functions (keyed cryptographic hash) as a replacement for traditional hash functions (non-keyed hash) that, until...
Cryptographic key management methods: fixed key, MK/SK and DUKPT
When symmetric cryptographic keys are used for the protection of stored or transmitted data, it is necessary to establish certain protocols for their loading, transmission, rotation or blocking. In the standards of the PCI SSC (mainly PCI PIN and P2PE), when the data...
Triple DES (TDEA) obsolescence and its impact on PCI SSC standards
January 1, 2024 marked a milestone in the history of modern cryptography: The Triple DES algorithm (3DES/TDES or TDEA) was listed as "obsolete" by NIST. This news is part of the efforts of the migration to...
What is PCI PIN?
En este nuevo artÃculo de la serie ¿Qué es? se realizará una breve introducción al estándar Payment Card Industry (PCI) PIN Security (PCI PIN), focalizado en la protección del número de identificación personal (PIN) en transacciones presenciales. Introducción El estándar...
The Ultimate Guide to Cryptographic Key Blocks
With the entry into force of the PCI PIN v2.0 standard in 2014, all encrypted symmetric keys (cryptograms) must be handled in structures called key blocks, which allow to protect in a standardized way the integrity of said cryptographic keys.
