STS, Key Management
and Revenue Protection
Don Taylor
STS Association
www.sts.org.za
What’s it all about ?
•
•
•
•
•
•
•
•
•
•
•
Standard Transfer Specification (STS)
Meter Keys
Vending Keys and Supply Group Codes (SGC)
Encryption / Decryption
Key Change Tokens
Key Load Files
Secure Modules (SM)
Key Management Center (KMC)
Meter Manufacturers
Utilities
Token Vendors
A host of entities that work together.
What is encryption ?
“JOE”
Key
Secure
Module
shuffle rule
shuffle
letters
3
000
0
JOE
001
1
JEO
010
2
EJO
011
3
EOJ
100
4
OEJ
101
5
OJE
3
Key
message
shuffle rule
ENCRYPTION
shuffled
combinations
reverse
the shuffle
process
“JOE”
Token
DECRYPTION
Meter
message
The Key is a shared secret between sender and receiver.
What is a key ?
A secret random number
3-bit Key = 8 combinations
101
56-bit DES Key = 72 x 1015 combinations
1001 1100 1011 1110 1101 11011011 1110 1001 1110 0001 1000 1011 1010
64-bit STS Key = 18 x 1018 combinations
1001 1100 1011 1110 1101 11011011 1110 1001 1110 0001 1000 1011 1010 1011 1111
DES keys are still widely used in the banking industry
STS key is 256 times “stronger” than a DES key.
Meter key ?
KMC generates Key and allocates
applies for
SGC
Utility
Supply Group Code to Utility
Key Management Centre
Key
SGC
SGC = 000439
Key Load File
places
order
installs
Secure Module
Key
SGC
Meter
Manufacturer
Supply Group
Key Change
Token
SGC= 000439
Meter
manufactures
Key1
installed
in
Each meter Key1 is uniquely derived from Key.
Vending key ?
authorizes
Utility
Key Management Centre
Key
Already allocated Key
and SGC
SGC
contracts
$
with
Key Load File
installs
Vendor
Secure Module
Key
SGC
Encrypt (credit) using Key1
(credit)
$
Credit Token
installed
Customer
Meter
Key1
Decrypt (credit) using Key1
The Key gives vending authorization.
The implication ?
• Key authorizes credit transfer to customer
• Anyone in possession of the Key can transfer
credit
• A loaded Secure Module is a credit transfer
machine
• A “lost” or “unused” SM is a money printer
Manage your Secure Modules.
Who owns the key ?
• The Utility owns the Key
• The Key protects the Utility’s revenue
• It is the Utility’s responsibility to keep the
Key safe once it leaves the KMC
Responsibility accompanies ownership.
What does KMC do ?
• Generate Supply Group Codes and Keys
• Allocate to Utilities
• ESCROW in safe storage
• Distribute to equipment manufacturers and
token vendors authorized by Utility
• Authenticate Secure Modules
• Initialize Secure Modules
KMC is responsible for keys in its own domain.
What does STSA do ?
• Facilitates access to STS services
• Product certification
• Key management
• Assures availability of services
• Assures conformance to standards
• STS protocols
• Codes of practice
STSA supports the STS infrastructure.
Where are your keys now ?
• Every meter manufacturer that supplied
meters to the Utility
• Every SM that vended tokens for the Utility
• Loaded SMs in cupboards and boxes
• Stolen or missing SMs
Keys are all over the show.
Present status ?
• Many Utilities are ignorant of responsibility
• Few can give 100% accountability of SMs
• Many SMs becoming redundant due to online
vending systems
• Program initiated by NRS User Group and
KMC to bring keys and SMs under control
• STS Association initiated a project for
enhanced key management infrastructure
We need to get our act together.
What should Utility do ?
• Take ownership and responsibility
• Understand all relevant aspects of key
management
• Put own management plan in place
• Actively participate in the STS User Group
• Take “ownership” of the infrastructure
Wake up before it is too late.
Conclusion ?
The Key protects your Revenue
Manage it
Thank you for your attention!