Bilateral key exchange

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Bilateral Key Exchange (BKE) was an encryption scheme utilized by The Society for Worldwide Interbank Financial Telecommunications (SWIFT).

The scheme was retired on January 1, 2009 and has now been replaced by the Relationship Management Application (RMA). All key management is now based on the SWIFT PKI that was implemented in SWIFT phase 2.

A Bilateral Key allowed secure communication across the SWIFT Network. The text of a SWIFT:Message Types and the authentication key were used to generate a Message Authentication Code or MAC. The MAC ensured the origin of a message and the authenticity of the message contents. This was normally accomplished by the exchange of various SWIFT Messages used specifically for establishing a communicating key pair.

BKE keys were generated either manually inside the SWIFT software, or automatically with the use of an SCR or Secure Card Reader.

Since 1994, the keys used in the card reader and the authentication keys themselves were 1024bit RSA.