Decimalization tables

Edit online

Decimalization tables can be loaded in the coprocessors to restrict attacks using modified tables.

The management of the tables requires a TKE workstation.

These verbs make use of the stored decimalization tables:
  • Clear PIN Generate (CSNBPGN)
  • Clear PIN Generate Alternate (CSNBCPA)
  • Encrypted PIN Generate (CSNBEPG)
  • Encrypted PIN Verify (CSNBPVR)

The ANSI X9.8 PIN - Use stored decimalization tables only (offset X'0356') access control point is used to restrict the use of the stored decimalization tables. When the access control point is enabled, the table supplied by the verb will be compared against the active tables stored in the coprocessor. If the supplied table does not match any of the active tables, the request will fail.

A TKE workstation (Version 7.1 or later) is required to manage the PIN decimalization tables. The tables must be loaded and then activated. Only active tables are checked when the access control point is enabled.

Note: CCA routes work to all active coprocessors based on workload. All coprocessors must have the same set of decimalization tables for the decimalization table access control point to be effective.