sts, key management and revenue protection

Don Taylor

STS Association

STS, Key Management and Revenue Protection

                                                               www.sts.org.zawww.sts.org.za

• Standard Transfer Specification (STS)• Meter Keys• Vending Keys and Supply Group Codes (SGC)• Encryption / Decryption• Key Change Tokens• Key Load Files• Secure Modules (SM)• Key Management Center (KMC)• Meter Manufacturers• Utilities• Token Vendors

What’s it all about ?

A host of entities that work together.

What is encryption ?

“JOE” message

reversethe shuffle

process

000 0 JOE

001 1 JEO

010 2 EJO

011 3 EOJ

100 4 OEJ

101 5 OJE

shuffleletters

3

Key

3

Key shuffle rule

“JOE” message

shuffle rule

ENCRYPTION

DECRYPTION

Secure Module

Token

Meter

shuffled combinations

The Key is a shared secret between sender and receiver.

What is a key ?

64-bit STS Key = 18 x 1018 combinations

1001 1100 1011 1110 1101 11011011 1110 1001 1110 0001 1000 1011 1010 1011 1111

1001 1100 1011 1110 1101 11011011 1110 1001 1110 0001 1000 1011 1010

56-bit DES Key = 72 x 1015 combinations

A secret random number

101

3-bit Key = 8 combinations

DES keys are still widely used in the banking industry

STS key is 256 times “stronger” than a DES key.

Meter key ?

Each meter Key1 is uniquely derived from Key.

applies for SGC Key Management Centre

Key SGC

Secure Module

Key Load File

SGC = 000439

Meter

Key Change Token

Key1

Utility

Meter Manufacturer

places order

installs

manufactures

Supply Group

SGC= 000439

installed in

KMC generates Key and allocates

Supply Group Code to Utility

Key SGC

Vending key ?

The Key gives vending authorization.

Meterinstalled

Customer

Vendor

Utility

contracts

with

installsSecure Module

authorizes Key Management Centre

Key SGC

Key Load File

$

(credit)

Credit Token

Encrypt (credit) using Key1

$

Key1Decrypt (credit) using Key1

Key SGC

Already allocated Key and SGC

• Key authorizes credit transfer to customer

• Anyone in possession of the Key can transfer credit

• A loaded Secure Module is a credit transfer machine

• A “lost” or “unused” SM is a money printer

The implication ?

Manage your Secure Modules.

• The Utility owns the Key

• The Key protects the Utility’s revenue

• It is the Utility’s responsibility to keep the Key safe once it leaves the KMC

Who owns the key ?

Responsibility accompanies ownership.

• Generate Supply Group Codes and Keys

• Allocate to Utilities

• ESCROW in safe storage

• Distribute to equipment manufacturers and token vendors authorized by Utility

• Authenticate Secure Modules

• Initialize Secure Modules

What does KMC do ?

KMC is responsible for keys in its own domain.

• Facilitates access to STS services• Product certification• Key management

• Assures availability of services

• Assures conformance to standards• STS protocols• Codes of practice

What does STSA do ?

STSA supports the STS infrastructure.

• Every meter manufacturer that supplied meters to the Utility

• Every SM that vended tokens for the Utility

• Loaded SMs in cupboards and boxes

• Stolen or missing SMs

Where are your keys now ?

Keys are all over the show.

• Many Utilities are ignorant of responsibility

• Few can give 100% accountability of SMs

• Many SMs becoming redundant due to online vending systems

• Program initiated by NRS User Group and KMC to bring keys and SMs under control

• STS Association initiated a project for enhanced key management infrastructure

Present status ?

We need to get our act together.

• Take ownership and responsibility

• Understand all relevant aspects of key management

• Put own management plan in place

• Actively participate in the STS User Group

• Take “ownership” of the infrastructure

What should Utility do ?

Wake up before it is too late.

The Key protects your Revenue

Manage it

Conclusion ?

Thank you for your attention!