Ctrlk
For the complete documentation index, see llms.txt. This page is also available as Markdown.
ChatGPT

How to Decrypt Data

For EMV ARQC and EMV Batch Data, the device encrypts data using TDES in CBC-like chaining without an Initial Vector:

  • The device begins by TDES encrypting the first 8 bytes of clear text data. The 8-byte result is placed in an encrypted data buffer.

  • Continue using TDES CBC method with the encrypted 8 bytes XORed with the next 8 bytes of clear text; encrypt that result and place it into the encrypted data buffer.

  • Repeat until all clear text bytes have been encrypted.

  • If the final block of clear text contains fewer than 8 bytes, the device pads the end of the block to make 8 bytes.

  • After the final clear text block is XORed with the prior 8 bytes of encrypted data, the device encrypts it and places it in the encrypted data value.

  • No Initial Vector is used.

The host must decrypt the data in 8-byte blocks, ignoring any final unused bytes in the last block. When a value consists of more than one block, use the CBC method to decrypt the data by following these steps:

1

Start with the last block

Start decryption on the last block of 8 bytes (call it block N) using the key.

2

XOR with previous block

XOR the result of the decryption with the next-last block of 8 bytes (block N-1).

3

Repeat backwards

Repeat until reaching the first block.

4

First block handling

Do not XOR the first block with anything.

5

Concatenate blocks

Concatenate all blocks.

6

Truncate padding

Determine the expected length of the decrypted data (for EMV ARQC and EMV Batch Data this information is included as part of the unencrypted data structure) and truncate the end of the decrypted data block to the expected data length, which discards the padding at the end.

Last updated