ANSI X9.73-2017: Cryptographic Message Syntax – ASN.1 and XML, which was processed and approved for submittal to ANSI by the Accredited Standards Committee on Financial Services, X9 (ASC X9), has been released. It revises and replaces the 2010 edition of the same American National Standard.
Financial transactions have adapted with the times, not only in the sheer amount of money transferred, but also more congruously in the methods through which money is exchanged. Modern financial business transactions are highly dependent on computer and network-based technologies, and their intertwinement with the Internet is enduring. In fact, the U.S. Federal Reserve, back in 2005, processed approximately 528,000 transactions valued at $2.1 trillion on an average day.
The swelling volume of business financial transactions has offered convenience and simplicity for the parties involved with the exchanges, but this open environment also exposes the financial community to risks with severe implications. These derive from accidental or deliberate disclosure, alteration, substitution, or destruction of data, and any pervasive threats are compounded by interconnected networks and advancing refinement of malicious adversaries. Adequate safeguards are necessary.
ANSI X9.73-2017 specifies a cryptographic syntax scheme that can be used to protect financial transactions, files, and other messages from unauthorized disclosure and modification. It provides the services of independent data unit protection, confidentiality, integrity and data origin authentication, and non-repudiation. These services are given through differing algorithms.
The cryptographic syntax scheme addressed within ANSI X9.73-2017 is based on an abstract Cryptographic Message Syntax (CMS) schema, whose values are represented using either a compact, efficient, binary encoding or a flexible, human-readable, XML markup format. The schema of messages exchanged between communicating parties, for both of these formats, is represented by Abstract Syntax Notation One (ASN.1).
Furthermore, the syntax scheme is reflective of the following characteristics: XML markup uses the Canonical XML Encoding Rules (cXER), messages are protected independently, the syntax is algorithm independent and extensible, and selective field protection can be provided in two distinct ways.
The attributes of the syntax scheme are also defined using an extensible design. Therefore, any organization is able to use any cryptographic algorithm defined in current and future financial services standards.
Support for a variety of key establishment mechanisms, including key exchange, key agreement, password-based encryption and constructive key management, provides flexibility of key management techniques for the syntax scheme addressed in ANSI X9.73-2017.
As appositely and succinctly stated in the foreword of the ANSI X9.73-2017 standard document:
“Use of this widely deployed syntax will lead to quick market acceptance in the financial community, lower costs due to economy of scale, and interoperability with a large number of existing standards and applications.”
ANSI X9.73-2017: Cryptographic Message Syntax – ASN.1 and XML is available on the ANSI Webstore.