HSM - Atalla simulator/emulator (Hardware Security Module)

My very first experience with an Atalla was with an old PCI card version of the ATALLA 10000 that was used in an issuer system for CVV and CVV2 verification. Having access to an HSM for development and testing is really a good thing , and is also a requirement is you are building a PIN based debit system, and since not everyone has access to HSM’s in their labs :) A friend has recently shared the following link: http://ziggurat29.com/ that includes “BogoAtalla”

This is an Atalla emulator (or simulator). This software emulation (simulation) of the well-known Atalla Hardware Security Module (HSM) that is used by banks and processors for cryptographic operations, such as verifying/translating PIN blocks, authorizing transactions by verifying CVV/CSC numbers, and performing key exchange procedures, was produced for testing purposes. This implementation is not of the complete HP Atalla command set, but rather the just portions that I myself needed. That being said, it is complete enough if you are performing acquiring and/or issuing processing functions, and are using more modern schemes such as Visa PVV and DUKPT, and need to do generation, verification, and translation. This runs as a listening socket server and handles the native Atalla command set. I have taken some liberties with the error return values and have not striven for high-fidelity there (i.e., you may get a different error response from native hardware), but definitely should get identical positive responses. Some features implemented here would normally require purchasing premium commands, but all commands here implemented are available. Examples are generating PVV values and encrypting/decrypting plaintext PIN values.

I gave it a very quick shot in a test virtual machine: HSM <00#020035#0101##> Let’s see – my first error message, invalid character/message :) And if you are a real geek- you can use the WRTG version: BogoAtalla for Linksys -- makes a great portable HSM. I’ll probably play a little more with this in the future. [edit] 8/19/2008 : Previously I could not seem to get more then the error message set back, so it looks like it has very limited functionality. I’ve revisited the http://ziggurat29.com/ website and notice it lists what commands are implemented, and a few examples, I downloaded a new zip file and ran the examples from the website and get what is expected. Ziggurat29 lists the following implemented commands: 00, 10, 11, 13, 1A, 30, 31, 32, 37, 5D, 5E, 7E, 90, 93, 97, 98, 99, 9E, 11B, 1111, 1226 - At some point I’ll need to try these other commands, but as per the example 31 and 32 appear to work. Here is a short test of cut and pasting a command via telnet to 127.0.0.1 7000

Comments

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×