My reply to a question of IPEK’s role in the DUKPT mechanism in Security Exchange:
http://security.stackexchange.com/questions/56414/what-is-the-point-to-the-ipek-in-dukpt/56415#56415
Derived Unique Key Per Transaction (DUKPT) is a key management scheme in which for every transaction, a unique key is used which is derived from a fixed key. Therefore, if a derived key is compromised, future and past transaction data are still protected since the next or prior keys cannot be determined easily. DUKPT is specified in ANSI X9.24 part 1
The key aspect of DUKPT is that for each transaction that is originated from the PIN device(like the POS terminals), the key for encryption shall be unique. The key shall not have any relation with the keys that were used in the past or the keys that might be used for future transactions. The encryption algorithm that shall be used is TDES.
IPEK is derived from Base Derivation Key(BDK). The inputs to create IPEK are the PIN Device ID and the Key-Set ID. The Key-Set ID uniquely identifies the BDK. So you can see that, with one BDK, you can have multiple IPEKs. One IPEK for each device with unique ID. The BDK shall not be known to the PIN device. The BDK is a super secret key which shall be known to the gateway with which all PIN devices communicate. The gateway shall store the BDK securely in a HSM device. The BDK cannot be shared among the PIN devices. Period. Thus comes the IPEK to rescue.
Once the terminal has been initialized with IPEK, it shall populate the 21 Future Key registers by invoking a non-reversible transformation process. The inputs to this would be IPEK and a value which is function of the register number. Then the IPEK is discarded. Now the terminal has 21 Future Keys stored in 21 registers. Now PIN device can communicate witht the gateway, encrypt with the generated key along with meta data which includes Key-Set ID and device ID. With this meta data and the BDK , the gateway also shall derive the key for decryption.
Notes 