Based on certain attacks on 56 bit DES described in detail in Section 6, it is the
consensus of X9 that Message Authentication Codes (MACs) as defined in ANSI X9.9-
1994 no longer provide sufficient security to protect wholesale financial transactions.
Hence, X9.9 is being withdrawn.
This Guideline discusses:
using new technology to provide integrity protection for wholesale financial
messages,
transitioning from X9.9 to the new technology, and
measures can be taken to ameliorate the risk inherent in X9.9 during the transition
period.
