本标准的这一部分描述了AES DUKPT算法，该算法用于根据事务号从初始终端DUKPT密钥派生密钥。派生密钥可用于多种功能，例如管脚、数据或其他密钥的加密、其他密钥的派生、消息身份验证等。AES DUKPT支持从AES-128、AES-192、AES-256以及双倍和三倍长度的TDEA密钥派生AES-128、AES-192和AES-256初始密钥。

This part of the standard describes the AES DUKPT algorithm, which is used to derive key(s) from an initial terminal DUKPT key based on the transaction number. Derived keys can be used for a variety of functions, such as encryption of PINs, data or other keys, for derivation of other keys, for message authentication, etc. AES DUKPT supports the derivation of AES-128, AES-192, AES-256, and double and triple length TDEA keys from AES-128, AES-192, and AES-256 initial keys.