Bilateral key exchange (BKE) was an encryption scheme utilized by the Society for Worldwide Interbank Financial Telecommunication (SWIFT).[1]
The scheme was retired on January 1, 2009 and has now been replaced by the Relationship Management Application (RMA). All key management is now based on the SWIFT PKI that was implemented in SWIFT phase two.
A bilateral key allowed secure communication across the SWIFT Network. The text of a SWIFT message and the authentication key were used to generate a message authentication code or MAC. The MAC ensured the origin of a message and the authenticity of the message contents. This was normally accomplished by the exchange of various SWIFT messages used specifically for establishing a communicating key pair.
BKE keys were generated either manually inside the SWIFT software, or automatically with the use of a secure card reader (SCR).
Since 1994, the keys used in the card reader and the authentication keys themselves were 1,024 bit RSA.[2]