100 likes | 245 Views
Decimalisation Table Attacks for PIN cracking. By Mike Bond and Piotr Zieliński University of Cambridge Computer Laboratory Technical Report 560, February 2003, 14 pp.
E N D
Decimalisation Table Attacks for PIN cracking By Mike Bond and Piotr Zieliński University of Cambridge Computer Laboratory Technical Report 560, February 2003, 14 pp. • “It takes an average of 15 guesses to determine a four digit PIN using this technique, instead of the 5000 guesses intended.” Presented by Ji SUN
Summary This paper presents an attack on HSM to crack customer PINs using adaptive decimalisation tables and guesses. Terminology • Decimalisation table: *-to-1 mapping between hexadecimal and decimal digits • HSM (Hardware Security Module): only YES/NO answer • PIN (Personal Identification Number) • ATM (Automatic Teller Machine, cash machine) • PIN Generation Key: a secret DES key
Critical comments • This paper should talk more about general background information of PIN security. • the architecture of ATM networks, • solutions to this kind of decimalisation table attacks • If potentially seriousvulnerabilities have been exploited by the bad guys to steal millions of cash from ATM because of publishing of this paper, so do you think bond and Zieliński should publish it in public? My answer is: No.
This paper is very interesting because it mentioned an attacker can discover 7000 PINs in half an hour. (HSM) 60 PINs/sec * 60 sec/min * 30 min ÷ 15 guesses =7200 PINs Bond and Zieliński described the fundamental techniques behind the decimalisation attacks in great detail. (See next slide) Appreciative comments
Appreciative comments (cont.) Three Attacks • Initial scheme (24 guesses, twice in the worse case) • Adaptive scheme (22 guesses?) • PIN Offset Adaptive scheme (16.5 guesses)
IBM 3624-Offset PIN Generation Method Account Number: 4556 2385 7753 2239 PIN (derivation) key: 0505 0505 0505 0505 Encrypted Account: 3F7C 2001 00CA 8AB3 Dec. Encrypted Acc.: 3572 2001 0020 8013 Decimalisation Table: 0123 4567 8901 2345 Decimalisation PIN: 3572 Offset : 4344 Customer PIN: 7816
PIN Verification (Offsets) PIN Generation Key Validation Data EDE Multiple Encryption Ciphertext Digit Replacement Decimalisation Table Customer Selected PIN Digit Subtraction module 10 Intermediate PIN (IPIN) Offset The diagram quoted from: Clulow, J.S. “I know your PIN”, RSA Europe, October 2002
An example of Decimalisation Attack • Dec. Table (0) = 1123456789012345 Dec. PIN = 3572 Offset = 4344 (will pass) • Dec. Table (1) = 0223456789012345 Dec. PIN = 3572 Offset = 4344 (will pass) • Dec. Table (2) = 0133456789012345 Dec. PIN = 3573 Offset = 4344 (will fail) = 4343 (will pass) In this example, we have identified that the 4th digit in the original Decimalisation PIN is a 2 and so the 4th final PIN digit is 2 + 4 = 6 (Dec.PIN + Offset = final PIN is 7816).
Questions? • Is this decimalisation table attack a hypothetical threat or real one? • Should Bond and Zielińskipublish these attacks in public?