[Gllug] natwest fantasticness

[Tethys]

Bruce Richardson writes:

>> They use both, and yes, the PIN is stored on the magstripe.
>
>Are you sure about that?  Does anybody have a url for the actual
>mechanism?

OK, perhaps I overstated things. The PIN itself isn't stored directly
on the magstripe. What's stored is a 4 digit "PIN offset", which as
far as I can tell is essentially a salt. When you type in your PIN,
a hash[1] is taken of the PIN you enter and the PIN offset read from
the card. This is then sent down the wire for authentication. When
you change your PIN at an ATM, a new PIN offset is sent over the wire
to the ATM by the authenticating company (e.g., FDI). This new PIN
offset is written to the card via a magstripe writer in the ATM.

Note that PIN plus offset is still only 8 digits, a trivially small
keyspace to crack should you need to[2]. Bond and Zielinski described
a technique for cracking PINs in an average of 15 guesses, for example
(although to do it *that* simply does require an insider with access
to an HSM).

Tet

[1] And I've been given reason to believe the hashing algorithm may
    even just be simple addition!
[2] Of course, even banks wouldn't be that stupid. Small keyspace it
    may be, but you still need some means of getting a yes/no answer
    for your guesses. Authentication is always done over the wire,
    and never at POS.
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug