• PDF / 300,170 Bytes
• 15 Pages / 430 x 660 pts Page_size
• 69 Downloads / 191 Views

DOWNLOAD

REPORT

The Academic College of Tel Aviv Yaffo, School of Computer Science 2 Algorithmic Research Ltd., www.arx.com 3 Tel Aviv University, School of Computer Science

Abstract. We describe new attacks on the financial PIN processing API. The attacks apply to switches as well as to verification facilities. The attacks are extremely severe allowing an attacker to expose customer PINs by executing only one or two API calls per exposed PIN. One of the attacks uses only the translate function which is a required function in every switch. The other attacks abuse functions that are used to allow customers to select their PINs online. Some of the attacks can be applied in switches even though the attacked functions require issuer’s keys which do not exist in a switch. This is particularly disturbing as it was widely believed that functions requiring issuer’s keys cannot do any harm if the respective keys are unavailable. Keywords: Security API, API attack, Financial PIN Processing API, HSM, Insider attack, Phantom Withdrawal, VISA PVV, IBM 3624, EMV.

1

Introduction

Personal Identification Number (PIN) is the means used by a bank account holder to verify his/her identity to the issuing bank. When a PIN is entered by the card holder at a service point (e.g., an Automatic Teller Machine), the PIN and account number are sent to the verification facility (the issuing bank or other authorized entity) for verification. To protect the PIN on transit, it is formatted into a PIN block, the PIN block is encrypted under a transport key and the resulting Encrypted PIN Block (EPB) is sent for verification. As there usually isn’t direct communication between the service point and the verification facility, the PIN goes through switches. Each switch decrypts the EPB, verifies the resulting PIN block format (so the format serves as some form of Message Authentication Code), re-formats the PIN block if necessary, and re-encrypts the PIN block with a transport key shared with the next switch (or the verification facility when arriving there). Switches may be part of other issuers’ verification facilities or may be stand alone. There is generally no connection between a switch facility that handles an incoming EPB, and the issuer of the respective The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-77366-5_37 

The work of this author was carried out as part of an MSc thesis in Tel Aviv University.

S. Dietrich and R. Dhamija (Eds.): FC 2007 and USEC 2007, LNCS 4886, pp. 224–238, 2007. c Springer-Verlag Berlin Heidelberg 2007

The Unbearable Lightness of PIN Cracking

225

account number. Additionally, switches may be physically far from the issuer (for example, when a customer withdraws money overseas). To protect the PIN and the encryption keys both in switches and in the issuer’s environment, all operations involving a clear PIN are handled within a Hardware Security Module (HSM). Such operations are controlled by an application at

Recommend Documents

The unbearable circularity of easy ontology

147 44 434KB

The unbearable whiteness of being (in) Shakespeare

243 88 134KB

On Lightness in World Literature

170 95 2MB

PIN Replacement

146 3 47MB

Pin-Hole Borers

154 18 1MB

Lightness modification method considering visual characteristics of protanopia and deuteranopia

160 53 3MB

Solid- or Split-Pin

167 59 72MB

Prostatische intraepitheliale Neoplasie (PIN)

141 54 19MB

Your PIN Sounds Good! Augmentation of PIN Guessing Strategies via Audio Leakage

134 100 48MB

Pin-Tool Based Execution Backtracking

159 19 29MB

Illumination Dependence of Microcrystalline PIN Diodes

188 24 104KB

Degradation of SiC High-Voltage pin Diodes

200 84 219KB