Security hole in cash machines

R. A. Hettinga rah at shipwright.com
Thu Nov 8 23:09:17 EST 2001


http://news.bbc.co.uk/hi/english/sci/tech/newsid_1645000/1645552.stm

	Friday, 9 November, 2001, 00:08 GMT
Security hole in cash machines

Your PIN is vulnerable

By BBC News Online technology correspondent Mark Ward

A serious weakness has been discovered in the methods used by banks to
protect the number that lets you get money from a cash machine.

Researchers from the University of Cambridge have found that the computer
systems which check that these numbers are valid are easy to defeat.

They warn that unscrupulous insiders could exploit these weaknesses to raid
customer accounts.

The researchers have called on banks to revise their security arrangements
and use more open procedures to protect customers' cash.

Bank raid

Every time you use a cash machine a formidable array of security technology
is used to protect the data being passed from the ATM to the computers
holding information about your account.

At the heart of this process are devices called cryptoprocessors. These
black boxes scramble the information you punch into the ATM so it cannot be
intercepted as it travels along the wires.

A crooked bank manager could duplicate our work on a Monday and be off to
Bermuda by Wednesday afternoon

Richard Clayton, University of Cambridge

The cryptoprocessors also scramble the program that a bank's computers run
when checking if the PIN number you submitted is valid.

By doing this, banks hope to keep your PIN protected from snoopers.

The physical construction of the cryptoprocessors is certified to a high
standard to ensure that the boxes cannot be forced to give up the keys they
use to scramble data.

Any physical tampering with the box makes them destroy the keys they use.

Crack attack

Security researchers Michael Bond and Richard Clayton have found serious
weaknesses in the software cryptoprocessors use to handle the encryption
keys as they talk to different programs.

These weaknesses could be exploited to gain access to keys, or to guide
guesses about which one will unlock data.

"What was once thought to be the strongest link in the chain is now being
shown to be one of the weaker links," said Mr Bond.

Typically encryption keys are hard to crack, or guess, because there are so
many combinations to try. The vast amount of time it could take to try all
possible combinations is a very good deterrent.


Credit and debit card purchases are protected by encryption

The cryptoprocessors use the US Data Encryption Standard (DES) to scramble
data.

Properly implemented DES does a good job of protecting data.

Hardware built by Richard Clayton can try 33 million keys per second, but
would still take 70 years to be sure of unscrambling data encrypted with a
DES key.

However, using the clues provided by the leaky software, the cracking time
can be reduced to just 24 hours.

Using their combined techniques, the pair have even been able to get keys
from an IBM 4758 cryptoprocessor previously thought to be invulnerable.

Open banks

"Cryptoprocessors are the mainstay of the banking world," said Mr Bond. "A
lot of cryptoprocessors are built around the same design and they will have
the same kind of faults."

As well as protecting PIN numbers, many financial organisations use them to
protect credit and debit card transactions.

Mr Bond said the weaknesses left banks open to attack by insiders with
access to the cryptoprocessors.

By far the majority of fraud committed against banks is carried out by
employees of the financial institutions.

A survey carried out by Ernst and Young revealed that in 2000 almost 82% of
all identified frauds were carried out by employees.

"A crooked bank manager could duplicate our work on a Monday and be off to
Bermuda by Wednesday afternoon," said Mr Clayton.

To remedy the situation the researchers said banks needed to patch the
software systems that handle the encryption keys and be more open with
their security procedures.


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list