The wisdom of the ill informed
Ed Gerck
edgerck at nma.com
Mon Jun 30 14:30:44 EDT 2008
dan at geer.org wrote:
> Ed Gerck writes:
> -+--------------
> | ...
> | Not so fast. Bank PINs are usually just 4 numeric characters long and
> | yet they are considered /safe/ even for web access to the account
> | (where a physical card is not required).
> |
> | Why? Because after 4 tries the access is blocked for your IP number
> | (in some cases after 3 tries).
> | ...
>
>
> So I hold the PIN constant and vary the bank account number.
Dan,
This is, indeed, a possible attack considering that the same IP may be
legitimately used by different users behind NAT firewalls and/or with
dynamic IPs. However, there are a number of reasons, and evidence, why
this attack can be (and has been) prevented even for a short PIN:
1. there is a much higher number of combinations in a 12-digit account
number;
2. banks are able to selectively block IP numbers for the /same/
browser and /same/ PIN after 4 or 3 wrong attempts, with a small false
detection probability for other users of the same IP (who are not
blocked). I know one online system that has been using such method for
protecting webmail accounts, with several attacks logged but no
compromise and no false detection complaints in 4 years.
3. some banks reported that in order to satisfy FFIEC requirements for
two-factor authentication, but without requiring the customer to use
anything else (eg, a dongle or a "battle ship map"), they were
detecting the IP, browser information and use patterns as part of the
authentication procedure. This directly enables #2 above.
I also note that the security problem with short PINs is not much
different than that with passwords, as users notoriously choose
passwords that are easy to guess. However, an online system that is
not controlled by the attacker is able to likewise prevent multiple
password tries, or multiple account tries for the same password.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list