Tankolas atveres!
pyxys1
pyxys1 at westel900.net
Sun Aug 24 21:02:51 CEST 2003
Szia Hajdu Csaba,
Sunday, August 24, 2003, 8:44:12 PM, you wrote:
HC> algoritmust, korabban azt is irtad, hogy keresre elkuldod, rajta
HC> hat, latni szeretnem.
na, én megtaláltam. te hogy állsz?
HC> Mi lesz a szamlaszama Toth Belanak? Anyja neve Nagy Maria,
HC> szuletett Zahonyban, 1966. februar 5-en.
hülye kérdésre hülye válasz: 30.
de közben rákerestem a neten is és rengeteg idevonatkozó írás van.
pl:
February 21, 2003
Attack Exposes ATM Vulnerabilities
By Dennis Fisher
Two Cambridge University researchers have discovered a new attack on the hardware
security modules employed by banks that makes it possible to retrieve customers' cash
machine PINs in an average of 15 tries.
The attack takes advantage of a weakness in the cryptographic model used by many
HSMs to encrypt, store and retrieve PINs. The system, used by many ATMs, reads the
customer's account number that is encoded on the magnetic strip of the ATM card. The
software then encrypts the account number using a secret DES key. The ciphertext of the
account number is then converted to hexadecimal and the first four digits of it are
retained.
Those digits are then put through a decimalization table, which converts them to a
format that's usable on the ATM keypad. By manipulating the contents of this table,
it's possible for an attacker to learn progressively more about the PIN with each
guess. Using various schemes described in the paper, a knowledgeable attacker could
discover as many as 7,000 PINs in a half hour, the authors say.
--
Best regards,
pyxys1 mailto:pyxys1 at westel900.net
More information about the Elektro
mailing list