Back to Search Start Over

Formal analysis of PIN block attacks

Authors :
Steel, Graham
Source :
Theoretical Computer Science. Nov2006, Vol. 367 Issue 1/2, p257-270. 14p.
Publication Year :
2006

Abstract

Abstract: Personal identification number (PIN) blocks are 64-bit strings that encode a PIN ready for encryption and secure transmission in banking networks. These networks employ tamper-proof hardware security modules (HSMs) to perform sensitive cryptographic operations, such as checking the correctness of a PIN typed by a customer. The use of these HSMs is controlled by an API designed to enforce security. PIN block attacks are unanticipated sequences of API commands which allow an attacker to determine the value of a PIN in an encrypted PIN block. This paper describes a framework for formal analysis of such attacks. Our analysis is probabilistic, and is automated using constraint logic programming and probabilistic model checking. [Copyright &y& Elsevier]

Subjects

Subjects :
*COMPUTER programming
*PERSONAL identification numbers
*DATA protection
*COMPUTER network security

Details

Language :
English
ISSN :
03043975
Volume :
367
Issue :
1/2
Database :
Academic Search Index
Journal :
Theoretical Computer Science
Publication Type :
Academic Journal
Accession number :
22965654
Full Text :
https://doi.org/10.1016/j.tcs.2006.08.042
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details