BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific Arabic Spanish Russian Chinese Welsh

 You are in: Sci/Tech
Front Page 
UK Politics 
Talking Point 
In Depth 

Commonwealth Games 2002

BBC Sport

BBC Weather

Friday, 9 November, 2001, 00:08 GMT
Security hole in cash machines
Customer getting cash from an ATM machine, BBC
Your Pin is vulnerable
By BBC News Online technology correspondent Mark Ward

A serious weakness has been discovered in the methods used by banks to protect the personal identification number (Pin) that lets you get money from a cash machine.

A crooked bank manager could duplicate our work on a Monday and be off to Bermuda by Wednesday afternoon

Richard Clayton, University of Cambridge
Researchers from the University of Cambridge have found that the computer systems that check these numbers are valid are easy to defeat.

They warn that unscrupulous insiders could exploit these weaknesses to raid customer accounts.

The researchers have called on banks to revise their security arrangements and use more open procedures to protect customers' cash.

Bank raid

Every time you use a cash machine a formidable array of security technology is used to protect the data being passed from the automatic teller machine (ATM) to the computers holding information about your account.

At the heart of this process are devices called cryptoprocessors. These black boxes scramble the information you punch into the ATM so it cannot be intercepted as it travels along the wires.

The cryptoprocessors also scramble the program that a bank's computers run when checking if the Pin number you submitted is valid.

By doing this, banks hope to keep your Pin protected from snoopers.

The physical construction of the cryptoprocessors is certified to a high standard to ensure that the boxes cannot be forced to give up the keys they use to scramble data.

Any physical tampering with the boxes makes them destroy the keys they use.

Crack attack

But security researchers Michael Bond and Richard Clayton have found serious weaknesses in the software cryptoprocessors use to handle the encryption keys as they talk to different programs.

These weaknesses could be exploited to gain access to keys, or to guide guesses about which key will unlock data.

"What was once thought to be the strongest link in the chain is now being shown to be one of the weaker links," said Mr Bond.

Typically encryption keys are hard to crack, or guess, because there are so many combinations to try. The vast amount of time it could take to try all possible combinations is a very good deterrent.

A handful of credit and debit cards, BBC
Credit and debit card purchases are protected by encryption
The cryptoprocessors use the US Data Encryption Standard (DES) to scramble data.

Properly implemented DES does a good job of protecting data.

Hardware built by Richard Clayton can try 33 million keys per second, but would still take 70 years to be sure of unscrambling data encrypted with a DES key.

However, using the clues provided by the leaky software, the cracking time can be reduced to just 24 hours.

Using their combined techniques, the pair have even been able to get keys from an IBM 4758 cryptoprocessor previously thought to be invulnerable.

Open banks

"Cryptoprocessors are the mainstay of the banking world," said Mr Bond. "A lot of cryptoprocessors are built around the same design and they will have the same kind of faults."

As well as protecting Pins, many financial organisations use them to protect credit and debit card transactions.

Mr Bond said the weaknesses left banks open to attack by insiders with access to the cryptoprocessors.

By far the majority of fraud committed against banks is carried out by employees of the financial institutions themselves.

A survey carried out by Ernst and Young revealed that in 2000 almost 82% of all identified fraud was carried out by employees.

"A crooked bank manager could duplicate our work on a Monday and be off to Bermuda by Wednesday afternoon," said Mr Clayton.

To remedy the situation the researchers said banks needed to patch the software systems that handle the encryption keys and be more open with their security procedures.

However, a spokesman for the banking body that oversees cash machine networks and bank transfers said the IBM 4758 was no longer in use.

"This is a fascinating piece of work, but where it falls down is that the banks have moved on and nowadays PINs are produced randomly and not in relation to an account number," said a spokesman for the Association for Payment Clearing Services.

"It won't work now in the UK," he said.

See also:

01 Jun 01 | Sci/Tech
Warning over e-mail snooping
31 Jan 01 | Sci/Tech
Major net security holes identified
28 Sep 01 | Sci/Tech
Net body targets web security
Links to more Sci/Tech stories are at the foot of the page.

E-mail this story to a friend

Links to more Sci/Tech stories