PINs on open lines !!!
MOORE%MIDD.BITNET at mitvma.mit.edu
MOORE%MIDD.BITNET at mitvma.mit.edu
Wed Dec 21 12:42:31 AEST 1988
(Sorry for those of you who don't understand this conversation, but
I can't remember which list is carrying it)
Why oh why do these bank networks insist on sending PINs through their lines ??
Granted they're DES encrypted, but it takes little time to do the few large
number multiplications needed to do a "zero-knowledge" proof that the PIN\
is correct. This also removes the need for the PIN to be on the card at all.
The machine reads the account number from the card, gets the PIN from the
human, and then tickles the mainframe at the other end saying "Hey, let's do
a zero-knowledge check on account ######". Each machine starts multiplying,
etc. No need for the PIN on the card or over the wires.
Good lord, if I'd known what these folks were doing I might never have gotten
one of the silly little plastic cards.
Evan R. Moore
Academic Computing Services
Middlebury College
BITNET: MOORE at MIDD
Internet: 91erm at cc.williams.edu (a former life which forwards mail)
More information about the Comp.unix.wizards
mailing list