Chip and PIN

Peter Tomlinson ukcrypto at chiark.greenend.org.uk
Sat, 26 Jan 2008 12:31:47 +0000 

Nicholas Bohm wrote:
> lists@notatla.org.uk wrote:
>   
>> Nicholas Bohm wrote
>>> The banks have fielded a system that relies on shared secrets.  The fact
>>> that the secret has been used in an ATM is evidence either that the
>>> customer used it, or that an insider has purloined the secret from the
>>> bank, or that a third party has intercepted it (shoulder-surfing, skimmers).
>>>       
>>> In an era in which assymetric cryptography makes reliance on shared
>>> secrets unnecessary, those who field systems that rely on shared secrets
>>> should not be allowed to claim that use of the secret is proof of use by
>>> the customer.  That would give them a decent incentive to deploy more
>>> secure systems.  In the meantime some crooks would get away with fraud.
>>>  But that seems to me better than leaving the banks and the Ombudsman
>>> service to exercise a discretion about who they will believe and who
>>> they will not without any disclosure of any convincing evidence.
>>>       
>> I think that's not quite a fair assessment.  The PIN is shared between
>> the customer's brain and (as I understand it) a pool of HSMs and also
>> exposed to keyboards in various places of modest security.
>>
>> Replacement with public key technology might require one of
>>  - the customer to have incredible mental arithmetic
>>  - using a key stored on the card; proving possession of the card and not much else
>>  - replacing the card with a portable computer adequate in both power and security.
>>
>> Mere existence of assymetric cryptography and making practical use of it with
>> most of the population are two different things.  But I agree with the need to
>> restore balance to the adjuducation process.
>>     
>
> I accept of course that assymetric technology would have to be deployed
> to make its benefits available; and it certainly seems to me that if it
> is to be trustworthy for the customer, that would entail the development
> of a portable device with adequate computational power and its own
> facilities for entering and viewing data.  (This might amount to that
> fabled entity, a secure signature creation device.)
>
> Such a device would not be cheap to develop.  But if the banks bore the
> fraud risk in the way I suggest they should, it might be worth their
> while.  Otherwise I think it will never happen.
>
> Nicholas
>   
It has been reported that the UK banks have decided to migrate from SDA 
to DDA, starting this year. That means cards with crypto engines and 
more powerful processors in the terminals, which opens the door for more 
secure functionality.

Peter