Breaking Legacy Banking Standards with Special-Purpose Hardware

In the field of eCommerce, online-banking is one of the major application requiring the usage of modern cryptography to protect the confidentiality and integrity of financial transactions between users and the banking system. In banking applications of some countries, the authorization of user transactions is performed with support of cryptographic One-Time-Password (OTP) tokens implementing ANSI X9.9-based challenge-response protocols. The legacy ANSI X9.9 standard is a DES-based authentication method on which we will demonstrate an attack based on a special-purpose hardware cluster. In this work we show how to break such an OTP-token with little effort in terms of costs and time. With an investment of about US $ 10,000 we are able to perform an attack which computes the key of a DES-based OTP token in less than a week having only three challenge-response pairs. Our attack can even be scaled linearly according to the budget of the attacker resulting in even faster breaking times. With this work, we want to point out once more that the immediate migration from legacy products using the DES algorithm is absolutely mandatory for security critical applications.

[1]  William C. Barker,et al.  TECHNOLOGY ADMINISTRATION , 2004 .

[2]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[3]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[4]  Marco Platzner,et al.  Field Programmable Logic and Application , 2004, Lecture Notes in Computer Science.

[5]  Chris J. Mitchell,et al.  Key Recovery and Forgery Attacks on the MacDES MAC Algorithm , 2000, CRYPTO.

[6]  Roger Frost,et al.  International Organization for Standardization (ISO) , 2004 .

[7]  Carl Eklund,et al.  National Institute for Standards and Technology , 2009, Encyclopedia of Biometrics.

[8]  Christof Paar,et al.  Breaking Ciphers with COPACOBANA - A Cost-Optimized Parallel Code Breaker , 2006, CHES.

[9]  Jean-Didier Legat,et al.  Design Strategies and Modified Descriptions to Optimize Cipher FPGA Implementations: Fast and Compact Results for DES and Triple-DES , 2003, FPL.

[10]  Bart Preneel,et al.  Key recovery attack on ANSI X9.19 retail MAC , 1996 .

[11]  Bruce Schneier,et al.  Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security. A Report by an Ad Hoc Group of Cryptographers and Computer Scientists , 1996 .

[12]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[13]  William Stallings Practical cryptography for data internetworks , 1996 .

[14]  Matthew J. Weiner,et al.  Efficient DES Key Search , 1994 .