[3352] in cryptography@c2.net mail archive
Re: German court: DES is no good
daemon@ATHENA.MIT.EDU (Markus Kuhn)
Wed Sep 23 12:24:19 1998
To: cryptography@c2.net
In-reply-to: Your message of "Wed, 23 Sep 1998 14:31:41."
<90651790105484@cs26.cs.auckland.ac.nz>
Date: Wed, 23 Sep 1998 10:20:49 +0100
From: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>
Peter Gutmann wrote on 1998-09-23 14:31 UTC:
> http://www.thestandard.net/articles/display/0,1449,1780,00.html
>
> German Court Ruling Another Blow To U.S. Encryption Standard
> By Mary Lisbeth D'Amico
>
> MUNICH - A German district court has ordered a bank in Frankfurt to repay a
> customer 4,543 marks (US$2,699) for money withdrawn from her bank account
> after her bank card was stolen.
>
> The decision, made public Monday, again points to the holes in the 56-bit
> encryption technology used in Eurocheque cards, called EC Cards, according to
> the Chaos Computer Club, a German hackers group.
>
> Calling the encryption technology for the EC bank cards "out-of-date and not
> safe enough," a Frankfurt District Court held the bank responsible for the
> amount stolen from the 72-year old plaintiff in February 1997. Neither the
> bank's name or that of the plaintiff were revealed.
In case someone is interested in the PIN algorithm of this system and
its weaknesses: A quick summary can be found in
http://www.cl.cam.ac.uk/~mgk25/ec-pin-prob.pdf
Using 56-bit keys is not the only weak part of this PIN algorithm.
The transformation algorithm that converts the 64-bit DES output
into the PIN has some quite dangerous flaws as well and allows you
to make very good guesses about what the PIN might be without a
DES brute-force search engine.
Markus
--
Markus G. Kuhn, Security Group, Computer Lab, Cambridge University, UK
email: mkuhn at acm.org, home page: <http://www.cl.cam.ac.uk/~mgk25/>
