Comment PIN secuirty standards (Score 1) 213
Surprising lack of information and misinformation for a slashdot post and comments. In general, PINs are the most protected part of payment transactions. PIN encryption doesn't use bad/crackable crypto concepts like Adobe did on their passwords. And while it's Triple DES-based, its actually quite strong. All debit PINs in the US are encrypted using the same few standards:
* PIN Block and PIN encrypytion: ANS X9.8 part 1 and ISO 9564. Examples: http://www.paymentsystemsblog.com/2010/03/03/pin-block-formats/
* Key management: DUKPT from Annex A of ANS X9.24 part 1. Some DUKPT details: http://en.wikipedia.org/wiki/Derived_unique_key_per_transaction
Each PIN pad is injected with a unique initial key that is a double-length Triple DES key. That initial key is derived into a key set of 21 keys that are used to derive up to 1 million future keys (the counter rules in DUKPT only let it count 1 million values). Those are all unique per device. Each transaction uses a unique future key and that is derived into a PIN encryption key to encrypt the PIN block (according to the ANSI and ISO standards).
Encryption of the PIN block is Triple DES ECB using a unique key for that transaction for that device. Breaking the encryption for that key would be a 2^112 brute force effort (no shortcuts because only one ciphertext used that key). And breaking that key will not get you any past keys and only some future keys for that device depending on where it is in the key space. In all, cracking PIN blocks coming from PIN pads is not a low hanging fruit.
PIN pads and their design has to be lab certified and signed off by the PCI Security Council. Merchants can only use PCI certified PIN devices if they take debit cards. (strangely, credit only devices are not required to be PCI certified, but they could be if they encrypt credit card data). While there are older versions of the PIN pad certification requirements, basically the PIN security is the strongest part of the certification. The lab tests for side channel attacks against PIN encryption, ensures physical security of the device, logical security of the device, that applications running on the device (if any) cannot impact/access PIN encryption, and that tampering devices causes them to erase keys.
list of PCI approved PIN Transaction Security (PTS) devices: https://www.pcisecuritystandards.org/approved_companies_providers/approved_pin_transaction_security.php#
PCI documents (including PIN security): https://www.pcisecuritystandards.org/security_standards/documents.php?association=PTS&document=PTS%20Program%20Guide%20FINAL%201%201#PTS%20Program%20Guide%20FINAL%201%201
