Abstract
We study the secure upgrade of critical components in wide networked systems, focussing on the case study of PIN processing Hardware Security Modules (HSMs). These tamper-resistant devices, used by banks to securely transmit and verify the PIN typed at the ATMs, have been shown to suffer from API level attacks that allow an insider to recover user PINs and, consequently, clone cards. Proposed fixes require to reduce and modify the HSM functionality by, e.g., sticking on a single format of the transmitted PIN or adding MACs for the integrity of user data. Upgrading HSMs worldwide is, of course, unaffordable. We thus propose strategies to incrementally upgrade the network so to obtain upgraded, secure subnets, while preserving the compatibility towards the legacy system. Our strategies aim at finding tradeoffs between the cost for special “guardian” HSMs used on the borderline between secure and insecure nodes, and the size of the team working in the upgrade process, representing the maximum number of nodes that can be simultaneously upgraded.
Work partially supported by Miur’07 Project SOFT: “Security Oriented Formal Techniques”.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Hackers crack cash machine PIN codes to steal millions. The Times online, http://www.timesonline.co.uk/tol/money/consumer_affairs/article4259009.ece
PIN Crackers Nab Holy Grail of Bank Card Security. Wired Magazine Blog Threat Level, http://blog.wired.com/27bstroke6/2009/04/pins.html
Barrière, L., Flocchini, P., Fraigniaud, P., Santoro, N.: Capture of an intruder by mobile agents. In: Proceedings of the 14th ACM Symposium on Parallel Algorithms and Architectures (SPAA),Winnipeg, Manitoba, Canada, pp. 200–209 (2002)
Barrière, L., Fraigniaud, P., Santoro, N., Thilikos, D.M.: Searching is not jumping. In: Bodlaender, H.L. (ed.) WG 2003. LNCS, vol. 2880, pp. 34–45. Springer, Heidelberg (2003)
Berkman, O., Ostrovsky, O.M.: The unbearable lightness of PIN cracking. In: Dietrich, S., Dhamija, R. (eds.) FC 2007 and USEC 2007. LNCS, vol. 4886, pp. 224–238. Springer, Heidelberg (2007)
Bond, M., Zielinski, P.: Decimalization table attacks for pin cracking. Technical Report UCAM-CL-TR-560, University of Cambridge, Computer Laboratory (2003), http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf
Breish, R.: An intuitive approach to speleotopology. Southwestern cavers VI(5), 72–82 (1967)
Centenaro, M., Focardi, R., Luccio, F., Steel, G.: Type-based analysis of PIN processing APIs. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 53–68. Springer, Heidelberg (2009)
Clulow, J.: The design and analysis of cryptographic APIs for security devices. Master’s thesis, University of Natal, Durban (2003)
Ellis, J.A., Sudborough, I.H., Turner, J.S.: The vertex separation and search number of a graph. Information and Computation 113, 50–79 (1994)
Focardi, R., Luccio, F., Steel, G.: Blunting differential attacks on PIN processing APIs. In: Knapskog, S.J. (ed.) NordSec 2009. LNCS, vol. 5838, pp. 88–103. Springer, Heidelberg (2009)
Focardi, R., Luccio, F.L.: Cracking bank PINs by playing Mastermind. In: Proceedings of the Fifth International Conference on Fun with algorithms (FUN 2010). LNCS, Springer, Heidelberg (2010)
Hayashi, F., Sullivan, R., Weiner, S.E.: A Guide to the ATM and Debit Card Industry. Federal Reserve Bank of Kansas City (2003)
Kirousis, L.M., Papadimitriou, C.H.: Searching and pebbling. Theoretical Computer Science 47, 205–218 (1986)
Lapaugh, A.: Recontamination does not help to search a graph. Journal of the ACM 40(2), 224–245 (1993)
Megiddo, N., Hakimi, S., Garey, M., Johnson, D., Papadimitriou, C.: The complexity of searching a graph. Journal of the ACM 35(1), 18–44 (1988)
Parson, T.: Pursuit-evasion problem on a graph. Theory and applications of graphs, 426–441 (1976)
Peng, S., Ko, M., Ho, C., Hsu, T., Tang, C.: Graph searching on chordal graphs. Algorithmica 27, 395–426 (2002)
Santoro, N.: Design and Analysis of Distributed Algorithms. John Wiley & Sons, Chichester (2006)
Steel, G.: Formal Analysis of PIN Block Attacks. Theoretical Computer Science 367(1-2), 257–270 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Focardi, R., Luccio, F.L. (2010). Secure Upgrade of Hardware Security Modules in Bank Networks. In: Armando, A., Lowe, G. (eds) Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security. ARSPA-WITS 2010. Lecture Notes in Computer Science, vol 6186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16074-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-16074-5_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16073-8
Online ISBN: 978-3-642-16074-5
eBook Packages: Computer ScienceComputer Science (R0)