Predictable serial number attack

Last updated

A predictable serial number attack is a form of security exploit in which the algorithm for generating serial numbers for a particular purpose is guessed, discovered, or reverse engineered, a new serial number is predicted using the algorithm, and the newly generated serial number is then used for a fraudulent purpose, either to obtain an undeserved benefit or to deny service to the legitimate holder of the serial number.

Contents

Example

Suppose there is a phone card available for sale that offers telephone service by entering the serial number printed on the card. Alice legitimately purchases a phone card in order to call Bob, and her card has the serial number 0003. The attacker, Mallory, also purchases two phone cards, and notices that the serial numbers printed on her phone cards are 0001 and 0002. After consuming the value on cards 0001 and 0002, Mallory guesses the algorithm used for generating these serial numbers is a simple sequence and predicts that 0003 is a valid serial number, enters 0003 when prompted, and gets additional phone service. When Alice tries to use her card she discovers the value has been stolen from it and it is now worthless.

Countermeasures

A common approach to prevent predictable serial number attacks is to use a cryptographic hash function such as SHA-2 to generate the actual serial numbers. Internally, the issuing organization creates a (pseudo-)random nonce as a salt for generating the serial numbers, and keeps it secret. The issuer increments their internal serial number and appends it to the salt, and the computed message digest is used to create the actual serial number. The issuer does have to take care to prevent collisions between existing values so as not to wrongly issue two identical serial numbers.

Known attacks

See also

Related Research Articles

<span class="mw-page-title-main">Password</span> Used for user authentication to prove identity or access approval

A password, sometimes called a passcode, is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of password-protected services that a typical individual accesses can make memorization of unique passwords for each service impractical. Using the terminology of the NIST Digital Identity Guidelines, the secret is held by a party called the claimant while the party verifying the identity of the claimant is called the verifier. When the claimant successfully demonstrates knowledge of the password to the verifier through an established authentication protocol, the verifier is able to infer the claimant's identity.

In cryptography, SHA-1 is a hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecimal digits. It was designed by the United States National Security Agency, and is a U.S. Federal Information Processing Standard. The algorithm has been cryptographically broken but is still widely used.

A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. The attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations (pigeonholes). With a birthday attack, it is possible to find a collision of a hash function in , with being the classical preimage resistance security. There is a general result that quantum computers can perform birthday attacks, thus breaking collision resistance, in .

<span class="mw-page-title-main">SIM card</span> Integrated circuit card for a mobile device

A SIM card is an integrated circuit (IC) intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the SIM as its primary component. In practice the term "SIM card" refers to the entire unit and not simply the IC.

<span class="mw-page-title-main">Personal identification number</span> PIN code

A personal identification number (PIN), or sometimes redundantly a PIN number or PIN code, is a numeric passcode used in the process of authenticating a user accessing a system.

<span class="mw-page-title-main">Cryptographic hash function</span> Hash function that is suitable for use in cryptography

A cryptographic hash function (CHF) is a hash algorithm that has special properties desirable for a cryptographic application:

In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function. KDFs can be used to stretch keys into longer keys or to obtain keys of a required format, such as converting a group element that is the result of a Diffie–Hellman key exchange into a symmetric key for use with AES. Keyed cryptographic hash functions are popular examples of pseudorandom functions used for key derivation.

In cryptography, a collision attack on a cryptographic hash tries to find two inputs producing the same hash value, i.e. a hash collision. This is in contrast to a preimage attack where a specific target hash value is specified.

<span class="mw-page-title-main">One-time password</span> Password that can only be used once

A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.

<span class="mw-page-title-main">Security token</span> Device used to access electronically restricted resource

A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place, of a password. It acts like an electronic key to access something. Examples of security tokens include wireless keycards used to open locked doors, or a banking token used as a digital authenticator for signing in to online banking, or signing a transaction such as a wire transfer.

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

A national identification number, national identity number, or national insurance number or JMBG/EMBG is used by the governments of many countries as a means of tracking their citizens, permanent residents, and temporary residents for the purposes of work, taxation, government benefits, health care, and other governmentally-related functions.

<span class="mw-page-title-main">Identity document forgery</span> Fake IDs and their production

Identity document forgery is the process by which identity documents issued by governing bodies are copied and/or modified by persons not authorized to create such documents or engage in such modifications, for the purpose of deceiving those who would view the documents about the identity or status of the bearer. The term also encompasses the activity of acquiring identity documents from legitimate bodies by falsifying the required supporting documentation in order to create the desired identity.

A rainbow table is a precomputed table for caching the outputs of a cryptographic hash function, usually for cracking password hashes. Passwords are typically stored not in plain text form, but as hash values. If such a database of hashed passwords falls into the hands of an attacker, they can use a precomputed rainbow table to recover the plaintext passwords. A common defense against this attack is to compute the hashes using a key derivation function that adds a "salt" to each password before hashing it, with different passwords receiving different salts, which are stored in plain text along with the hash.

<span class="mw-page-title-main">Password strength</span> Resistance of a password to being guessed

Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.

Basic access control (BAC) is a mechanism specified to ensure only authorized parties can wirelessly read personal information from passports with an RFID chip. It uses data such as the passport number, date of birth and expiration date to negotiate a session key. This key can then be used to encrypt the communication between the passports chip and a reading device. This mechanism is intended to ensure that the owner of a passport can decide who can read the electronic contents of the passport. This mechanism was first introduced into the German passport on 1 November 2005 and is now also used in many other countries.

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.

<span class="mw-page-title-main">Social Security number</span> Nine-digit number issued to U.S. citizens and permanent residents

In the United States, a Social Security number (SSN) is a nine-digit number issued to U.S. citizens, permanent residents, and temporary (working) residents under section 205(c)(2) of the Social Security Act, codified as 42 U.S.C. § 405(c)(2). The number is issued to an individual by the Social Security Administration, an independent agency of the United States government. Although the original purpose for the number was for the Social Security Administration to track individuals, the Social Security number has become a de facto national identification number for taxation and other purposes.

The Computerised National Identity Card (CNIC) is an identity card issued by Pakistan's National Database and Registration Authority (NADRA). The card is available to any citizen of Pakistan who is 18 years of age or older. The CNIC is a computerised version of the National Identity Card (NIC).

<span class="mw-page-title-main">Card security code</span> Security feature on payment cards

A card security code is a series of numbers that, in addition to the bank card number, is printed on a card. The CSC is used as a security feature for card not present transactions, where a personal identification number (PIN) cannot be manually entered by the cardholder. It was instituted to reduce the incidence of credit card fraud.

References

  1. Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, Benne de Weger. "MD5 considered harmful today", December 30, 2008, accessed March 24, 2009
  2. White, Ed. "Michigan iPod repairman charged with fraud", March 19, 2009, Boston Globe , accessed March 24, 2009. Archived March 24, 2009, at the Wayback Machine