Cryptographic Pin Processing In EFT Systems

24 August 2005

conference paper
Published by Institute of Electrical and Electronics Engineers (IEEE)

p. 142-147
https://doi.org/10.1109/cmpcon.1979.729098

Abstract

A described method of protecting Personal Identification Numbers (PINS) assumes the Point of Sale (POS) terminal is online to a host operating system and that both terminal and host have a cryptographic capability based upon the DES al- gorithm and support a cryptographic key management scheme.1 Subscription by the host and terminal to a communications protocol which can support end-to-end encryption, 2 provides additional security. In this environment a table of user PINS, indexed by user name, is maintained at the host. By permitting customer PIN verification at either the terminal or the host when a transaction is initiated, an exhaustive attack against the PIN becomes as difficult as one against a DES key.

Keywords

This publication has 2 references indexed in Scilit:

A cryptographic key management scheme for implementing the Data Encryption Standard
IBM Systems Journal, 1978
Cryptography architecture for information security
IBM Systems Journal, 1978