From: "Alex" 
Newsgroups: uk.finance uk.legal
Subject: Re: Credit Cards/Chip and Pin/ATM withdrawls
Date: 22 Dec 2005 15:51:54 GMT

At 15:36:14 on 22/12/2005, Palindr☻me delighted uk.finance by announcing:

> Alex wrote:
> > At 13:57:31 on 22/12/2005, Palindr☻me delighted uk.finance by announcing:
> > 
> > 
> > > Cynic wrote:
> > > 
> >>>On Thu, 22 Dec 2005 09:27:22 +0000, Mark  wrote:
> > > > 
> > > > 
> > > > 
> > > > > What details are communicated between the chip and the ATM?  e.g. If
> > > > > the chip sends a "PIN ok" signal to the ATM, could a fraudster create
> > > > > a chip that always sends this signal?
> > > > 
> > > > 
> > > > That's where the pre-transaction handshaking comes into things.  There
> > > > is a complex exchange of encrypted data after the card is inserted so
> > > > that the ATM or POS can verify that the chip is not fraudulent.
> > > > Again, much of that data is data that cannot be extracted from the
> > > > card.
> > > > 
> > > 
> > > The circuit design and silicon layout must be worth its weight in rice
> > > crispies to any one "seriously" planning to attack the chip. For example,
> > > it may be as "simple" as micro-etching and then hitting the right spot
> > > with a laser to set the chip to always generate "a PIN ok" flag
> > 
> > 
> > There's no such thing.  When the correct PIN is presented to the card, it
> > responds with a cryptogram indicating the status.  This cryptogram is
> > generated using the private key stored on the card.
> 
> 
> It may respond to the outside world with a very secure protocol but what goes
> on at gate level within the silicon is another matter.

I believe what happens is that the received PIN is encrypted and compared with
the stored encrypted PIN.  If the two match, a cryptogram so indicating is
generated based on the transaction details.  I guess that any attack would
therefore have to be dynamic - quite impractical given the potential reward.