3

Possible Duplicate:
How do some sites (e.g. online banks) only ask for specific characters from a password without storing it as plaintext?

Some banking applications ask for random letters from your password, the 3rd, 5th and 6th letters for example.

Presumably this is to limit the effectiveness of sniffing the network traffic or keylogging to get password information.

I was wondering how this information is likely stored so that they are able to see individual characters in the password but presumably have them stored in a secure way?

Would each character get salted and hashed? If so would each get stored in different columns of a table? Or would each three letter permutation of the password characters get stored in a table unique to the user?

Toby
  • 729
  • 6
  • 9
  • Interesting system. I have never seen one like it. I highly doubt the effectiveness of it though. –  Aug 05 '12 at 00:47
  • 1
    I can't think of anyway this could be done that would be even remotely secure. – Dracs Aug 05 '12 at 04:14
  • Such data is most likely encrypted, not hashed. My bank requires me to provide a valid client certificate, password and once I want to perform a transaction it wants me to give 2 letters (chosen by bank at random for each transaction) from a second "password", which is used solely for this purpose. – Matrix Aug 05 '12 at 06:36
  • 1
    They use a [HSM](http://en.wikipedia.org/wiki/Hardware_security_module), such that the requests go into the device (are character 4, 6 and 7 of 4395092's secret word 'b', 'e' and 's'?) and it spits out a yes / no answer. The HSM is usually configured to prevent extraction of any full ciphertexts or keys. – Polynomial Aug 05 '12 at 12:37

1 Answers1

1

I don't know, but I don't think a hash is practical here. Sure you can make a hash of one letter, but it's incredibly easy to brute-force if it ever leaks (like, a few microseconds at most); under 100 possibilities. Also storing all 3-char permutations hashed would be too easy to reverse.

It's actually interesting to consider this system from this angle. Usually you're calculating how many login attempts you would need in a worst- and best-case before an attacker knows the full password (or is able to login within 3 attempts), or how much security this system adds anyway (with MITM an attacker can still login). I never thought about what it meant for storing the login, and it's not looking good.

Luc
  • 32,378
  • 8
  • 75
  • 137