Cargando…
Guessing PINs, One Partial PIN at a Time
Entering digits of a personal identification number (PIN) is a common form of authentication. One variant of this scheme is to request the digits from a random subset of positions, which is sometimes called a partial PIN. In this paper we consider strategies for guessing the PIN when a partial PIN s...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9498247/ https://www.ncbi.nlm.nih.gov/pubmed/36141110 http://dx.doi.org/10.3390/e24091224 |
| _version_ | 1784794710985932800 |
|---|---|
| author | Sheil, Ashley Malone, David |
| author_facet | Sheil, Ashley Malone, David |
| author_sort | Sheil, Ashley |
| collection | PubMed |
| description | Entering digits of a personal identification number (PIN) is a common form of authentication. One variant of this scheme is to request the digits from a random subset of positions, which is sometimes called a partial PIN. In this paper we consider strategies for guessing the PIN when a partial PIN scheme is in use, which allows the quantification of the strength of this mechanism. We suggest several strategies for guessing the PIN under the assumption that the organisation assigns PINs randomly and requests random positions from the PIN at each login. We present analytic and simulation results from the different strategies and explore their performance when guessing different sizes of PIN and requested subset. We find that the most effective strategies have a reasonable chance of recovering a PIN in tens to hundreds of guesses. |
| format | Online Article Text |
| id | pubmed-9498247 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-94982472022-09-23 Guessing PINs, One Partial PIN at a Time Sheil, Ashley Malone, David Entropy (Basel) Article Entering digits of a personal identification number (PIN) is a common form of authentication. One variant of this scheme is to request the digits from a random subset of positions, which is sometimes called a partial PIN. In this paper we consider strategies for guessing the PIN when a partial PIN scheme is in use, which allows the quantification of the strength of this mechanism. We suggest several strategies for guessing the PIN under the assumption that the organisation assigns PINs randomly and requests random positions from the PIN at each login. We present analytic and simulation results from the different strategies and explore their performance when guessing different sizes of PIN and requested subset. We find that the most effective strategies have a reasonable chance of recovering a PIN in tens to hundreds of guesses. MDPI 2022-09-01 /pmc/articles/PMC9498247/ /pubmed/36141110 http://dx.doi.org/10.3390/e24091224 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Sheil, Ashley Malone, David Guessing PINs, One Partial PIN at a Time |
| title | Guessing PINs, One Partial PIN at a Time |
| title_full | Guessing PINs, One Partial PIN at a Time |
| title_fullStr | Guessing PINs, One Partial PIN at a Time |
| title_full_unstemmed | Guessing PINs, One Partial PIN at a Time |
| title_short | Guessing PINs, One Partial PIN at a Time |
| title_sort | guessing pins, one partial pin at a time |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9498247/ https://www.ncbi.nlm.nih.gov/pubmed/36141110 http://dx.doi.org/10.3390/e24091224 |
| work_keys_str_mv | AT sheilashley guessingpinsonepartialpinatatime AT malonedavid guessingpinsonepartialpinatatime |