From: Lyle Seaman <lws@transarc.com>
Date: Wed, 8 Jan 1997 07:10:37 -0800 (PST)
To: Liz Taylor <cryptography@c2.net
Subject: Re: The Upcoming DES Challenge
Message-ID: <2.2.32.19970108150757.0062352c@remote.transarc.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:10 PM 1/7/97 -0000, Liz Taylor wrote:
> I don't know anything about bank ATMs
>and the protocols they use, but I presume the PIN is stored on the card
>single DES encrypted. If this is so, anyone can take an ATM card, attack it
>to recover the key and then use that key to recover the PIN for any stolen
>ATM card of that bank (or that branch). Hopefully, the ciphertext/plaintext
>pair that RSA announces will be a real target like this, with the actual key
>disabled. Once the key is recovered, the press can then claim that ATM
>cards are not safe any longer.

Your self-assessment is admirably accurate, but the presumption is not.