konstan@elmer-fudd.berkeley.edu (Joe Konstan) (09/25/90)
In Telecom Digest #669 Steven King writes: > A one way algorithm? Pray, how does the bank decode it to verify you? Just like Unix does. Many (perhaps most) bank ATM systems do not store your PIN but instead only store the encrypted version of your PIN (the encryption scheme is designed to prevent many-to-one mappings). I recall that BayBanks in Boston had a problem when I was in college where only the first four digits of the PIN (which could be four to eight digits) were being used in the encrytion scheme. I don't know if they ever fixed it. For better information on these schemes in general, consult a reference on Unix passords, as this is a bit far out of Telecom territory. Joe Konstan