Slightly longer answer: it depends on whether they have access to the encryption key, or to a machine that contains the encryption key.
In case you have no idea what I’m talking about: there was recently a massive credit card breach at Target. If you’re like many people you probably heard about this three times. First in the news, then again in your email when Target notified you that you were a victim, and finally a third time when you checked your credit card bill. Not a proud day for our nation’s retailers.
The news got a bit messier today when Target announced the thieves had also managed to get their hands on the PIN numbers of unfortunate debit card customers. But this time there’s a silver lining: according to Target, the PIN data was encrypted under a key the hackers don’t have.
Snyder said PIN data is encrypted at a retail location’s keypad with Triple-DES [3DES] encryption and that data remains encrypted over the wire until it reaches its payment processor. Attackers would have to have compromised the point-of-sale system and intercepted the PIN data before it is encrypted in order to have accessed it.
Several folks on Twitter have noted that 3DES is no spring chicken, but that’s not very important. Aside from a few highly impractical attacks, there isn’t much to worry about with 3DES. Moreover, PCI standards appear to mandate unique keys for every payment terminal, which means that the attackers would need to compromise the terminals themselves, or else break into the back-end payment processor. If Target is to be believed, this has not happened.
Others have pointed out that PINs are pretty short. For example, there are only 10,000 4-digit PINs — so surely the attackers can “brute-force” through this space to figure out your PIN. The good news is that encryption is decidedly not the same thing as password hashing, which means this is unlikely to be a serious concern. Provided that Target is being proactive and makes sure to change the keysnow.
Of course you shouldn’t take my word for this. It helps to take a quick look at the PCI PIN encryption standards themselves. Before you encrypt a 4-digit PIN, the PIN is first processed and in some cases padded to increase the complexity of the data being encrypted. There are four possible encryption formats:
- Format 0. XOR the PIN number together with the Primary Account Number (PAN), usually the rightmost twelve digits of the card number, not including the last digit. Then encrypt the result using 3DES in ECB mode.
- Format 1. Concatenate the PIN number with a unique transaction number and encrypt using 3DES in ECB mode.
- Format 2. Pad with some fixed (non-random) padding, then encrypt in 3DES/ECB with a unique, derived per-transaction key (called a DUKPT). Update: only used for EMV cards.
- Format 3. Pad with a bunch of random bytes, then 3DES/ECB encrypt.
(PIN) 0x1234FFFFFFFF ⊕ (PAN) 0x937492492032 = 0x81406DB6DFCD
(PIN) 0x1234FFFFFFFF ⊕ (PAN) 0x274965382343 = 0x357D9AC7DCBC
Source: Cryptographic Engineering