Being a responsible corporate citizen and member of the local community is at the core of Control Gap’s daily operations. We believe in making work a rewarding experience by incorporating fun team events within our corporate culture, and supporting cause-related and local organizations.

Blog

WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 14, 134, 1 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 1 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 14 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 1 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [static] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => charity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (1,14,134) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 0, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 2042 [post_author] => 2 [post_date] => 2019-06-19 02:17:19 [post_date_gmt] => 2019-06-19 02:17:19 [post_content] =>

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques were required. The device is mounted to a stand which should, for all intents and purposes, be secure from theft or direct tampering but not an overlay.

Video from Inside Edition: https://youtu.be/5b1axnNK-wI

Sometimes the simplest processes like inspecting a device before use, can go a long way to ensuring thieves do not compromise your environment. Without a proper inspection procedure, this device may be in place for months before anyone were to notice.

PCI DSS Requirement 9.9 requires anyone with a POI device such as a pin pad to ensure that they have appropriate procedures to inspect devices to help detect tampering. This should apply to all devices whether or not it is a traditional counter-top device or a mobile device.

In your environment, how many times is an employee distracted and may leave their register or POI device unattended? Would they notice the change in the POI device? And lastly, have you ever considered testing staff in your retail locations to see how long it would take to notice?

Originally article: https://www.linkedin.com/pulse/why-poi-tamper-inspections-so-important-robert-spivak

[post_title] => Why POI Tamper Inspections are so Important [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => why-poi-tamper-inspections-are-so-important [to_ping] => [pinged] => [post_modified] => 2019-06-19 10:59:04 [post_modified_gmt] => 2019-06-19 10:59:04 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2042 [menu_order] => 15 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 1994 [post_author] => 2 [post_date] => 2019-04-09 14:30:00 [post_date_gmt] => 2019-04-09 14:30:00 [post_content] =>

NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by the end of 2023. Afterwards it will only be recommended for legacy use which means decryption only.

Triple DES (aka TDEA/TDES) is used to protect Web Sites, Virtual Private Networks, remote sessions, e-commerce transactions, and more. TDES is embedded in the hardware of commercial and consumer products including network gear like routers, firewalls, VPNs, and load balancers; and computers like servers, PCs, and laptops. TDES hardware is also widely deployed in the core infrastructure of the financial industry. It powers Point-of-Sale terminals and PIN pads, ATM/ABMs, gas pumps, kiosks, Host Security Modules (HSMs), and more. TDES is supported in standards including ISO, ANSI, and PCI. And there are also many standard mechanisms built upon TDES. It's safe to say that the investment in TDES can be measured in the billions of dollars.

All of these standards bodies have been working diligently on updating everything built upon TDES. Industry has known for a long time that AES would replace TDES. As a result a lot of commercial information security gear has supported both TDES and AES in parallel. Extensive hardware upgrades should not be required. However, much of the migration costs will be on the so-called "soft" side in activities like management, configuration, and transition. The financial industry has additional challenges as changing financial cryptography requires a far more deliberate and careful approach to ensure they comply with a broad range of regulations and standards.

And while they often follow NIST guidance, it's a fairly safe bet that the financial industry will not want to replace or mitigate all of this kit quickly. So this raises some questions:

  • When (not if) they will follow NIST to deprecate TDES?
  • What will their guidance be?

If the financial industry chooses to deviate from NIST and delay sunset there is justification. We've previously recommended considering the strength of use-cases in transition planning and prioritization [See 2]. It is important to remember that while TDES has been deprecated as a general purpose cipher that some use-cases are inherently safer. We know that some of the financial industry's most widely deployed use-cases are safer. So delaying the sunset of these use-cases is neither unreasonable nor unjustified.

Learn More

  1. NIST published (SP) 800-131A Revision 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths. Details: https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
  2. Article discussing the implications to TDES and PCI: NIST Moves on Sweet32 – 3DES, Blowfish, and Others – Mostly Unsafe https://controlgap.com/blog/nist-moves-on-sweet32/
  3. AES was developed as a replacement for DES. It was standardized in 2001 and includes both stronger keys and stronger block lengths. See https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
  4. Triple DES (aka TDES, TDEA, and 3DES) was a clever way of strengthening and extending DES by using double and triple length keys to drive three encryption rounds. The design facilitated transition from DES using a single key mode. It was introduced in 1995. See https://en.wikipedia.org/wiki/Triple_DES
  5. Single DES was developed from 1973 and approved as a standard in 1976. An effort by EFF broke DES by brute force attack in 1998. See https://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronology
[post_title] => NIST is Sunsetting Triple DES - so what will the Financial Industry do? [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => nist-is-sunsetting-triple-des-so-what-will-the-financial-industry-do [to_ping] => [pinged] => https://controlgap.com/blog/nist-moves-on-sweet32/ [post_modified] => 2019-04-09 14:56:49 [post_modified_gmt] => 2019-04-09 14:56:49 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1994 [menu_order] => 26 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 1985 [post_author] => 2 [post_date] => 2019-03-21 17:04:18 [post_date_gmt] => 2019-03-21 17:04:18 [post_content] => Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption". The draft is open for comment until April 15th 2019. The draft as written may cause problems for organizations using FPE to encrypt payment cards. If you provide or use an FPE solution for protecting payment card data you should review this and provide feedback. I would like to thank researchers Hoang and Vaudenay for providing clarifications and insight into their valuable work. However, the opinions are our own.

FPE's Problem in the Payment Card Space

If you aren't familiar with FPE, please take a moment to read our quick history of FPE below. Researchers have identified vulnerabilities in all NIST approved FPE modes where the domain size is small. In English, this means that you can't use FPE safely to encrypt small data elements. Additionally, other findings have led to changes in the underlying algorithm for FF3 (now called FF3-1) [5]. The domain size for both FF1 and FF3 in SP 800-38G was required to be at least one hundred and recommended to be at least one million" [5]. In this update "the recommendation was strengthened to a requirement: the minimum domain size for FF1 and FF3-1 in Draft SP 800-38G Revision 1 is one million". [5].

FPE/Payment Card Challenges

Use of FPE in the financial industry for protecting payment card data faces a number of challenges:
  • The domain may be too small if PAN is constrained by first 6, last 4, and Luhn. This is because the Luhn check invalidates 90% of middle six digits of a 16 digit number.
  • The new recommendations, mean that if FPE should not be used on smaller values such as payment card security codes (CVN, CAV2, CVC2, CID, or CVV2 ) or PIN.
  • Research suggests that FPE seems weaker than NIST's intended 128 bits of security.
  • Solutions in the field have long life spans.
  • Merchants and solution providers would prefer not to have to replace existing solutions they consider relatively new.
  • The rapid progress of researchers in improving attacks calls into question the robustness of the solution.
  • Organizations may need to start thinking about the risk in specific use-cases.

Questions for NIST and the PCI SSC

We know that some FPE solutions preserve all aspects of payment card formatting and don't meet the minimum domain strength of one million in the drafted update. What we don't know:
  1. Can NIST safely reduce the minimum domain size to accommodate this use case?
  2. Will PCI continue to support solutions that do not align to NIST?
  3. And if so, how and for how long?

Is FPE Broken or Bent?

It's difficult enough for the average person to understand encryption, let alone to understand the implications of any "breaks" cryptographers find. Often research takes years to reach the point where things are unsafe and falling apart. Long before that things become bent and practical fixes, work-arounds, and limited use cases can be used to buy time. A case in point, the serious weaknesses in SSLv3 using Cipher-Block-Chaining modes of encryption took more than a decade to fall apart. Eventually researchers were able to demonstrate practical exploitation with attacks like BEAST and POODLE. Afterward, migration away from SSL was largely accomplished in a few years. A few very limited use-cases are still practically safe [3]. They are being deprecated but get more time to migrate. For some time now, nobody should be doing anything new with SSL/CBC. FPE isn't yet broken in a practical sense but it's definitely bent. The state of the art has advanced very quickly. The research today casts doubt on the long term viability of FPE in general use cases even if some use cases remain safe. NIST isn't going to fix FPE if it's totally broken. However, the fix they choose may err on the side of being safe. As an analogy, when cryptographic breaks happen there usually isn't an imminent fire. Don't panic but don't ignore it either. Take a look around, assess the situation, and start planning for an alternative or possible exit. Make no mistake that a fire still may be coming. Just understand that it may be a decade away. Many of the of the recommendations we made after the 2017 announcement in the weakness of FF3 still apply [2].

The Problem of Distinguishability

FPE and other format preserving technologies like FP-tokens, and FP-random-masking, that preserves the first 6, last 4 and Luhn runs into a slightly messy practical problem that has nothing to do with the strength of the cipher [4]. We believe that solution providers should clearly indicate what FP technologies their solutions use. This is not because we believe FPE is bad. But instead because this will help minimize the chance of their customers being caught scrambling if this FP data is discovered or exposed.

A Quick History of FPE

Format Preserving Encryption (FPE) is an interesting a relatively recent technology with a wide range of applications. FPE has been widely adopted to encrypt payment card numbers. FPE can encrypt a valid payment card number to similar but different number matching attributes like the same first 6 and last 4 digits with a valid check digit (Luhn) and reverse the process. If you're skeptical that it sounds like snake-oil, it isn't [1]. Research backing FPE goes back over 20 years. NIST began to consider FPE around 2010-2011 when private industry began making proposals. NIST approved a standard by 2016. But they hedged their bets throughout the process by considering three similar variations of FPE known as FF1, FF2, and FF3. FF2 did not survive to approval. FPE has been subject to intense scrutiny by researchers. By 2017 FF3 was in trouble and NIST effectively put that mode on hold [7] until it could be fixed [5], [6]. Researchers have made some impressive advances in attacks against NIST's FPE and some alternative FP ciphers [8], [9], [10]. In particular the very recent paper on attacking FF3 on large domains [8] has hopefully been addressed in FF3-1.

Learn More

The following references provide background on FPE and its role in PCI compliance.

Articles

  1. What is Format Preserving Encryption and is it suitable for PCI DSS? https://controlgap.com/blog/format-preserving-encryption/
  2. Seven Things You Can Do To Deal With The Recent Format Preserving Encryption (FPE) Compromise https://controlgap.com/blog/7-things-to-do-with-fpe-break/
  3. The Extension of the Sunset of SSL. Safe and unsafe use cases https://controlgap.com/blog/sunset-ssl-extended/
  4. Must Format Preserving Encryption (FPE) be distinguishable from cardholder data for PCI? https://controlgap.com/blog/format-preserving-encryption-and-cardholder-data/

NIST

  1. Request for comment (2019) https://csrc.nist.gov/news/2019/nist-requests-comments-on-draft-sp-800-38g-rev-1
  2. Revision 1 draft to FPE standard (2019) https://csrc.nist.gov/publications/detail/sp/800-38g/rev-1/draft
  3. Recent Cryptanalysis of (FPE mode) FF3 (April 2017) https://csrc.nist.gov/News/2017/Recent-Cryptanalysis-of-FF3

Research

  1. Attacks Only Get Better:How to Break FF3 on Large Domains. Hoang, Miller, Trieu (2019) https://eprint.iacr.org/2019/244
  2. The Curse of Small Domains: New Attacks on Format-Preserving Encryption. Hoang, Tessaro, Trieu (2018) https://eprint.iacr.org/2018/556
  3. Breaking the FF3 Format-Preserving Encryption Standard Over Small Domains. Durak, Vaudenay (2017) https://eprint.iacr.org/2017/521
[post_title] => NIST Update to Format Preserving Encryption Standard affects PCI Use Cases [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => nist-update-to-format-preserving-encryption-standard-affects-pci-use-cases [to_ping] => [pinged] => https://controlgap.com/blog/format-preserving-encryption/ [post_modified] => 2019-03-21 17:04:21 [post_modified_gmt] => 2019-03-21 17:04:21 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1985 [menu_order] => 30 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 2042 [post_author] => 2 [post_date] => 2019-06-19 02:17:19 [post_date_gmt] => 2019-06-19 02:17:19 [post_content] =>

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques were required. The device is mounted to a stand which should, for all intents and purposes, be secure from theft or direct tampering but not an overlay.

Video from Inside Edition: https://youtu.be/5b1axnNK-wI

Sometimes the simplest processes like inspecting a device before use, can go a long way to ensuring thieves do not compromise your environment. Without a proper inspection procedure, this device may be in place for months before anyone were to notice.

PCI DSS Requirement 9.9 requires anyone with a POI device such as a pin pad to ensure that they have appropriate procedures to inspect devices to help detect tampering. This should apply to all devices whether or not it is a traditional counter-top device or a mobile device.

In your environment, how many times is an employee distracted and may leave their register or POI device unattended? Would they notice the change in the POI device? And lastly, have you ever considered testing staff in your retail locations to see how long it would take to notice?

Originally article: https://www.linkedin.com/pulse/why-poi-tamper-inspections-so-important-robert-spivak

[post_title] => Why POI Tamper Inspections are so Important [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => why-poi-tamper-inspections-are-so-important [to_ping] => [pinged] => [post_modified] => 2019-06-19 10:59:04 [post_modified_gmt] => 2019-06-19 10:59:04 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2042 [menu_order] => 15 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 54 [max_num_pages] => 18 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_404] => [is_embed] => [is_paged] => [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => 0573d79d0a353cbc766661db59ba41a2 [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
WP_Query Object ( [query] => Array ( [post_type] => post [post_status] => publish [cat] => 14, 134, 1 [orderby] => date [order] => desc [posts_per_page] => 3 [paged] => 1 [ignore_sticky_posts] => 1 ) [query_vars] => Array ( [post_type] => post [post_status] => publish [cat] => 14 [orderby] => date [order] => DESC [posts_per_page] => 3 [paged] => 1 [ignore_sticky_posts] => 1 [error] => [m] => [p] => 0 [post_parent] => [subpost] => [subpost_id] => [attachment] => [attachment_id] => 0 [name] => [static] => [pagename] => [page_id] => 0 [second] => [minute] => [hour] => [day] => 0 [monthnum] => 0 [year] => 0 [w] => 0 [category_name] => charity [tag] => [tag_id] => [author] => [author_name] => [feed] => [tb] => [meta_key] => [meta_value] => [preview] => [s] => [sentence] => [title] => [fields] => [menu_order] => [embed] => [category__in] => Array ( ) [category__not_in] => Array ( ) [category__and] => Array ( ) [post__in] => Array ( ) [post__not_in] => Array ( ) [post_name__in] => Array ( ) [tag__in] => Array ( ) [tag__not_in] => Array ( ) [tag__and] => Array ( ) [tag_slug__in] => Array ( ) [tag_slug__and] => Array ( ) [post_parent__in] => Array ( ) [post_parent__not_in] => Array ( ) [author__in] => Array ( ) [author__not_in] => Array ( ) [update_post_term_cache] => 1 [suppress_filters] => [cache_results] => 1 [lazy_load_term_meta] => 1 [update_post_meta_cache] => 1 [nopaging] => [comments_per_page] => 50 [no_found_rows] => ) [tax_query] => WP_Tax_Query Object ( [queries] => Array ( [0] => Array ( [taxonomy] => category [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id [operator] => IN [include_children] => 1 ) ) [relation] => AND [table_aliases:protected] => Array ( [0] => wpcm_term_relationships ) [queried_terms] => Array ( [category] => Array ( [terms] => Array ( [0] => 14 [1] => 134 [2] => 1 ) [field] => term_id ) ) [primary_table] => wpcm_posts [primary_id_column] => ID ) [meta_query] => WP_Meta_Query Object ( [queries] => Array ( ) [relation] => [meta_table] => [meta_id_column] => [primary_table] => [primary_id_column] => [table_aliases:protected] => Array ( ) [clauses:protected] => Array ( ) [has_or_relation:protected] => ) [date_query] => [request] => SELECT SQL_CALC_FOUND_ROWS wpcm_posts.ID FROM wpcm_posts LEFT JOIN wpcm_term_relationships ON (wpcm_posts.ID = wpcm_term_relationships.object_id) WHERE 1=1 AND ( wpcm_term_relationships.term_taxonomy_id IN (1,14,134) ) AND wpcm_posts.post_type = 'post' AND ((wpcm_posts.post_status = 'publish')) GROUP BY wpcm_posts.ID ORDER BY wpcm_posts.menu_order, wpcm_posts.post_date DESC LIMIT 0, 3 [posts] => Array ( [0] => WP_Post Object ( [ID] => 2042 [post_author] => 2 [post_date] => 2019-06-19 02:17:19 [post_date_gmt] => 2019-06-19 02:17:19 [post_content] =>

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques were required. The device is mounted to a stand which should, for all intents and purposes, be secure from theft or direct tampering but not an overlay.

Video from Inside Edition: https://youtu.be/5b1axnNK-wI

Sometimes the simplest processes like inspecting a device before use, can go a long way to ensuring thieves do not compromise your environment. Without a proper inspection procedure, this device may be in place for months before anyone were to notice.

PCI DSS Requirement 9.9 requires anyone with a POI device such as a pin pad to ensure that they have appropriate procedures to inspect devices to help detect tampering. This should apply to all devices whether or not it is a traditional counter-top device or a mobile device.

In your environment, how many times is an employee distracted and may leave their register or POI device unattended? Would they notice the change in the POI device? And lastly, have you ever considered testing staff in your retail locations to see how long it would take to notice?

Originally article: https://www.linkedin.com/pulse/why-poi-tamper-inspections-so-important-robert-spivak

[post_title] => Why POI Tamper Inspections are so Important [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => why-poi-tamper-inspections-are-so-important [to_ping] => [pinged] => [post_modified] => 2019-06-19 10:59:04 [post_modified_gmt] => 2019-06-19 10:59:04 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2042 [menu_order] => 15 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 1994 [post_author] => 2 [post_date] => 2019-04-09 14:30:00 [post_date_gmt] => 2019-04-09 14:30:00 [post_content] =>

NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by the end of 2023. Afterwards it will only be recommended for legacy use which means decryption only.

Triple DES (aka TDEA/TDES) is used to protect Web Sites, Virtual Private Networks, remote sessions, e-commerce transactions, and more. TDES is embedded in the hardware of commercial and consumer products including network gear like routers, firewalls, VPNs, and load balancers; and computers like servers, PCs, and laptops. TDES hardware is also widely deployed in the core infrastructure of the financial industry. It powers Point-of-Sale terminals and PIN pads, ATM/ABMs, gas pumps, kiosks, Host Security Modules (HSMs), and more. TDES is supported in standards including ISO, ANSI, and PCI. And there are also many standard mechanisms built upon TDES. It's safe to say that the investment in TDES can be measured in the billions of dollars.

All of these standards bodies have been working diligently on updating everything built upon TDES. Industry has known for a long time that AES would replace TDES. As a result a lot of commercial information security gear has supported both TDES and AES in parallel. Extensive hardware upgrades should not be required. However, much of the migration costs will be on the so-called "soft" side in activities like management, configuration, and transition. The financial industry has additional challenges as changing financial cryptography requires a far more deliberate and careful approach to ensure they comply with a broad range of regulations and standards.

And while they often follow NIST guidance, it's a fairly safe bet that the financial industry will not want to replace or mitigate all of this kit quickly. So this raises some questions:

  • When (not if) they will follow NIST to deprecate TDES?
  • What will their guidance be?

If the financial industry chooses to deviate from NIST and delay sunset there is justification. We've previously recommended considering the strength of use-cases in transition planning and prioritization [See 2]. It is important to remember that while TDES has been deprecated as a general purpose cipher that some use-cases are inherently safer. We know that some of the financial industry's most widely deployed use-cases are safer. So delaying the sunset of these use-cases is neither unreasonable nor unjustified.

Learn More

  1. NIST published (SP) 800-131A Revision 2, Transitioning the Use of Cryptographic Algorithms and Key Lengths. Details: https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
  2. Article discussing the implications to TDES and PCI: NIST Moves on Sweet32 – 3DES, Blowfish, and Others – Mostly Unsafe https://controlgap.com/blog/nist-moves-on-sweet32/
  3. AES was developed as a replacement for DES. It was standardized in 2001 and includes both stronger keys and stronger block lengths. See https://en.wikipedia.org/wiki/Advanced_Encryption_Standard
  4. Triple DES (aka TDES, TDEA, and 3DES) was a clever way of strengthening and extending DES by using double and triple length keys to drive three encryption rounds. The design facilitated transition from DES using a single key mode. It was introduced in 1995. See https://en.wikipedia.org/wiki/Triple_DES
  5. Single DES was developed from 1973 and approved as a standard in 1976. An effort by EFF broke DES by brute force attack in 1998. See https://en.wikipedia.org/wiki/Data_Encryption_Standard#Chronology
[post_title] => NIST is Sunsetting Triple DES - so what will the Financial Industry do? [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => nist-is-sunsetting-triple-des-so-what-will-the-financial-industry-do [to_ping] => [pinged] => https://controlgap.com/blog/nist-moves-on-sweet32/ [post_modified] => 2019-04-09 14:56:49 [post_modified_gmt] => 2019-04-09 14:56:49 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1994 [menu_order] => 26 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 1985 [post_author] => 2 [post_date] => 2019-03-21 17:04:18 [post_date_gmt] => 2019-03-21 17:04:18 [post_content] => Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption". The draft is open for comment until April 15th 2019. The draft as written may cause problems for organizations using FPE to encrypt payment cards. If you provide or use an FPE solution for protecting payment card data you should review this and provide feedback. I would like to thank researchers Hoang and Vaudenay for providing clarifications and insight into their valuable work. However, the opinions are our own.

FPE's Problem in the Payment Card Space

If you aren't familiar with FPE, please take a moment to read our quick history of FPE below. Researchers have identified vulnerabilities in all NIST approved FPE modes where the domain size is small. In English, this means that you can't use FPE safely to encrypt small data elements. Additionally, other findings have led to changes in the underlying algorithm for FF3 (now called FF3-1) [5]. The domain size for both FF1 and FF3 in SP 800-38G was required to be at least one hundred and recommended to be at least one million" [5]. In this update "the recommendation was strengthened to a requirement: the minimum domain size for FF1 and FF3-1 in Draft SP 800-38G Revision 1 is one million". [5].

FPE/Payment Card Challenges

Use of FPE in the financial industry for protecting payment card data faces a number of challenges:
  • The domain may be too small if PAN is constrained by first 6, last 4, and Luhn. This is because the Luhn check invalidates 90% of middle six digits of a 16 digit number.
  • The new recommendations, mean that if FPE should not be used on smaller values such as payment card security codes (CVN, CAV2, CVC2, CID, or CVV2 ) or PIN.
  • Research suggests that FPE seems weaker than NIST's intended 128 bits of security.
  • Solutions in the field have long life spans.
  • Merchants and solution providers would prefer not to have to replace existing solutions they consider relatively new.
  • The rapid progress of researchers in improving attacks calls into question the robustness of the solution.
  • Organizations may need to start thinking about the risk in specific use-cases.

Questions for NIST and the PCI SSC

We know that some FPE solutions preserve all aspects of payment card formatting and don't meet the minimum domain strength of one million in the drafted update. What we don't know:
  1. Can NIST safely reduce the minimum domain size to accommodate this use case?
  2. Will PCI continue to support solutions that do not align to NIST?
  3. And if so, how and for how long?

Is FPE Broken or Bent?

It's difficult enough for the average person to understand encryption, let alone to understand the implications of any "breaks" cryptographers find. Often research takes years to reach the point where things are unsafe and falling apart. Long before that things become bent and practical fixes, work-arounds, and limited use cases can be used to buy time. A case in point, the serious weaknesses in SSLv3 using Cipher-Block-Chaining modes of encryption took more than a decade to fall apart. Eventually researchers were able to demonstrate practical exploitation with attacks like BEAST and POODLE. Afterward, migration away from SSL was largely accomplished in a few years. A few very limited use-cases are still practically safe [3]. They are being deprecated but get more time to migrate. For some time now, nobody should be doing anything new with SSL/CBC. FPE isn't yet broken in a practical sense but it's definitely bent. The state of the art has advanced very quickly. The research today casts doubt on the long term viability of FPE in general use cases even if some use cases remain safe. NIST isn't going to fix FPE if it's totally broken. However, the fix they choose may err on the side of being safe. As an analogy, when cryptographic breaks happen there usually isn't an imminent fire. Don't panic but don't ignore it either. Take a look around, assess the situation, and start planning for an alternative or possible exit. Make no mistake that a fire still may be coming. Just understand that it may be a decade away. Many of the of the recommendations we made after the 2017 announcement in the weakness of FF3 still apply [2].

The Problem of Distinguishability

FPE and other format preserving technologies like FP-tokens, and FP-random-masking, that preserves the first 6, last 4 and Luhn runs into a slightly messy practical problem that has nothing to do with the strength of the cipher [4]. We believe that solution providers should clearly indicate what FP technologies their solutions use. This is not because we believe FPE is bad. But instead because this will help minimize the chance of their customers being caught scrambling if this FP data is discovered or exposed.

A Quick History of FPE

Format Preserving Encryption (FPE) is an interesting a relatively recent technology with a wide range of applications. FPE has been widely adopted to encrypt payment card numbers. FPE can encrypt a valid payment card number to similar but different number matching attributes like the same first 6 and last 4 digits with a valid check digit (Luhn) and reverse the process. If you're skeptical that it sounds like snake-oil, it isn't [1]. Research backing FPE goes back over 20 years. NIST began to consider FPE around 2010-2011 when private industry began making proposals. NIST approved a standard by 2016. But they hedged their bets throughout the process by considering three similar variations of FPE known as FF1, FF2, and FF3. FF2 did not survive to approval. FPE has been subject to intense scrutiny by researchers. By 2017 FF3 was in trouble and NIST effectively put that mode on hold [7] until it could be fixed [5], [6]. Researchers have made some impressive advances in attacks against NIST's FPE and some alternative FP ciphers [8], [9], [10]. In particular the very recent paper on attacking FF3 on large domains [8] has hopefully been addressed in FF3-1.

Learn More

The following references provide background on FPE and its role in PCI compliance.

Articles

  1. What is Format Preserving Encryption and is it suitable for PCI DSS? https://controlgap.com/blog/format-preserving-encryption/
  2. Seven Things You Can Do To Deal With The Recent Format Preserving Encryption (FPE) Compromise https://controlgap.com/blog/7-things-to-do-with-fpe-break/
  3. The Extension of the Sunset of SSL. Safe and unsafe use cases https://controlgap.com/blog/sunset-ssl-extended/
  4. Must Format Preserving Encryption (FPE) be distinguishable from cardholder data for PCI? https://controlgap.com/blog/format-preserving-encryption-and-cardholder-data/

NIST

  1. Request for comment (2019) https://csrc.nist.gov/news/2019/nist-requests-comments-on-draft-sp-800-38g-rev-1
  2. Revision 1 draft to FPE standard (2019) https://csrc.nist.gov/publications/detail/sp/800-38g/rev-1/draft
  3. Recent Cryptanalysis of (FPE mode) FF3 (April 2017) https://csrc.nist.gov/News/2017/Recent-Cryptanalysis-of-FF3

Research

  1. Attacks Only Get Better:How to Break FF3 on Large Domains. Hoang, Miller, Trieu (2019) https://eprint.iacr.org/2019/244
  2. The Curse of Small Domains: New Attacks on Format-Preserving Encryption. Hoang, Tessaro, Trieu (2018) https://eprint.iacr.org/2018/556
  3. Breaking the FF3 Format-Preserving Encryption Standard Over Small Domains. Durak, Vaudenay (2017) https://eprint.iacr.org/2017/521
[post_title] => NIST Update to Format Preserving Encryption Standard affects PCI Use Cases [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => nist-update-to-format-preserving-encryption-standard-affects-pci-use-cases [to_ping] => [pinged] => https://controlgap.com/blog/format-preserving-encryption/ [post_modified] => 2019-03-21 17:04:21 [post_modified_gmt] => 2019-03-21 17:04:21 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=1985 [menu_order] => 30 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 3 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 2042 [post_author] => 2 [post_date] => 2019-06-19 02:17:19 [post_date_gmt] => 2019-06-19 02:17:19 [post_content] =>

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques were required. The device is mounted to a stand which should, for all intents and purposes, be secure from theft or direct tampering but not an overlay.

Video from Inside Edition: https://youtu.be/5b1axnNK-wI

Sometimes the simplest processes like inspecting a device before use, can go a long way to ensuring thieves do not compromise your environment. Without a proper inspection procedure, this device may be in place for months before anyone were to notice.

PCI DSS Requirement 9.9 requires anyone with a POI device such as a pin pad to ensure that they have appropriate procedures to inspect devices to help detect tampering. This should apply to all devices whether or not it is a traditional counter-top device or a mobile device.

In your environment, how many times is an employee distracted and may leave their register or POI device unattended? Would they notice the change in the POI device? And lastly, have you ever considered testing staff in your retail locations to see how long it would take to notice?

Originally article: https://www.linkedin.com/pulse/why-poi-tamper-inspections-so-important-robert-spivak

[post_title] => Why POI Tamper Inspections are so Important [post_excerpt] => [post_status] => publish [comment_status] => open [ping_status] => open [post_password] => [post_name] => why-poi-tamper-inspections-are-so-important [to_ping] => [pinged] => [post_modified] => 2019-06-19 10:59:04 [post_modified_gmt] => 2019-06-19 10:59:04 [post_content_filtered] => [post_parent] => 0 [guid] => http://controlgap.com/?p=2042 [menu_order] => 15 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 54 [max_num_pages] => 18 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => 1 [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => 1 [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => [is_404] => [is_embed] => [is_paged] => [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => 0573d79d0a353cbc766661db59ba41a2 [query_vars_changed:WP_Query:private] => 1 [thumbnails_cached] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )
Why POI Tamper Inspections are so Important
June 19 2019

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques

Read More
NIST is Sunsetting Triple DES – so what will the Financial Industry do?
April 9 2019

NIST recently published a document “Transitioning the Use of Cryptographic Algorithms and Key Lengths” which formalizes the sunset of Triple DES by the end of 2023. Afterwards it will only be recommended for legacy use which means decryption only. Triple DES (aka TDEA/TDES) is used to protect Web Sites, Virtual Private Networks, remote sessions, e-commerce

Read More
NIST Update to Format Preserving Encryption Standard affects PCI Use Cases
March 21 2019

Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 “Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption”. The draft is open for comment until April 15th 2019. The draft as written may cause problems for organizations using FPE

Read More

e-newsletter

Want important PCI information delivered to you? Sign-up to our e-newsletter and be the first one to know about industry news and trend, offers and promotions.

×

Contact

×

PCI Pilot™ is coming soon!

Our highly-anticipated online tool will be launching very soon to make your PCI SAQ process quick and seamless.

Sign-up today and be among the first to know when PCI Pilot™ is live!