A group of specialist cryptographic scientists came up with a system to make ATMs , or “ATMs” as we call them a bit improperly here in Italy, practically impossible to hack , starting from Albert Einstein’s special (or special) theory of relativity. The idea is to develop a completely new authentication method that makes the traditional PIN obsolete.
The fundamental problem of current systems, they observe the researchers, is that one of the parties involved, specifically the user, must trust another party , or the banknote dispenser. When entering the PIN it is assumed (or rather, hopefully) that the machine has not been hacked, or more generally modified with a way that can steal our precious PIN. In the world of cryptography, when this trust is needed it means that the system is weak (and in fact, as we all know, it is proven that ATMs can be – and have been, over and over again – tampered with).
The researchers’ concept, which is composed of a team based in Canada and Switzerland, is true to one of the key principles of secure authentication: that is to reveal to someone that you know information, without revealing the information itself . In this case, the user authentication key is a very complex, unique and very large map, in which the various sections are colored with four colors.
The identity verification system asks hundreds of thousands of questions about the colors of the various sections of the map to the user – or rather: a an external device (such as your credit card , for example) that contains the map and is programmed to respond. There is no need to broadcast the entire map – just answer enough questions correctly to prove that you know the map, and therefore that you are who you claim to be. Otherwise said: the user has demonstrated that they know information without sharing that information.
Item 07 Gen
The idea is interesting, but it lends itself to some possible vulnerabilities: for example, it could be able to record all the answers and, over time, get to reconstruct a map in its entirety. It is difficult, very difficult, but not impossible. Researchers have a possible solution for this scenario as well: that is, the use of two devices at the same time, unable to communicate with each other. Like a cop interrogating two suspects to make sure their versions match: if so, they’re more and more likely to be telling the truth. So to withdraw the user would have to insert a card into an ATM, and another card into a nearby ATM .
At this point the potential hacker should tamper with two devices separately, and rebuild not one, but two extremely complex and laborious maps; an extremely complicated process that drops the chances of success well below the negligible threshold. And to make sure that the two devices cannot exchange information comes, in fact, the theory of special relativity by Einstein.
Specifically, we are interested in the detail according to which it is not possible, under any circumstances, to travel at speeds higher than the speed of light . This means that, as long as the two ATMs question the authentication keys at a speed that keeps the latencies lower than the time required to transfer and interpret the information, it is mathematically certain that the two ATMs cannot communicate, therefore exchange information, and therefore speed up the map reconstruction procedure.
So far the reasoning, however complicated, holds up. Potential problems arise when quantum physics is brought into play , where the laws of relativity are no longer so certain. The same researchers say that a properly devised quantum entanglement could actually allow cheating. They said they will work on it.
Of course everything we have said so far is little more than a theoretical concept: it is difficult to imagine an application real of such a complex and sophisticated system. In the meantime, it would be too difficult a procedure for the customer to digest every time he wants to withdraw some money; and then building an ATM of this type would have prohibitive costs . It would take much more complex and powerful chips than those included in credit cards to store and process the colored maps theorized by scientists. Fortunately, there are also expert groups developing systems to improve the security of money withdrawal at an affordable cost.