Quiz Entry - updated: 2026.07.14
How does PIN-block padding design affect resistance to codebook attacks?
Simple fixed padding makes codebooks tiny (10,000 entries for a 4-digit PIN). Adding card-number-based or random padding multiplies the codebook size by factors of $10^{10}$ to $2^{40}$, making precomputation impractical.
* Codebook size explodes as the padding gains entropy — the same idea as salting password hashes. *
ISO-1 PIN Block format: 1 | PIN-length | PIN | Padding (64 bits total for a 4-digit PIN)
| Padding Strategy | Codebook Size | Storage |
|---|---|---|
| Fixed (0xFF...) | 10,000 | Trivial |
| Card number (10 digits) | $10^{14}$ | ~1000 TB |
| Random (40 bits) | $10^{16}$ | ~100,000 TB |
| 128-bit block (AES) | Factor $2^{64}$ more | Astronomical |
Why this matters for ATMs/payment:
- A 4-digit PIN has only 10,000 possibilities
- If the PIN block uses fixed padding, an attacker only needs to precompute 10,000 encryptions to build a complete codebook
- By incorporating the card number or random bits into the padding, each PIN produces a different ciphertext depending on the context
- This prevents a single precomputed table from working across all cards
Tip: This is the same principle as salting password hashes — add unique data per entry so that precomputation (rainbow tables) doesn't scale.