Security

Cryptologists unveil potentially unhackable ATM protocol

Image via Istock.com

November 16, 2021

Researchers based in Canada and Switzerland recently released a study in the journal Nature that could replace a PIN-system with a zero-knowledge proof for ATMs. The study proposes a three-colorability method to confirm a user's identity at the ATM, according to a report by CNET.

This method essentially involves a communication where the first party proves to the second party it knows something, while the first party can't reveal the information it knows to the second party. Essentially it's like someone who can see color proving to someone who is colorblind that they can see color.

For ATMs specifically, this would involve users having a device with a uniquely colorized map. The ATM would then ask the device hundreds of thousands of questions about the sections of the map colors. The ATM would never receive enough information to know the entire map, but would deliver the cash because of the device's correct answers that proves it can see all the colors.

At the same time, the researchers aren't totally convinced by the security of this solution. Sébastien Designolle, a physicist at the University of Geneva and co-author of the study, said it is possible that someone could record the device's answers about the map and reverse calculate the full picture and steal the user's identity.

"Those functions that you can perform in one direction are very difficult, but not impossible, to compute in the other direction," Designolle said in the report.

One way to get around this would be to plug two devices into the ATM, like a police officer investigating two separate suspects.