# Re: Simple Paper and Pencil Cipher

*From*: unruh <unruh@xxxxxxxxxxxxxxxxxxxxxxx>*Date*: Tue, 08 Jun 2010 23:02:59 GMT

On 2010-06-08, Matthias <arnd-matthias.langner@xxxxxxxx> wrote:

On Tue, 08 Jun 2010 14:50:34 -0700, Paul Rubin wrote:

Matthias <arnd-matthias.langner@xxxxxxxx> writes:My imagined opponent is a clever thief. I read the story of an elderly

I am looking for a 'wallet vault' that allows me to carry the pin codes

... I convert it two digit wise into hexadecimal format, yielding 38

4E.

Seems way too complicated. Who are you trying to protect these numbers

against? What kinds of attacks do you think they can use? The usual

situation with an ATM card is if you guess the wrong PIN three times in

a row, the machine confiscates or invalidates the card.

lady in my newspaper, who wrote down her pin codes as fictitious phone

numbers in her notebook. It took the thief only several phone calls to

get a clue ....

So it's likely enough to do something very simple and then keep the

method to yourself.

Security by obscurity is not always a good idea. My assumption was: The

thief has my wallet with all the credit and ATM cards along with the slip

of paper with the enciphered pin codes. He has an idea which information

this slip of paper might contain and which algorithm I may have used, and

he has - as you mentioned - three tries per card.

No an arbitrary number of tries per card. You just go to different atms

and do two tries and then cancel. I have not tried it, (well I have) but

I do not think that 10 bad tries on 5 different machines will trigger

the confiscation routine.

.

Of course it is obvious that trivial passwords (first names or birth

dates of wife or kids ...) are insecure in this scenario. I assume a not

too easy to guess passphrase.

I accept 'way to complicated' if it implies reasonably secure, but this

is a logical non sequitur. Complicated is not necessarily secure. This

was the point of my question.

Matthias

**Follow-Ups**:**Re: Simple Paper and Pencil Cipher***From:*Peter Fairbrother

**Re: Simple Paper and Pencil Cipher***From:*Maaartin

**References**:**Simple Paper and Pencil Cipher***From:*Matthias

**Re: Simple Paper and Pencil Cipher***From:*Paul Rubin

**Re: Simple Paper and Pencil Cipher***From:*Matthias

- Prev by Date:
**Re: Simple Paper and Pencil Cipher** - Next by Date:
**Re: Simple Paper and Pencil Cipher** - Previous by thread:
**Re: Simple Paper and Pencil Cipher** - Next by thread:
**Re: Simple Paper and Pencil Cipher** - Index(es):