Pin Algorithm

[Magix]

Hi,

I want to work out an a short algorithm to generation pin number (max: 6
digits) based on unique ID (48 bits)
Let say the ID entered is 000000FB2C3A
which is 0x00, 0x00, 0x00, 0xFB, 0x2C, 0x3A.

Any good algorithm?

Thanks.

 

[Emmanuel Delahaye]

I want to work out an a short algorithm to generation pin number <...>

How is this a C-language question? It's a design issue.

 

[kal]

I want to work out an a short algorithm to generation pin number (max: 6
digits) based on unique ID (48 bits)
Let say the ID entered is 000000FB2C3A
which is 0x00, 0x00, 0x00, 0xFB, 0x2C, 0x3A.

Any good algorithm?

#define PIN (000052)

 

[Rich Gibbs]

Magix said the following, on 07/16/04 05:29:

Hi,

I want to work out an a short algorithm to generation pin number (max: 6
digits) based on unique ID (48 bits)
Let say the ID entered is 000000FB2C3A
which is 0x00, 0x00, 0x00, 0xFB, 0x2C, 0x3A.

Any good algorithm?

What is your question about C ?

[OT]
You have asked for a "good algorithm", without giving us any idea of
what "good" means in the context of your problem. So I will define
"good" as quick and simple, and suggest that you write a function like this:

/* uid points to the unique ID string */
/* the 'genpin' function returns the PIN */
int genpin (char *uid )
{
return 42;
}

If, as the term PIN suggests, you are thinking of this as some sort of
security function, then generating the PIN by some algorithm from the
"unique ID" is a Very Bad Idea. Once anyone figures out your algorithm,
ALL your IDs are toast.

 

[Emmanuel Delahaye]

#define PIN (000052)

ITYM

#define PIN 42

 

[Gordon Burditt]

I want to work out an a short algorithm to generation pin number (max: 6

digits) based on unique ID (48 bits)
Let say the ID entered is 000000FB2C3A
which is 0x00, 0x00, 0x00, 0xFB, 0x2C, 0x3A.

Any good algorithm?

Populate a database with all in-use IDs and the corresponding PIN.
(Use true-random number generation to do this, which means that you
DO NOT depend on rand() or any other kind of pseudo-random number
generator. Consider rolling actual dice. Or let each user select
their own.)

Using an algorithm to generate a PIN number, which is used for
security purposes, is a problem. If someone figures out the
algorithm, *ALL* of the PINs are compromised. This is a problem
even with relatively decent cryptographic hashes like MD5. (MD5
used to generate PINs from IDs will make it hard to figure out the
ID from the PIN, but it won't help in figuring out the PIN from the
ID.)

Look up the PIN corresponding to the ID and check if it matches.

Gordon L. Burditt

 

[Joona I Palaste]

#define PIN 42

Why? (000052) and 42 are the same number in C.

 

[Ben Pfaff]

If, as the term PIN suggests, you are thinking of this as some sort of
security function, then generating the PIN by some algorithm from the
"unique ID" is a Very Bad Idea. Once anyone figures out your
algorithm, ALL your IDs are toast.

You can make it difficult to figure out the algorithm, e.g. by
using a secure cipher or keyed hash function. But this is a
better topic for sci.crypt.