Attack vectors for Chaindeck

This post considers the scenario where adversaries gain access to the owner’s Chaindeck and attempt to chain the cards to read the Secret Phrase. Adversaries can include family and friends, housekeepers, maintenance workers, burglars, and criminal organizations.

There are two ways for adversaries to gain access to the Secret Phrase:

  1. Factory Chain Check: One of the first things an adversary attempting to replicate the way the owner chained the cards would do is to put the cards in the factory chain they come out of the box. This would check if the Factory Chain Method was used in less than 15 minutes.

  2. PIN Brute-Force: Second straightforward approach would be to try all possible PINs to find the Secret Phrase, if the PIN Method was used. In this case, all the PINs can be tried one at a time. It takes about 20 minutes to try a PIN from a random chain. It takes about 6 minutes to only change the third PIN digit. Therefore, it takes 74 minutes to try a batch of 10 PINs, giving an average of approximately 7 minutes per PIN. This means it would take about 58 hours of arranging the cards nonstop to guess the correct PIN on average (500 x 7 minutes = 58 hours).

  3. Visually Solving: Try to chain the cards by looking at the markings and trying to match patterns (like solving a puzzle).

The effectiveness of chaining the cards visually depends both on how well the Secret Phrase and false markings were written, and on the skill level of the adversary.

The black background and the black card stock of Chaindeck cards prevent ink leakages into the paper from being noticed and pattern-matched.

After trying to visually solve the deck, the adversary will eventually find 2-5 cards in the correct chain. At this point, the Chaindeck design prevents the PIN from being easily determined by the adversary. In fact, the reason for Sorting Numbers having colors and the Direction Arrow needing to be looked up by the color is to add more security to this situation.

Chaindeck has the following design features to make visually solving Chaindeck more difficult once a few cards are found in the correct chain.

  • 3-digit Sorting Numbers: Even though two digits are enough to sort 100 cards, Sorting Numbers have three digits in order to make adjacent cards in the correct chain more difficult to identify.

  • Direction Arrow - Color lookup: Knowing how the cards are rotated does not directly reveal the correct third digit of the PIN, as all orientations are possible for each value of the third digit.

  • Sorting Number distribution: The Sorting Numbers appear on both faces of the card. This allows the correct “up” direction to be not obvious, doubling the possibilities.

The following mitigations are available against this attack vector.

  • False markings on different chains can be made to “throw off” an adversary.

  • Multiple decks can be used to make it more difficult to solve.

  • Divided and separately stored deck(s).

